For most customers where remote control access is mission critical, Impero recommends that multiple, redundant Security Servers are implemented. Two or more Security Servers will be able to provide fail over for the authentication services they provide.
The address or DNS name of each Security Server must be included in the Impero Host's TCP/IP communication profile broadcast list. The first Impero Security Server that responds to the Host's request for authentication services will be the server that handles the authentication process. If one server is off-line, any additional server can handle authentication the request.
Setting up redundant Security Servers reduces the likelihood of a single point of failure. Multiple Security Servers must be configured to log into the same database. Impero recommends that the database be hosted in an SQL clustered or mirrored environment. (Attempting to use separate databases for two or more Security Servers using the same public key will cause likely erratic behavior.)
Additional recommendation for redundancy in the Impero activity logging to the server:
If both your Host and Guest modules are configured to log Impero activity to the Security Server database, Impero recommends that your Hosts all be configured to log to one Security Server and that your Guests all be configured to log to a second Security Server. In this way you will also have fail over in the log data for Impero connection events since the Host will be logging the connection event to one server and the Guest will be logging the same connection event to a second server.