search cancel

VIP Enterprise Gateway Business Continuity

book

Article ID: 151020

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

VIP Enterprise Gateway Business Continuity

Environment

VIP Enterprise Gateway

Resolution

What is Business Continuity Mode?

Business Continuity Mode (BC) is for situations where internal network, DNS, or other issues are affecting connectivity to userservices-auth.vip.symantec.com

When active, any six-digit code is accepted to pass MFA. The end-user experience is unaffected and is unaware the service is accepting any six-digit code. In this mode, PUSH and Out-Of-Band (OOB) features will not work (VIP Push, SMS, or Voice or Email). User will need to manually entire the security code. 

Note: If you are using a VIP Enterprise Gateway validation server with User ID + LDAP Password + Security Code mode (ULO), the validation server turns off if there are LDAP connectivity issues. BC mode requires a working LDAP connection and the service to be on.

Note: If you are using the VIP JavaScript with Enterprise Gateway 9.8.4 in your application, entering BC mode will allow the six-digit codes to pass. Entering BC mode on 9.8.3 or earlier will cause JavaScript validations to fail.

How to set Business Continuity Mode to Automatic on VIP Enterprise Gateway

  1. Log in to the Enterprise Gateway console (Example, default: http://localhost:8232/vipegconsole).
  2. Click the Validation tab.
  3. Under the Action column, click Edit for the validation server you want to enable Business Continuity mode on.
  4. Scroll down the page to find the section titled Business Continuity.
  5. Click the option for Automatic.
  6. Then click Submit.
  7. The validation server must be restarted for the change to take effect.  

    Note: By default, Disabled is selected. Select Automatic to enable Business Continuity in automatic mode. In this mode, the Validation server detects the connectivity issues automatically. If it cannot reach the VIP Authentication Service, the Validation Server switches to the Business Continuity mode until connectivity is re-established. Select Enabled to force Business Continuity mode on (for testing only). To configure email notifications business continuity, go to Settings > Health Check Settings and configure the email template. 

How to set Business Continuity Mode mode for ADFS ( requires separate BC mode module installation)

  1. Log on to the Primary ADFS server.
  2. Open the VIP Integration Settings application.
  3. Click the Enable Automatic Business Continuity Mode check box.
  4. Click OK and then open Services.msc.
  5. Find Active Directory Federation Services and then restart the service. Note: This will reset all ADFS connections for all hosted SSO applications.
  6. If you have multiple ADFS farm machines the same steps will need to be followed for all servers in the cluster.
  7. To return to non-BC mode, open the VIP Integration Settings application and uncheck the Enable Automatic Business Continuity check box. Click OK.
  8. Open Services.msc.
  9. Repeat step 5.
  10. Verify that users can log in.

Need More Information?

Detailed information on monitoring the availability of the VIP cloud platform and gracefully handling service degradations to allow business continuity is available in the attached PDF document.

Attachments

VIP_Business_Continuity_Preparedness.pdf get_app