Demo: Use VNS3 to secure your Windows Server Failover Cluster
By Bob Smetana
How to guide: Set up a Windows Server Failover Clustering (WSFC) with SQL server AlwaysOn using VNS3 Overlay Networks
Windows Server Failover Clusters (WSFCs) are often an essential piece of critical systems. WSFCs provide a suite of tools to make systems faster and more reliable. Configuring WSFCs with VNS3 allows you to cluster physical and virtual servers regardless of physical location and network configuration.
While you can set up a WSFC in any environment, it is still up to you to protect your data in motion between nodes.
Suppose you have a node that is required to be off site. In order to remain secure, you must use additional hardware to provide connectivity from one location to the other.
VNS3 solves the security and connectivity issues elegantly. Each node can be connected to the VNS3 overlay network via a clientpack — each machine would then have an encrypted connection to a secure virtual network you control. All that is required for each node is an internet connection and open security groups to your VNS3 controller’s IP address.
In this example, VNS3 lets you use any cloud environment with an additional a layer of security and control over top.
This configuration frees you from the bounds of hardware and unfamiliar software without compromising security or flexibility. You can even cluster virtual machines in any major cloud with on-site machines, allowing your users to enjoy security, high availability, and low latency.
In Windows, connections to VNS3 appear as ethernet adapters. From the perspective of each node, this configuration appears identical to a fully local configuration, with all nodes on the same network and subnet. This simplifies Failover Cluster implementations and helps administrators conceptualize complex network ecosystems.
In Windows, connections to VNS3 appear as ethernet adapters.
VNS3 can also provide a modular approach to Failover Clustering. If you already have a WSFC implementation, VNS3 can connect to your cluster’s local network via IPsec, allowing your existing nodes to communicate with additional nodes anywhere in the world.
Availability group and listener communicating via the VNS3 overlay network.
Watch Bob Smetana’s full demo on YouTube: https://youtu.be/gzUG6Rvd0qs
Note — This guide uses the WSFC CloudFormation template and Windows server 2012 R2 and SQL server 2014 Enterprise. Other editions will work, but won’t match the video guide exactly.
See more VNS3 setup and troubleshooting guides on our Product Resources page: https://cohesive.net/support/product-resources and on our YouTube channel: https://www.youtube.com/channel/UCxUHpNVW5jKLpxoTV27qx6A
By: Margaret Valtierra
Originally published at cohesive.net on October 11, 2016.
