[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] HA using Cisco content switches
Viable perhaps, but an unnecessarily expensive way to go. With any switch-based HA solution, you'll need a pair of switches on every subnet connected to the firewall to ensure transparent failover and no single point of failure. That's a minimum of 4 switches for a basic public/private network. Check out section 3.2.5 of this white paper for more info: http://www.rainfinity.com/pdf/wp_increasing_fw_capacity.pdf Also, be aware that Cisco 11000 switches are only OPSEC-certified for use with 4.0, but not with 4.1/VPN. More info at: http://www.checkpoint.com/opsec/partners/cisco.html Best regards, Mark L. Decker Rainfinity - High Availability for [email protected] -----Original Message----- From: Sawyer, Douglas (D.G.) Sent: Monday, July 09, 2001 12:12 PM To: '[email protected]' Subject: [FW1] HA using Cisco content switches Has anyone used Cisco's 11150 series content switch for HA on firewalls? I would be interested in knowing the outcome. Also if you used VPN, does fail over work without re-keying? I am aware of required changes to Objects.C and the syncing between FW's. However my main interests lies in wither or not this is a viable means of HA vs. other software products available. Thanks! Doug ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|