Which is the VMware recommended persistence mode for load balanced VMware Unified Access Gateway servers?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://pdfs.loadbalancer.org/Vmware_Horizon_Deployment_Guide.pdfVMware Unified Access Gateway (UAG) is a virtual appliance that provides secure remote access to applications in the corporate network. Load balancing is a key component of UAG deployment to ensure that traffic is distributed across multiple UAG instances.
When load balancing UAG servers, it's important to configure persistence to ensure that user sessions are maintained on the same UAG instance throughout the session's duration. Persistence helps to ensure that session data, such as session cookies or SSL sessions, is maintained even if traffic is redirected to a different UAG instance.
VMware recommends using SSL Session Persistence for load balanced UAG servers. SSL Session Persistence is a method of maintaining session persistence by using the SSL session ID. When SSL session persistence is used, the load balancer maintains the SSL session ID and redirects all subsequent requests with the same SSL session ID to the same UAG instance.
This method of persistence provides the most secure and reliable way to maintain user sessions, as the SSL session ID is unique to each user session and cannot be easily tampered with. Additionally, SSL Session Persistence does not require any additional configuration on the UAG servers, making it easy to implement.
Source IP-based Persistence is another option for maintaining persistence, but it can be less secure as IP addresses can be spoofed or changed. Cookie Persistence is also an option, but it requires additional configuration on the UAG servers and may not work with all applications. Destination IP-based Persistence is not recommended for UAG load balancing as it can result in uneven distribution of traffic.
In summary, VMware recommends SSL Session Persistence for load balancing UAG servers as it provides the most secure and reliable way to maintain user sessions without requiring additional configuration on the UAG servers.