Summary

Below are the prerequisites for the installation of the Neverfail Continuity Engine product. 

More Information 

Supported Environments

Neverfail Engine is supported on Windows Server 2012*, 2012 R2*, 2016, 2019, 2022 and Windows Desktop 8*, 10 and 11.

Neverfail EMS web centralized console is supported on Windows Server 2012*, 2012 R2*, 2016, 2019, 2022 and on Windows Desktop 8*/10/11.

Unsupported Environments

Any 32-bit versions of Windows.

On a server deployed as a Domain Controller (DC), Global Catalog, DNS server.

On server nodes which are part of a Microsoft Cluster

A server receiving dynamic IP addressing via DHCP (static IP’s are required).

On an IA-64 Itanium Platform.

Pre-Install Requirements Checklist

The following checklist must be addressed prior to attempting an installation of Engine 10.x and later. 

Primary (Production) Server

1. Neverfail Engine will need 1GB of available RAM plus a minimum of 10GB free disk space for its own use.
   
2. The Primary server should be fully prepared for production by the time Neverfail Engine will be installed on it.
   
3. All applications must be installed and configured on the Primary server before Engine will be installed.
   
4. Any re-name or re-joining to the Domain of the Primary server should be done before Engine will be installed
5. SMB1 protocol should be disabled. For more details on this please see the KB article available at the link below:
   

https://support.neverfail.com/portal/en/kb/articles/the-risks-of-using-the-deprecated-smbv1-feature

2. SMB 2.0/CIFS File Sharing should be enabled for the installing of Neverfail Engine. It can be disabled afterwards.
   
3. File and Printer Sharing must be enabled and allowed access through all firewalls on the server prior to deployment.
   
4. User Account Control (UAC) is recommended to be disabled during installation.
   
5. Verify that the Server service is running prior to deployment.
   
6. On DNS servers, replace the existing DNS "A" Record for this server Production IP address with a Static “A” Record and configure the TTL to 45 seconds.
   
7. Microsoft™ .Net Framework 4.0 or later should be installed prior of Engine installation.
8. Apply the latest Microsoft security updates and set Windows Updates to manual. Ensure that the server does not have a reboot pending. 
9. Configure Antivirus whitelisting for Neverfail according to the following KB article:

https://support.neverfail.com/portal/en/kb/articles/neverfail-and-anti-virus-tools-general-advice-regarding-interoperability-with-anti-virus-scanners

Secondary / Tertiary Server

1. If the Secondary/Tertiary server will be Virtual than this machine will be created during the Engine deployment process through cloning.
   
2. If the Secondary/Tertiary server will be Physical than this will need to have the Windows OS installed and patched at the same level with the Primary server, prior to Neverfail Engine installation.
   
3. If the Secondary/Tertiary server will be Physical and you have applications installed on any other drive then C: drive than this should be taken into consideration when saving the system backup from the Primary for cloning. 
   
4. The specifications of the Secondary/Tertiary server must match the Primary server as follows:
   
1. Similar CPU
   
2. Identical Memory
   
3. Disk space matching the Primary server or greater
   
4. Firmware boot type/mode to match the Primary server (MBR/UEFI)
   

Engine Management Server (EMS)

1. The Local Built-In Administrator account (with full admin rights) is required for installation (NOT a domain account nested within groups).
   
2. If VMware automated cloning is planned to be used than access to a supported vCenter Server version and a vCenter service account will need to be provided. The permissions for this service account are provided in the KB article available at the link below.
   

https://support.neverfail.com/portal/en/kb/articles/configuring-the-minimum-vmware-permissions-required

3. For P2V installations, a supported version of VMware Converter must be available.
   

1. Neverfail requires Static IP addresses to be configured on the servers.
   
2. Additional Static IPs need to be provided for Neverfail Channel connection which is the network connection used for data replication.
   
3. The Channel IP is unique to each server: Primary, Secondary/Tertiary.
   
4. If deployed in a Trio (3 servers) Neverfail requires 2 Channel IPs on each server. In total 6 Channel IPs.
   
5. Neverfail recommends configuring the Channel IP address on a dedicated NIC. This eliminates single points of failures.
   
6. If deployed in a LAN environment, typically Neverfail Continuity Engine is configured so that both servers use the same Principal/Production IP address. However, each server requires a unique Channel IP address.
   
7. If Automatic Failover will be enabled, then a additional set of Management IPs will have to be provisioned for the Neverfail Split-Brain Avoidance mechanism.
2. Neverfail recommends enabling Automatic Failover when servers replicate over a WAN link unless a second physical network link is available for Management IPs.


8. When deployed in a WAN environment, persistent static routes might need to be configured for the channel connection(s) unless VPN or stretched-LAN is being used. The KB article available at the link below explains how to configure static routes for the Neverfail Channel connection over WAN
   

https://support.neverfail.com/portal/en/kb/articles/how-to-create-a-static-route-for-the-neverfail-channel-connection-in-a-wan-environment

Firewall Configuration

4. If using Windows Firewall on the server, EMS can automatically configure the necessary ports for traffic.
   
5. If network firewalls are being used, configure rules to allow traffic to pass through in accordance with the following requirements.
   
1. Between each server/node (Primary Secondary) in the Engine Cluster             
   
1. Channel NIC - TCP 9727 / 9728 / 52267 / 57348 / 61000 / 62000 / Ephemeral Port Range
   
2. Principal/Production NIC - TCP 9727 / 9728 / 52267 / Ephemeral Port Range
   
2. From all servers/nodes in the Engine Cluster -> to the EMS 
   
1. Principal NIC - TCP 7 / 445 / 135-139 / 9727 / 9728 / Ephemeral Port Range
   
3. From the EMS -> to each server/node (Primary/Secondary) in the Engine Cluster 
   
1. TCP 7 / 445 / 135-139 / 9727 / 9728 / Ephemeral Port Range
   
4. From EMS -> to vCenter Serve
   
1. TCP 443 / 9727 / 9728 / Ephemeral port range
   
5. From vCenter Server -> to EMS 
   
1. TCP 443 / 9727 / 9728 / Ephemeral port range 
   

Primary, Secondary/Tertiary and EMS machines

1. For EMS a Local Administrator account (with full admin rights) is required for installation.
   
2. For Primary/Secondary/Tertiary servers the Local Built-in Administrator account should be used during installation. A domain account could also work but it must be explicitly added to the Local Administrators Group.
   
3. For updating DNS (WAN deployments Only)
   
1. Typically, in a WAN deployment the Primary and Secondary/Tertiary (located at DR site) use different subnets and so a DNS update will be required whenever a Switchover/Failover event will occur. For Neverfail Engine to carry out this DNS update task automatically, a Domain account with DNS administration privileges is required. This should be configured in accordance with the following Neverfail KB: DNSUpdate Task - Granting Necessary Permission For The User Account
   

2. When deployed in a WAN at least one Domain Controller is required at the Disaster Recovery (DR) site.
   

1. A VMware vCenter service account will be necessary if automated cloning is desired. The minimal vCenter permissions for this service account are listed in the following KB article: Configuring the Minimum Permissions for the VMware vCenter Service Account Necessary for Having Neverfail Engine Automatically Deployed (Cloned) on the Secondary Server

1. Neverfail Plugin for SQL Server needs the ability to query the SQL Server for the list of DBs that Engine must replicate and so a SQL service account which is member of the SysAdmin group is required. 
   

Applies To