High Availability View - Active Directory

When utilizing the Active Directory Integration deployment type in an AD environment, all installed servers are displayed in the Servers tile of the Dashboard screen in the ESA Web Console. When more than one core service is detected on the network, all servers are listed.

Each ESA Authentication Server installed on the domain registers itself in AD DNS using an SRV record (as _esetsecauth._tcp). When an endpoint (such as a web application or a VPN appliance) begins authentication, it first checks its internal list of known servers. If the list is empty, it performs an SRV lookup. The SRV lookup will return all Authentication Servers on the domain. The endpoint then chooses an Authentication Server to connect to. If the connection fails, it selects another server from the list and attempts to connect again.

If network redundancy is a concern when protecting your VPN with ESA, it is recommended to configure primary and secondary RADIUS authenticators on your VPN appliance. You should then install two ESA RADIUS servers on your network, and configure them accordingly.

Multiple Authentication Servers utilizing Standalone deployment type