Why load balancing matters
Bravura Security Fabric is designed for deployment in a multi-master, active-active architecture where multiple application nodes are deployed across two or more physical locations and accessed through a load balancer. Each node maintains a complete, local copy of the database and provides full functionality — web portal, workflow manager, reporting, and all services. All nodes are active at all times; this is not a hot-standby architecture.
Data replication between nodes occurs in real time at the application level. Replication is fault-tolerant, WAN-friendly, and encrypted, which means nodes can be geographically distributed across data centers to protect against site-level failures. If one server or location becomes unavailable, the remaining nodes continue to operate without interruption and without manual intervention.
A load balancer serves two critical functions in this architecture:
Traffic distribution. The load balancer distributes incoming user and API traffic across the active application nodes. This improves performance by spreading the workload and prevents any single node from becoming a bottleneck.
Health monitoring and failover. The load balancer monitors the health of each application node and automatically stops routing traffic to nodes that are unavailable or unhealthy. When a node recovers or a replacement is brought online, the load balancer resumes sending traffic to it. This provides seamless failover without service interruption to end users.
Bravura Security recommends deploying a minimum of three application servers across at least two physical data centers. This configuration ensures that if one node fails, the remaining nodes can continue serving traffic while a replacement is rebuilt — without requiring a maintenance window or service interruption. With only two nodes, rebuilding a failed node requires temporarily taking the surviving node offline for data synchronization.
Any standard IP-based load balancer works with Bravura Security Fabric. DNS round-robin can also distribute traffic, but a dedicated load balancer is preferred because it can perform health checks and automatically redistribute load away from compromised or unresponsive nodes.
Note
While the load balancer distributes user-facing web traffic (HTTPS), the connectivity between Bravura Security Fabric and target systems uses native protocols and is not routed through the load balancer. For best performance, application nodes or their proxy servers should be located near the target systems they manage.