ADC

Configure secure heartbeats

November 28, 2023

Contributed by:

The secure heartbeats feature provides protection against network attacks such as tampering and replay attacks. When you enable the secure heartbeats in a cluster setup, NetScaler authenticates the heartbeat packets and checks for packet integrity to protect against network attacks. If the authentication or packet integrity check fails, NetScaler drops the heartbeat packets.

You can enable or disable the secure heartbeats using the secureHeartbeats parameter of the set cluster command.

Note:

Secure heartbeats must be configured from the cluster IP address.

Ensure that all the cluster nodes are running release 14.1 build 12.30 or later.

Configure secure heartbeats using the CLI

To enable the secure heartbeats:

Enable the secure heartbeats.

set cluster instance <clId> secureHeartbeats ENABLED
Save the configuration.

save ns config
Verify the configuration.

sh cluster instance <clid>

Example configuration:

> set cluster instance 1 secureHeartbeats ENABLED
Warning: [The Secure Heartbeats feature must be set in the cluster IP (CLIP) address.]
 Done
> save ns config
 Done
> sh cluster instance 1
1) Cluster ID: 1
        Dead Interval: 3 secs
        Hello Interval: 200 msecs
        Preemption: DISABLED
        Propagation: ENABLED
        Quorum Type: MAJORITY
        INC State: DISABLED
        Process Local: DISABLED
        Retain Connections: NO
        Heterogeneous: NO
        Backplane based view: DISABLED
        Cluster sync strict mode: DISABLED
        DFD Retain L2 Params: DISABLED
        Cluster Proxy Arp Status: ENABLED
        Secure Heartbeats: ENABLED
        Cluster Status: ENABLED(admin), ENABLED(operational), UP

        WARNING(s):
                (1) - There are no spotted SNIPs configured on the cluster. Spotted SNIPs can help improve cluster performance.

        Member Nodes:
        Node ID     Node IP            Health     Admin State  Operational State
        -------     -------            ------     -----------  -----------------
1)      1           10.102.58.124      UP         ACTIVE       ACTIVE
2)      2           10.102.58.125      UP         ACTIVE       ACTIVE
3)      0           10.102.58.123*     UP         ACTIVE       ACTIVE(Configuration Coordinator)

 Done
<!--NeedCopy-->

To disable the secure heartbeats:

Run the following commands to disable secure heartbeats.

set cluster instance <clId> secureHeartbeats DISABLED
save ns config

Configure secure heartbeats using the GUI

To enable the secure heartbeats:

Navigate to System > Cluster.
In the details pane, click the Manage Cluster link.
In the Configure cluster instance page, select the Secure Heartbeats checkbox.
Click Save, and then click Yes.

To disable the secure heartbeats:

In the Configure cluster instance page, clear the Secure Heartbeats checkbox.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Configure secure heartbeats

November 28, 2023

Contributed by:

November 28, 2023

Contributed by:

Configure secure heartbeats

Configure secure heartbeats using the CLI

Configure secure heartbeats using the GUI

In this article