Mastering Workspace ONE UEM Load Balancing: Best Practices, Algorithms, and Configuration Tips

Load balancing is a critical aspect of a Workspace ONE UEM deployment that ensures the seamless integration of all components. Workspace ONE UEM is a comprehensive unified endpoint management solution that includes several components, including Device Services, UEM console, Secure Email Gateway (SEG), and Dell Factory Provisioning Service. Each of these components requires appropriate load balancing to achieve optimal performance and reliability. In this article, we will delve into the factors to consider for load balancing Workspace ONE UEM components, explore the available load balancing algorithms, provide information on persistent timeouts for various components, and offer load balancing recommendations.

Factors to consider for load balancing Workspace ONE UEM components

Before deploying load balancing for Workspace ONE UEM components, several factors need to be considered. Firstly, it is essential to identify the operational requirements of your organization to determine the necessary configuration and implementation. Secondly, you should evaluate the available resources within your organization, such as network bandwidth, processing power, and storage capacity. Evaluating the capacity of your hardware and software infrastructure will allow you to choose the appropriate hardware and software load balancers for your Workspace ONE UEM deployment.

Another critical factor to consider is the type and amount of traffic generated by Workspace ONE UEM components. You must have a clear understanding of the volume of traffic each component generates and its frequency. This will help you to configure the load balancers correctly and avoid bottlenecks and overloading.

Load Balancing Algorithms Available in Workspace ONE UEM

Workspace ONE UEM supports multiple load balancing algorithms, ranging from simple to more advanced ones. The available load balancing algorithms include Round Robin, Least Connections, Source IP Hash, URL Hash, Domain Hash, and Weighted Least Connection.

Round Robin is a simple load balancing algorithm that distributes requests evenly among the available servers. The Least Connections algorithm directs traffic to the server with the fewest request connections, while the Source IP Hash algorithm assigns requests based on the client’s IP address. The URL Hash and Domain Hash algorithms distribute requests based on the URI path and domain, respectively. Finally, the Weighted Least Connection algorithm assigns traffic to the least active server based on assigned weights.

Persistence timeout for device services

Device Services is a component of Workspace ONE UEM responsible for managing devices and providing device security. For seamless component integration, device services require a session persistence timeout of at least 20 minutes.

Matching persistence timeout for device services and enrollment session timeout

To ensure optimal performance of Device Services, the persistence timeout values must match the Enrollment Session Timeout values set in the Workspace ONE UEM Console Settings. Enrollment Session Timeout is the maximum duration a device can be inactive or disconnected before being logged out of the enrollment process.

Persistence timeout for UEM console

The UEM console is the central control point for all Workspace ONE UEM functional areas. The console provides a web interface that allows administrators to perform various tasks such as device management, app deployment, and policy enforcement. To ensure seamless console accessibility, the UEM console requires a session persistence timeout of at least one hour.

Matching persistence timeout for UEM console and idle session timeout

For optimal performance of the UEM console, persistence timeout values must match the Idle Session Timeout values set in the UEM Console settings. Idle Session Timeout values determine the maximum time that a user session may remain open without any activity.

Persistence timeout for Secure Email Gateway

The Secure Email Gateway (SEG) is a component of Workspace ONE UEM designed to secure emails transmitted between Exchange ActiveSync servers and email clients. To ensure seamless integration of SEG with Exchange ActiveSync servers, it requires the session persistence timeout value to be the same as that of Exchange ActiveSync servers.

Load Balancing Recommendations for Mail (EAS) Servers and SEGs

It is important to follow the recommended configurations from load balancer and email environment vendors when configuring load balancers for Mail (EAS) Servers used with one or more SEGs. The configuration must be optimized to ensure continuous and reliable email transmission between servers and clients.

No persistence is required for Dell Factory Provisioning Service

The Dell Factory Provisioning Service is a stateless component of Workspace ONE UEM that is responsible for configuring and provisioning Dell devices for corporate use. Therefore, no persistence is required as it can be effectively load-balanced without session persistence.

Redirection of HTTP Requests to HTTPS Using Load Balancers Recommended by Workspace ONE UEM

Finally, Workspace ONE UEM recommends redirecting all HTTP requests to HTTPS using load balancers to enhance security and comply with company and regulatory standards. Using an SSL-enabled load balancer ensures encryption of all communications between servers and clients.

In conclusion, load balancing is a crucial aspect of a Workspace ONE UEM deployment. This article has explored the factors to consider when configuring load balancers, available load balancing algorithms, persistent timeouts for various components, and load balancing recommendations. By following these guidelines, you can ensure optimal performance and reliability of Workspace ONE UEM components.

Explore more