Sidebar

What is the best way to configure QIE behind a load balancer?

0 votes
693 views
asked Feb 8, 2018 by ben-s-7515 (12,320 points)
We are setting up multiple instances of QIE in the cloud behind a load balancer.  What is the best way to configure QIE for this?

1 Answer

0 votes

When using QIE behind a load balancer we recommend the following configuration:

1) The load balancer is used to route interface traffic only.  Those connections are passed directly on to the QIE services in a round-robin fashion (or other method such as GEO-OP routing).

2) The load balancer does not allow any traffic to the QIE servers unless it is a specified port listening in the QIE service (not the console login port).

3) A jump box is placed in the cloud environment on a separate subnet that is used to gain access to the QIE servers directly.  (This means that there is no direct access to the QIE server or management console outside of the cloud network itself).  To access the QIE server you would connect to the jumpbox (the firewall would be configured to allow traffic from the internet white listed IP addresses), and then from the jumpbox to the QIE servers.

This is the preferred method for hosting QIE as it offers the greatest protection from unwanted visitors gaining access to the interface engine and exposing PHI.  It also allows you to have full control over the instance of QIE you are connecting too.

answered Feb 8, 2018 by ben-s-7515 (12,320 points)
...