Break the Glass Solution Design

I'd like to discuss this more, debopam basu konsult , if you don't mind.

For example, to dig in a little deeper in each scenario and see what your expectations would be.

Starting with 1. PAM SPP service is not working.

Could you elaborate on that? A production deployment of SPP should consist of a minimum of 3 clustered nodes. So you immediately have redundancy in hardware and the data. You can also go as far as geolocating those nodes (however, you need sufficient bandwidth between your hosting/data centers). So when you say, "SPP service is not working", I don't think that means due to hardware failure. So it could mean networking? But again, with a geographical setup of the cluster, you should have network redundancy as well. So the next thing I can think of for "SPP service is not working" would be a complete software failure or misconfiguration. Perhaps one of the cluster nodes goes into quarantine. I've seen that happen, like when applying a patch file or something. But again, I have never seen it happen to all nodes of a cluster at the same time. During a cluster patch, if there is a failure, the patching stops.

So I'm struggling to see a scenario where "SPP service is not working" can happen. But let's say it does. What would your expectation for "break the glass" be? Would restoring from a backup be sufficient? You can restore a backup to a single node and then access data on it. You should be taking regular backups, and then downloading those backups, password protected, and archiving them in some offsite storage.

Or do you have some other expectation for "break the glass". Like for example, downloading a text file that contains all accounts and passwords?

I'd like to discuss this more, debopam basu konsult , if you don't mind.

For example, to dig in a little deeper in each scenario and see what your expectations would be.

Starting with 1. PAM SPP service is not working.

Could you elaborate on that? A production deployment of SPP should consist of a minimum of 3 clustered nodes. So you immediately have redundancy in hardware and the data. You can also go as far as geolocating those nodes (however, you need sufficient bandwidth between your hosting/data centers). So when you say, "SPP service is not working", I don't think that means due to hardware failure. So it could mean networking? But again, with a geographical setup of the cluster, you should have network redundancy as well. So the next thing I can think of for "SPP service is not working" would be a complete software failure or misconfiguration. Perhaps one of the cluster nodes goes into quarantine. I've seen that happen, like when applying a patch file or something. But again, I have never seen it happen to all nodes of a cluster at the same time. During a cluster patch, if there is a failure, the patching stops.

So I'm struggling to see a scenario where "SPP service is not working" can happen. But let's say it does. What would your expectation for "break the glass" be? Would restoring from a backup be sufficient? You can restore a backup to a single node and then access data on it. You should be taking regular backups, and then downloading those backups, password protected, and archiving them in some offsite storage.

Or do you have some other expectation for "break the glass". Like for example, downloading a text file that contains all accounts and passwords?