Gajshield – High Availability
The need for efficient and dependable infrastructures has become very important in order to serve critical systems and the demand for such infrastructures is continuously increasing. It has become important that the system is able to handle increasing load and at the same time, is able to decrease downtime and eliminate single points of failure. As a result of this, High availability as a quality of infrastructure design has gained extreme importance.
High availability refers to systems that are durable and that operate continuously without failure for a long time.
Mechanism for High Availability:
High availability functions as a failure response mechanism for infrastructures of organizations. The way that it works is quite simple conceptually but typically requires some specialized software and configuration. There are 2 ways in which firewalls could be configured to ensure high availability: Active-Active State synchronization and Active-Passive State Synchronization to facilitate hardware redundancy.
In Active-Active State Synchronization, both the firewalls in the system- the Master firewall and the Backup firewall are utilized simultaneously which results in increase of system strength. Traffic is load-balanced between the firewalls and incase any of the firewall fails, the other firewall takes over without any human intervention. Once the failed firewall is up, the traffic is balanced again. The configurations on both these firewalls are automatically synced and failure notification, just in case is promptly provided.
Whereas in Active-Passive State Synchronization, at a given point of time, only one firewall is functional (Master Firewall) and the second firewall (Slave Firewall) is idle. If the Master firewall fails, the second firewall takes over and moves into Master state. All traffic is now routed through the second firewall, as a result of which there is no impact on network performance and users are not affected. When the Master Firewall is up again, the second Firewall moves back to Slave state. All this happens without any human intervention
Importance of a Highly Available System:
When setting up robust production systems, minimizing downtime and service interruptions are often a high priority. Regardless of how reliable your systems and software are, problems can occur that can bring down your applications or your servers. Implementing high availability for your infrastructure is a useful strategy to reduce the impact of these types of events.
Gajshield offers a mechanism to ensure High availability with Active-Active and Active-Passive State synchronization for organizations. This mechanism includes host of features like Stateful failover in which the GajShield firewall enables a router to continue processing and forwarding firewall session packets after a planned or unplanned outage occurs. This process is transparent and does not require adjustment or reconfiguration of any remote peer. GajShield also provides email alerts to describe the current status of HA and changes in states from Master to Backup or vice versa.
Ensuring that your System is Highly Available:
One of the goals of high availability is to eliminate single points of failure in your infrastructure. A single point of failure is a component of your technology stack that would cause a service interruption if it became unavailable. As such, any component that is a requisite for the proper functionality of your application that does not have redundancy is considered to be a single point of failure.
High availability is an important subset of reliability engineering, focused towards assuring that a system or component has a high level of operational performance in a given period of time. At a first glance, its implementation might seem quite complex; however, it can bring tremendous benefits for systems that require increased reliability.
Check Gajshield The Next Generation Firewall!
Dragon Naturally Speaking
Dragon Naturally Speaking
Read More …
Application Filtering BYOD Support Cloud Security Complete Visibility Data Leak Prevention High Availability Multi Wan Management - ISP Load Balancing Next Generation Firewall - Beyond UTM Next Generation Pro-active Security Secure Connectivity (VPN) Secure Guest Internet Management System Two Factor Authentication to Manage Firewalls URL filtering Zero hour Malware Protection - AntiVirus/AntiSpam