Skip to content


Management and Security Server (MSS) can be configured to provide high availability with a cluster of MSS servers.


Before you upgrade— If your environment uses Replication in Management and Security Server, all servers must be set to Standalone (no Master or Slaves) before you upgrade to MSS 12.7 or higher. See Upgrading Replicated Servers in the MSS Installation Guide for detailed steps. The upgraded servers can then join a cluster.

Follow the steps for your environment.

Why create a cluster of MSS servers?

The MSS server is installed as a standalone server. While this type of deployment provides full functionality and access to all services, it lacks the attributes to provide high availability and redundancy that remove single points of failure.

By creating a cluster of at least three MSS servers, the data is replicated to each server. If one of the clustered servers goes down, another server can seamlessly provide the data.

What data does not get replicated?

All configuration elements of the clustered servers are replicated except:

  • Log files
  • Activation files. You must install or update the activation files on each clustered node.
  • Credential Store settings
  • Some Certificates settings. See X.509 Certificates Setup Requirements
  • The password that unlocks the keychain (See Keychain for details.)
  • Package data If you cluster an MSS server that contains packages for Windows-based sessions, the assignments and settings are automatically replicated. However, the package data must be manually copied to each server.
  • The Web Agent name, when SiteMinder is used for authentication The Web Agent name must be set separately for each replicated machine.