Application Services and SQL High Availability

Applicability

Executive Summary

In Milestone XProtect, SQL databases and application services are inseparable—neither can function without the other. Designing high availability (HA) for this stack, therefore, requires evaluating SQL and services together.

Traditional à la carte active-passive approaches combine Microsoft SQL HA mechanisms such as Always On Availability Groups with Windows Server Failover Clustering (WSFC) for XProtect services. While this provides basic protection against hardware outages, it inherits cybersecurity weaknesses stemming from deep node trust and byte-for-byte SQL replication. Milestone's own Management Server failover offers a more integrated solution but still carries many of the same drawbacks, particularly the risk of propagating corruption across the stack.

In contrast, active-active style redundancy treats SQL and services as independent yet synchronized peers. Object-aware synchronization through application APIs enables controlled consistency while filtering out suspicious changes, reducing cyber risk. Because each solution stack operates independently, the compromise of one does not endanger the others. Efficiency is also improved, as fewer standby nodes can potentially cover multiple primaries simultaneously.

Taken together, the analysis shows that while active-passive designs can provide continuity for straightforward outages, active-active approaches deliver stronger cyber resilience, improved efficiency, and a more future-proof model for SQL and services HA in XProtect environments.