I found this document How to deploy a High Availability over SSL on HEAT Premise Service Management environment on HEAT 2015.1 (or higher) and it suggests introducing another load-balancer between the application servers and then using the load-balanced name/IP in the application configuration.
Is this still valid for Ivanti Service Manager 2017.2? From a licensing perspective, would we then require licenses for all of the application server MAC addresses? FYI - we're using Azure Load Balancers which do not expose a MAC address. This is because NLB is not supported on Azure VMs.
Further to the above, we have now configured an additional Azure load balancer between the processing servers and amended the configuration so that the ConfigDB application and the License Server application use the FQDN of the new load balancer. We have also used UNSPECIFIED development licenses (not bound to any MAC address) for testing. This had proved successful in removing the previous single point of failure.
The final question remains - for production do we just need SPECIFIED licenses including the MAC address of all four license servers in the load-balanced set?