Central Management Central Management allows you to administer multiple Web Gateway appliances in your network as nodes in a common configuration. A configuration of multiple appliances administered through Central Management is also referred to as a cluster. When administering a Central Management cluster, you are dealing mainly with: Nodes — Appliances run as nodes that are connected to each other sending and receiving data to perform updates, backups, downloads, and other jobs. Node groups — Nodes are assigned to different types of node groups that allow different ways of transferring data. Scheduled jobs — Data can be transferred according to time schedules that you configure. Note: A Central Management cluster is not necessarily a High Availability (HA) cluster with fail-over functions. To provide these functions, you must also configure the Proxy HA mode for the proxy functions of the appliances that are involved. Nodes in a Central Management cluster In a Central Management cluster, multiple appliances run as nodes and can be administered from any of these nodes. Overview of the cluster configuration procedure You can configure the Central Management functions of Web Gateway to run and administer multiple appliances as nodes in a cluster. Add an appliance to a Central Management cluster You can add a Web Gateway appliance as a node to a Central Management cluster and assign it to a network group. Join an appliance to a Central Management cluster You can join a Web Gateway appliance as a node to a Central Management cluster and assign it to a network group. Generate a cluster CA and its private key Generate a cluster CA and its private key for use in generating certificates and private keys to ensure secure communication between Web Gateway appliances that are nodes in a Central Management cluster. Import a cluster CA and its private key Import a cluster CA and its private key to a Web Gateway appliance for signing the certificate that is generated to ensure secure communication between this appliance and other appliances that are nodes in a Central Management cluster. Assign a node to network groups You can assign a node to one or more network groups by entering the group name or names into the appropriate list. Assign a node to a runtime group You can assign a node to a runtime group by typing the group name in the appropriate input field. Assign a node to an update group You can assign a node to an update group by typing the group name in the appropriate input field. Best practice: Configuring Central Management node groups In a Central Management cluster, nodes are assigned to node groups to enable different methods of communication between them. Node groups can include nodes running in different physical locations. Verify the synchronization of nodes The user interface displays, among other general information, a timestamp for each node in a Central Management Configuration, which allows you to verify whether all nodes are synchronized. Create a tenant ID Create a tenant ID, which identifies you as the owner of this instance of Web Gateway and of other McAfee security products that you have purchased. Add a scheduled job You can add a scheduled job to a list of jobs to let them be executed according to a time schedule that you configure. Update the appliance software in a Central Management cluster To update the appliance software on Web Gateway appliances that run as nodes in a Central Management cluster, perform the update procedure on one of the nodes and update this node as the last of all. Configuring a cluster from the command line interface You can use the command line interface (CLI) to configure a cluster of Web Gateway appliances.