Deploying the ISA Controller
The InstaSafe Controller plays a pivotal role within the InstaSafe Cloud, serving as the central module for enforcing access control in network connectivity. It acts as the central point to which InstaSafe Agents and Gateway Agents establish independent DTLS tunnels. The Controller is responsible for implementing policies, deciding whether to allow or deny application access based on the configured access rules. In the context of ISA User Agents, the Controller's role commences after the User Agent successfully completes authentication, Geo Location check, Device Binding check, Device Check, and secondary authentication, such as 2FA/MFA.
Provisioning the Controller
ISA Controllers are provisioned on either single or multiple cloud servers, strategically located at various geo-locations depending on the deployment. The selection of the cloud server is based on proximity to customer premises in order to minimize latency. Each tenant necessitates the provisioning of one or more Controllers. The decision to provision more than one Controller is contingent upon the customer's user license requirements. In cases where the number of users exceeds 1000, multiple Controllers are provisioned. Server selection for Controller deployment considers not only proximity to customer premises but also factors in the availability of processing and memory capacity on the servers.
Adding a Controller on the ISA web portal
After the Controller is provisioned, the cloud server is selected during the creation of the Controller on the web portal. A public IP address is automatically assigned based on the chosen cloud server, and a unique port number is assigned for its identification. Each Controller within the same cloud server must have a unique port number. While both TCP and UDP ports are supported, using UDP is recommended. When adding the Controller on the portal, an internal network is assigned. The size of the network is determined by the number of user licenses required. The IP addressing schema is chosen as per the customer's internal network. IP addresses from this network are later allocated to the virtual tunnel adapters on the end-user and Gateway devices.
Upon adding the Controller on the portal, it actively listens on the public IP address assigned by the cloud server and the designated port number. When a User or Gateway Agent connects to the ISA web server, the domain name of the public IP address and the port number are appended to the Agent configuration file after the successful completion of user authentication and device compliance checks.
Controller Start/Stop, Restart, and Commit Operations
The ISA web portal administrator can perform the following operations on the Controller:
Start - To initiate or activate a Controller. It allows the Controller to begin its operations or perform its designated tasks. Starting a Controller means enabling its functionality.
Stop - To halt or terminate the operation of a Controller. It instructs the Controller to cease its activities and enter a state of inactivity or standby.
Restart - To refresh or reset a controller. When issued, it causes the controller to stop its current operation, followed by an immediate start, effectively rebooting the controller. This can help resolve Agent connectivity issues.
Commit - Typically used in a version control or configuration management context. It is used to confirm and apply changes that have been made to a system or configuration. Once committed, the changes become permanent and are often saved in a version history or configuration database.
By default, when a Controller is added on the web portal, its status is Stopped. It must be manually started by clicking Start. When the controller status is Running, it signifies that the Controller is in active mode. In this state, the Controller is actively performing its designated functions, tasks, or processes, and is ready to receive and respond to input, commands, or requests. This status indicates that the controller is actively engaged in its role and is available for its intended purposes.
Except in high availability deployments, the Controller must remain in active mode. If a Controller is stopped, User and Gateway Agent connectivity is lost.
When a new Gateway is added or any information in the Gateway changed, the pending changes must be committed by clicking Commit and the Controller must be restarted by clicking Restart.
In addition, it is recommended to commit and restart the Controller in the following scenarios:
When a device is deleted.
When an authentication profile is added.
When the Gateway Agent is unable to connect to the Controller.
When the User Agent is unable to connect to the Controller.
When the User Agent is unable to access corporate resources.
Types of Controller Deployments
Cloud Deployment: Both the Controller and Gateway are deployed on the cloud.
Hybrid Deployment: In this setup, the ISA web portal resides on the cloud, while the Controller is deployed on-premises. As the Controller also serves as a Gateway, a separate Gateway is not required in hybrid deployments.
On-Premises Deployment: All components of InstaSafe Secure Access, including the web portal, Controller, Gateway, SMS gateway, and email server, are installed on-premises. Currently, only VMWare Workstation is supported for on-premises deployments. For on-premises deployments, a Virtual Machine Disk (VMDK) file is shared with the customer. The image is preallocated with 4 CPU cores, 4 MB memory, and 8 GB storage. Storage can be extended based on usage requirements.
Active and Passive Modes
Active Mode - When the Controller status is Running, the Controller is in active mode. In this state, the controller is actively performing its designated functions, tasks, or processes, and it is ready to receive and respond to input, commands, or requests. This status indicates that the Controller is actively engaged in its role and is available for its intended purposes.
Passive Mode - When the Controller status is Stopped, the Controller is in passive mode. In this state, the Controller is not actively performing its designated functions, tasks, or processes. It is temporarily inactive, not responsive to input, commands, or requests, and is essentially on standby or in a state of rest. The Stopped status implies that the Controller is not actively engaged in its role at that moment, and is not currently available for its intended purposes.
Active-Passive Deployment
In deployments demanding high availability for all critical systems, ISA can be configured in Active-Passive mode to ensure redundancy. In such setups, multiple Controllers are deployed across distinct cloud servers, each configured with identical network sizes and port numbers.
For example, when an active Controller is deployed in Cloud Server A with a 10.10.0.0/16 network and listening on UDP port 1355, a passive Controller is simultaneously deployed in Cloud Server B with the same 10.10.0.0/16 network and listening on UDP port 1355. In the event that Cloud Server A needs to be shut down, the Controller in Cloud Server B can be manually activated, providing a manual active-passive deployment mechanism. When Cloud Server A is shut down, users connected to the Controller deployed therein will be disconnected and must be reconnected to the new Controller in Cloud Server B.
Active-Active Deployment
In deployments where the user count exceeds 1000, a strategy of deploying multiple Controllers is employed to effectively distribute the load. For instance, if there are 5000 users, five Controllers are deployed to ensure optimal performance and efficient resource utilization.