Designing SCOM
Hi team,
The scenario is:
Domain A: 300 servers and in DMZ 100 servers are there in a trusted boundary.
Domain B: 50 servers.
Domain C: 50 servers.
No trust between these domains.
The servers in Domain B & C (un trusted domain) should be monitored from domain A. For this i got a solution that deploying gateway server in the domain B & C will communicate
to the management server in domain A.
My question is
Do I need to have gateway server in Domain A to communicate with management server or Kerberos itself enough for servers in DMZ?
How many management servers are needed for this scenario?
Or how can I design this senario to work efficiently?
P.S.: Kindly correct me if I’m wrong in any of the places as I’m new to this.
Thanks,
Arun V
October 14th, 2010 1:44pm
Hi Arun V,
1. If you're have a kerberos trust(same forest and all appropriate ports is open) with DMZ servers then youdonot need a gateway, but you'll have to open port 5723 from every DMZ server to management server.
2. From my perspective - at least two management servers in A(RMS and MS), two gateways (B and C). Details depends on your servers' hardware specs, on high availability level you need and so...http://OpsMgr.ru/
Free Windows Admin Tool Kit Click here and download it now
October 14th, 2010 1:54pm
Thanks a lot Alexey.
It would be a great help if specify the hardware configuration which is most suitable for this scenario which includes high availability.
October 14th, 2010 2:22pm