2 Replies Latest reply: Sep 19, 2011 2:02 AM by Matteo Fioroni RSS

    Best configuration to enforce security and performance

      Hi all!

      I started this thread to collect some ideas to improve securty and performance issues in qlikview publisher server architecture.

       

      Now I have a monolithic system: single installation of publisher and server on a single machine, but I need to change to a more scalable and secure one.

       

      I think the best choice may be to separate publisher from web server: I have a lot of documents reloaded hourly and may influence the performance of web server accessing other documents, may be?

       

      So we can enumerate the first step of my architecture:

       

      - Step 1: Two servers one dedicated to publisher and one dedicated to web server (browsing document) (what about virtual servers?)

       

      At this point I think that the documents repository can be placed on SAN with NTFS controlling documents access (Active directory accounts).

      The account rights travel over the network by a custom SSO system.

       

      So, we define the second step:

       

      - Step 2: Which web server architecture may enforce this? Qlikview Web Server or IIS server?

       

      At this point my knowledge isn't enought to define the next steps...

       

      - Step 3: May be usefull to set-up a versioning system on SAN repository? Qlikview has it's own features to enforce this?

      - Step 4: Replication, how can I enforce system continuity and disaster recovery?

      - Step 5: Management console? I'm looking for a way to give the user/admin only the right to manage tasks over a subset of the document managed by the server...

       

      That's all...the argument is very complex...but very interesting and I'm glad to have yours suggestion and to know how you solved the security and performance problem...

       

      Thank you

       

      Matteo

        • Best configuration to enforce security and performance
          Brent Nichol

          You have a good vision for the server environment, but I'm not sure if there is a simple way to accomplish it all.

           

          I currently manage a version 9 SR7 environment like the one you described in STEP 1.  The 2 servers are identically spec'd, with one operating as the Production Web Server and the other running Publisher and UAT Web Server.

           

          Step1:  Unless you have minimal load and server requirements, I would avoid VMs.  Publisher consumes as much CPU as it can, and QWS consumes huge amounts of RAM.  Together they would probably impact others servers on the VM.

           

          Step2:  We are currently using QlikView Web Server without difficulty.

           

          Step3:  I'm not aware of a QlikView change management repository.

           

          Step4:  The servers are spec'd the same to provide some level of DR redundancy.  Also, the storage of documents on the SAN simplifies their distribution and access from both servers. 

           

          Step5:  I know v10 has improved the granularity of the management console, but your request sounds beyond to current functionality.  Any solution would need to be a kludge on your part.

           

          Good Luck,

          B