The enforcers aren’t designed to failover between sites. Sites were designed for geographical roaming and not failover. So as enforcers don’t geographically move, this facility was not originally designed to be built in. We are currently looking into changing this functionality in a future release, though the timeline is yet to be confirmed.
However, there is a way that you can copy the settings from one site to another. If you need to copy the profile from a primary to a 2nd site, you can export the enforcer properties as an xml from the group in the primary site and import them into the 2nd site.
This is a manual process but as enforcer settings don’t change frequently should work and prevent IP addresses etc being manually entered twice.