This document describes the ways multiple appliances in the Safeguard product line can be deployed together.
The backbone of a Safeguard deployment are two appliances: One Identity Safeguard for Privileged Passwords (SPP) and One Identity Safeguard for Privileged Sessions (SPS).
SPP and SPS appliances provide different functionality. You can use them together or independently.
SPP provides asset and account discovery, password rotation and management, and access request workflow.
SPS provides transparent or non-transparent interception of remote admin protocols, audit recording and video-like playback of sessions and analytics if One Identity Safeguard for Privileged Analytics (SPA) is licensed and enabled.
When used together, the two main operational modes are SPP-initiated (or Passwords-initated) and SPS-initiated (or Sessions-initiated).
In SPP-initiated mode, users request access on the portal of SPP and when they are granted access, they are connected to the target account through SPS. See
In SPS-initiated mode, users connect directly to a target server, SPS intercepts the traffic and fetches the required credentials from SPP.
SPP and SPS appliances solve scalability and high availability independently, but they can interoperate to ensure the correct operation of the entire deployment.
The term clustering is often used with different meanings. SPP and SPS appliances can be clustered to provide:
Audit data replication
Interoperation between SPP and SPS appliances
For clarity, we will use the more specific terms throughout this document where possible.
Multiple SPP and SPS appliances can be connected to ensure high availability. This enables the continuation of vital technology infrastructure and systems.
SPP and SPS appliances can be connected to ensure immediate recovery after a natural or human-induced disaster. Disaster recovery reduces downtime and data loss.
Connecting multiple appliances allows load distribution and scaling to loads beyond the serving capability of a single appliance, while ensuring that you can configure and operate the deployment as a single solution instead of multiple independent appliances. Both SPP and SPS clustering provide scalability features to reduce management and operational costs.
You can connect an SPP cluster to one or more SPS clusters to combine their functionality, for example, to provide password rotation and session recording for the same accounts.
SPP ensures shared configuration, scalability, high availability (HA), and disaster recovery through a single architecture. You can join 3 or 5 SPP appliances into a single cluster. All important information is replicated within the entire cluster and the cluster remains functional if some of the appliances fail. You can also distribute load between the appliances in the cluster.
Figure 1: Clustering in SPP
SPS follows a different approach and solves high availability and disaster recovery independently of shared configuration and scalability.
Ensure high availability by adding a hot-spare pair to every SPS appliance that replicates all information from the first appliance and takes over all its functionality in case of a failure but serves no production traffic until the takeover occurs.
Ensure shared configuration and scalability by clustering multiple SPS appliances (or HA pairs of appliances) together to control and monitor them from a single pane of glass.
To use HA and scalability at the same time, you need to configure them independently.
A SPS HA pair always consists of two nodes: a primary and a secondary.
An SPS scalability cluster consists of an arbitrary number of nodes with varying roles. For more information, see Scalability in One Identity Safeguard for Privileged Sessions (SPS)
Figure 2: Clustering in SPS
SPP and SPS clusters can work together and support each other’s HA and scalability models through the SPP-SPS join.