ZPA DR PLAN Scnario

We need to achieve the below scenario as per ZPA DR PLAN. Kindly let us know how we can achieve the same.

SCENARIO 1: Application “A1” is hosted in AZURE CLOUD-SINGAPORE. The same instance of the application A1 is also available in AZURE CLOUD-MUMBAI. If the application A1 is not available due to any reason from the connector on AZURE CLOUD SINGAPORE, how we can redirect a user traffic to the same instance of A1 cloud hosted in AZURE CLOUD-MUMBAI which acting as a DR.

Also, how we can make the Primary instance of A1 application and secondary application of A1(Which is in DR) can be synced through Zscaler? What is the way forward?

The above case is only assumed if one or a few applications are not working in a particular cloud, and connectors are working fine.

SCENARIO 2: WHEN connectors are down on one AZURE cloud, how we can redirect the traffic to our DR site automatically? How we can achieve this?

many Thanks if someone can guide me on this.

Hello Jitumani,

Scenario 1:

If A1 goes down in Singapore, Connector for A1 will report this to ZPA and from that point on, ZPA will automatically redirect any following application requests for A1 to Mumbai. This is assuming health reporting for A1 has been explicitly configured as Continuous in App Segment for A1. You can learn more about health reporting here - https://help.zscaler.com/zpa/about-health-check-and-reporting

Also, how we can make the Primary instance of A1 application and secondary application of A1(Which is in DR) can be synced through Zscaler? What is the way forward?

Connectors in ZPA will report reachability of the application, if the application is available. So if the application in DR site is available, it will be used for providing access. One way to achieve the described scenario, would be to disable reachability to app in secondary site until the app instance in the primary site goes down and then eventually enable reachability to app in secondary site.

Scenario 2:

If a Connector becomes unavailable, ZPA will select other available Connectors for a given application.

1 Like

most importantly the application should define explicitly in order to monitor the health of the application, should not be a wildward application.