1
00:00:03,240 --> 00:00:05,500
That brings us to the end of this module on high availability.

2
00:00:05,500 --> 00:00:10,430
You should now have a good idea how to expand your VPN and NPS infrastructure,

3
00:00:10,430 --> 00:00:13,840
adding additional servers to eliminate single points of failure,

4
00:00:13,840 --> 00:00:17,270
and make the solution more redundant and more resilient.

5
00:00:17,270 --> 00:00:19,690
This is crucial to maintaining service availability,

6
00:00:19,690 --> 00:00:23,270
because as we know, Windows Servers need to be updated periodically,

7
00:00:23,270 --> 00:00:27,560
like every month, and those updates commonly require the server to be restarted.

8
00:00:27,560 --> 00:00:27,830
So,

9
00:00:27,830 --> 00:00:31,550
having a redundant infrastructure in place ensures the

10
00:00:31,550 --> 00:00:34,340
service remains up even during planned outages,

11
00:00:34,340 --> 00:00:36,050
like Windows Updates.

12
00:00:36,050 --> 00:00:39,670
And, of course, this means that if a server is offline for any unplanned outage,

13
00:00:39,670 --> 00:00:39,980
again,

14
00:00:39,980 --> 00:00:44,340
we can maintain the service while administrators work to address the issue.

15
00:00:44,340 --> 00:00:46,290
Of course, for many larger deployments,

16
00:00:46,290 --> 00:00:50,480
deploying a single VPN server or a single NPS server

17
00:00:50,480 --> 00:00:52,120
simply won't provide enough capacity,

18
00:00:52,120 --> 00:00:55,740
so adding more servers becomes necessary to ensure that we

19
00:00:55,740 --> 00:00:58,140
have enough resources to meet demand.

20
00:00:58,140 --> 00:00:58,750
And finally,

21
00:00:58,750 --> 00:01:00,790
I would encourage you to investigate the use of a

22
00:01:00,790 --> 00:01:04,040
dedicated third‑party external load balancer.

23
00:01:04,040 --> 00:01:06,380
This is going to provide not only the best performance,

24
00:01:06,380 --> 00:01:08,740
but really the best experience overall.

25
00:01:08,740 --> 00:01:10,240
NLB works, of course,

26
00:01:10,240 --> 00:01:13,570
but an external load balancer provides more advanced features,

27
00:01:13,570 --> 00:01:16,080
better visibility control of network traffic,

28
00:01:16,080 --> 00:01:18,150
including, you know, traffic distribution,

29
00:01:18,150 --> 00:01:20,440
and load balancing algorithms, and so forth,

30
00:01:20,440 --> 00:01:23,920
which ultimately make your life, as the Always On VPN administrator,

31
00:01:23,920 --> 00:01:24,750
that much easier.

32
00:01:24,750 --> 00:01:28,260
But integrated Windows NLB is supported, and it does work. I would

33
00:01:28,260 --> 00:01:30,750
just caution you that it may not be the best choice,

34
00:01:30,750 --> 00:01:41,000
especially for larger deployments. Join me in the next module, where we discuss monitoring and reporting options.