Join the Community
Co-Authors: Rory Bray and George MinaDisaster recovery (DR) is a key element to protecting against availability zone (AZ) failures particularly in AWS environments where EC2 instances are hosted in multiple global locations. Those instances should be distributed across multiple AZ’s in order to reduce the risk of failure and enable requests to be handled in another AZ. If on the other hand, all instances are located in a single location and a failure occurred, none of those instances would be available.
QRadar provides a number of features related to DR with the recent availability of the IBM QRadar Data Synchronization App. This app provides a resilience solution for QRadar deployments to ensure that operations can continue to function as normal as possible in DR scenarios. If your hardware or network fails, IBM QRadar can continue to collect, store, and process event and flow data.
In the context of AWS availability zones, QRadar can be configured to meet DR and HA requirements by leveraging AWS Lambda. The steps are as follows:
Setup for CloudWatch alarm based on UnHealthyHostCount metric
The above steps show how users can automate fail-over scenarios for QRadar in AWS environments via multi availability zone resilience.
Key Features
Learn More: