The EmpowerID enterprise system is built on a tiered architecture including Web, Application, and Database tiers. EmpowerID is architected to be an N+1 processing system with each process and job configurable to run on a single host or to automatically balance across multiple hosts for a fully redundant processing capability. Each server communicates an "I'm alive" heartbeat with the database to verify its availability to process requests. All jobs operate in a process claim mode which allows any server to process any job or perform any role that it is configured to perform in concert with the other servers and services.Jobs and processes leverage queues so processes aren't interrupted when servers go offline and changes can be batched up and retried. The EmpowerID web servers are all stateless front-ends supporting any external load balancing appliances or methodologies for distributing the Web traffic to the front-end servers. EmpowerID also has its own reverse proxy server that can function as a load balancer to provide native web load balancing. The database also supports SQL mirroring, clustering,and log shipping for database availability. Communication Zones can also be setup to automatically target local resources during processing. EmpowerID supports virtualization for all servers.
The below image depicts a typical representation of the EmpowerID Application and Process Architecture.
|
EmpowerID Enterprise Identity Warehouse — The Identity Warehouse provides the central identity store for SSO identities and federation to the various on premise and cloud-based applications with which EmpowerID integrates. The Identity Warehouse should be installed onto a high availability SQL cluster to serve as the enterprise identity hub for the EmpowerID system. Mirroring can also be established to facilitate Microsoft SQL's Always-on availability group capability.
For a conceptual overview of the EmpowerID Identity Warehouse, see Overview of the EmpowerID Identity Warehouse. |
|