• Digital Workspaces
          • Digital Workspaces

            Enable desktop & application virtualization, identity management, and secure remote access for work from home (WFH) employees

          • zPortal
          • Controller for desktop and application virtualization via shared hosted desktops and VDI

          • zGateway
          • Secure remote users working from any network on any device to protect corporate data

          • SnapVDI Thin Client (zTC)
          • Thin client endPoint devices for Citrix, Microsoft Hyper-V & WVD and VMware

          • zBrows
          • Provide secure browser-based access to virtualized corporate workspace users

          • zMFA
          • Integrated multi-factor authentication (MFA) for secure user verification on any device

          • zClient
          • Software client for installing on your endpoint devices for connection to zPortal and zGateway

    • Healthcare Solutions
          • Healthcare Solutions

            Remote patient monitoring platform and devices for clinicians and caregivers to remotely monitor the vital signs of their patients

          • ZettaRPM
          • Universal cloud-based remote patient monitoring platform for healthcare organizations

          • B.O.L.T Devices
          • Monitor, track, and improve patients’ health with remote patient monitoring (RPM) devices

    • Data Storage Appliances
          • Data Storage Appliances

            Reliable, high-performance SAN appliances with inclusive snapshots, replication, and  automated data tiering software

          • StorTrends 3500i
          • Extreme-performance SAN with Hybrid and All-Flash configurations to handle even the most demanding workloads

          • StorTrends 3400i
          • Highly reliable HDD-based SAN suited for data retention, backups and low-performance environments

          • StorTrends 3202j
          • Expansion shelf configurable as all-HDD, hybrid, or all-flash to seamlessly add capacity to the StorTrends 3500i or StorTrends 3400i

  • Knowledge Base
  • Company
  • Events
  • Support
  • Contact
  • Partner Portal

How Can We Help?

zGateway Cluster Overview

You are here:
< All Topics

zGateway High availability and load balancing feature enables always ON function of zGateway service with efficient utilization of hardware resources available and fault tolerance, required to support large number of remote users. The system enables thousands of remote users to access corporate services with maximum performance. The high availability and load balancing system is referred as zGateway cluster in this document.

zGateway cluster is an active-active cluster. All of the nodes can handle user connections with load balancing and hardware is utilized to the maximum.

zGateway cluster is accessed using a virtual IP address assigned to the active node (master) Cluster Manager Node.
End users connect to the virtual IP address of zGateway cluster. The Cluster Manager Node in active role receives the user connection, which redirects the user connection to gateway according to the selected load balancing algorithm. The routing of the TCP connections is at network level.

The zGateway cluster has following components:
1. zGateway nodes which hands user connections and provide VPN function
2. Load balancer module for load balancing user connections across zGateway nodes
3. zGateway configuration database nodes which stores all user configuration and session information.
4. zGateway management console is web based management console for managing all zGateway configuration
5. zGateway Cluster configuration module is an add-on to zGateway management console and is enabled when zGateway Cluster is configured.


zGateway cluster requires minimum two hosts (nodes) and can have maximum 14 nodes. Two of the nodes run zGateway cluster manager module. The cluster manager module runs in Active-Passive configuration. In a cluster only one cluster manager node can exist which receives all connections from end user. The zGateway cluster uses a virtual IP address to redirect all connections to Active Cluster Manager Node. The users connect to the virtual IP address. In case there is a firewall in front of zGateway cluster, port 443 on firewall must be forwarded to the virtual IP address of the cluster.

The Cluster Manager Node keeps checking the health of the other nodes and redirects the user connection to zGateway nodes which handles all connection crypto and VPN functions.

If Active Cluster Manager Node fails, the standby Cluster Manager Node acquires the virtual IP address and starts receiving user connections.

If any zGateway node fails, the connections from user to the failed zGateway node will terminate. If the application used by the user has reconnect function or based on user initiated reconnection, the new connection request from the application will be redirected by the Active Cluster Manager Node to the available, least loaded zGateway Node. User session information is replicated across the cluster. So in case of failure of any of the node, users are not required to authenticate with zGateway.

Following is the behavior of user connection during any failover incidence

Failing Node User Connection User Re-Authentication
Active Cluster Manager No impact, delay of 6 seconds during failover No re-authentication required
Standby Cluster Manager No impact, delay of 6 seconds during failover No re-authentication required
zGateway Node where user connection is terminated Application connection dropped, reconnection to available zGateway No re-authentication required

Cluster Manager Nodes balances the user connection load across zGateway nodes. zGateway Cluster Manager has multiple load balancing algorithms:
1.Round robin (DEFAULT)
2.Weighted Least-connections
3.Weighted round robin
4.Least connection
5.Locality based Least-Connection Scheduling
6.Locality based Least-Connection Scheduling ( R )
7.Destination Hash Scheduling
8.Source Hash Scheduling

Only following load balancing methods are recommended to be used:
1. Round Robin
2. Weighted Lead connections
3. Weighted round robin

Following is the network communication between different cluster node. It is highly recommended to deploy all cluster nodes in a single subnet in the DMZ.


All of the zGateway components can run on a single host. Alternatively, the components can be divided in following configuration
1. zGateway Node: zGateway Engine for handling user connection and zGateway management console
2. Cluster Manager Node (Cluster Node): Load balancer modules, zGateway Configuration database and zGateway Cluster Configuration module

Following different cluster configurations are possible

Configuration Type Deployment Type No. of Hosts Cluster Manager Nodes zGateway Node Count
Standalone No High Availability 1 0 1
Pre-Cluster Cluster ready for future 1 1 1
Full Cluster-1 Cluster with minimum hardware and shared services 2 2 2
Full Cluster-2 Growing cluster with partially shared services 3 2 3
Full Cluster-3 Deployment with dedicated hosts for different nodes 4-14 2 2-12

1. Standalone Configuration


2. Partial Cluster Deployment


3. Cluster deployment with 2 nodes


4. Cluster deployment with 3 nodes


5. Cluster deployments with dedicated nodes



Was this article helpful?
5 out of 5 stars
5 Stars 100%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Table of Contents