miniOrange On-Premise Architecture

Active-Active (Load Balanced Servers)

 

miniOrange Identity Server On-Premise Architecture

  1. miniOrange On-Premise solution allows you to deploy and setup an in-house SSO platform with the added benefit of having all the data on-premise.
  2. Firewalls protect internal components (servers, load balancers, caches and databases) from external, unauthorized access.
  3. Multiple servers can be setup to host the IdP and they can service requests through the Load Balancer.
  4. Load Balancer forwards requests to the underlying application servers hosting the Identity Provider. The IdP can service both TCP and UDP requests and appropriate routing can be configured on the load balancer.
  5. Database Cluster allows for persistent database storage for the IdP. The IdP supports a variety of database systems, such as PostgreSQL, MySQL/MariaDB and Microsoft SQL. The IdP supports both standalone database servers and clustered setups. In a clustered setup, replication can be setup as per need and the IdP will support both Master-Master and Master-Slave replication mechanisms).
  6. A Caching cluster is set up to allow for speedy access to frequently accessed data (such as session storage). The IdP supports the use of Memcached and Redis clusters.
  7. The IdP allows configuration of external identity stores/providers such as Active Directory, AD FS. This allows authentication from these existing systems for accessing cloud and on-premise applications. Relevant firewall rules can be configured so as to secure integration to these systems.
  8. The IdP also allows Multi-factor Authentication and Fraud Prevention on top of the Single Sign-On features to allow secure access to all cloud and on-premise applications.

 

Active-Passive (Disaster Recovery Servers)

 

miniOrange On-Premise Identity Server Solution Architecture

 

  1. miniOrange On-Premise solution allows you to deploy and setup an in-house SSO platform with the added benefit of having all the data on-premise.
  2. Firewalls protect internal components (servers, caches and databases) from external, unauthorized access.
  3. Multiple servers can be setup to host the IdP and they can service requests. In the Primary-Secondary configuration, there is a primary server which services requests. A secondary server acts as a stand-by server and is able to service requests in case of failure of the primary server.
  4. Database Cluster allows for persistent database storage for the IdP. The IdP supports a variety of database systems, such as PostgreSQL, MySQL/MariaDB and Microsoft SQL. In the Primary-Secondary configuration, a fail-over database acts as a secondary server and is able to service requests in case there is a failure on the primary database server. Appropriate replication is configured between the primary and fail-over servers.
  5. For caching, each of the primary and secondary servers are connected to their own cache server. This allows for speedy access to frequently accessed data (such as session storage).
  6. The IdP allows configuration of external identity stores/providers such as Active Directory, AD FS. This allows authentication from these existing systems for accessing cloud and on-premise applications. Relevant firewall rules can be configured so as to secure integration to these systems.
  7. The IdP also allows Multi-factor Authentication and Fraud Prevention on top of the Single Sign-On features to allow secure access to all cloud and on-premise applications.

 

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com