[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: None
From: msitmi02.xz46g8 () eds ! com
Date: 1996-12-09 11:29:03
[Download RAW message or body]
Message-ID: <2ac89c8f6f39111a@deliver.cichlid.com>
Lines: 54
Xdeliver: HEADER START (not lowercased)
Xdeliver: From firewalls-owner@GreatCircle.COM Mon Dec 9 11:28:58 1996
Xdeliver: Return-Path: <firewalls-owner@GreatCircle.COM>
Xdeliver: Received: from relay6.UU.NET by cichlid.com with smtp
Xdeliver: (Smail3.1.28.1 #13) id m0vXBNa-000GTya; Mon, 9 Dec 96 11:28 PST
Xdeliver: Received: from miles.greatcircle.com by relay6.UU.NET with ESMTP
Xdeliver: (peer crosschecked as: miles.greatcircle.com [198.102.244.34])
Xdeliver: id QQbtjp02951; Mon, 9 Dec 1996 14:27:44 -0500 (EST)
Xdeliver: Received: (majordom@localhost) by miles.greatcircle.com \
(8.7.1-lists/Lists-960417-1) id KAA08063 for firewalls-outgoing; Mon, 9 Dec 1996 \
10:58:48 -0800 (PST)
Xdeliver: Received: from ns1.eds.com (ns1.eds.com [192.85.154.78]) by \
miles.greatcircle.com (8.7.4/Miles-960830-1) with ESMTP id KAA08042 for \
<firewalls@GreatCircle.COM>; Mon, 9 Dec 1996 10:58:36 -0800 (PST)
Xdeliver: From: MSITMI02.XZ46G8@eds.com
Xdeliver: Received: from nnsa.eds.com (nnsa.eds.com [130.174.31.78]) by ns1.eds.com \
(8.8.2/8.8.2) with ESMTP id NAA24101 for <firewalls@GreatCircle.COM>; Mon, 9 Dec 1996 \
13:58:10 -0500 (EST)
Xdeliver: Received: from DNET.EDS.COM (dnet.eds.com [130.174.31.77]) by \
nnsa.eds.com (8.7.6/8.7.3) with SMTP id NAA07044 for <firewalls@GreatCircle.COM>; \
Mon, 9 Dec 1996 13:57:38 -0500 (EST)
Xdeliver:
Xdeliver: HEADER END
Xdeliver: SENDER firewalls-owner@greatcircle.com
Xdeliver: to
Xdeliver: cc
Xdeliver: apparent_to
Xdeliver: from msitmi02.xz46g8@eds.com
X400-Originator: MSITMI02.XZ46G8@eds.com
X400-Recipients: firewalls@GreatCircle.COM
X400-MTS-Identifier: [/PRMD=DMN2PILOT/ADMD=TELEMAIL/C=US/;0095000008068997000002]
X400-Content-Type: P2-1988 (22)
Message-ID: <0095000008068997000002*@MHS>
To: "firewalls(a)GreatCircle.COM":;
Subject: Re: Redundant FW-1s in Parallel!?
Date: Mon, 9 Dec 1996 14:00:56 -0500
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk
I didn't see this pass by so I am posting again.
----------
From: Kerrigan, Philip
Sent: mercoledi 4 dicembre 1996 9.59
To: 'firewalls-digest-owner'
Subject: Re: Redundant FW-1s in Parallel!?
Reply to Bill Husler:
No, your picture is not true. Maybe someone who was at the Checkpoint
Paris conference can give more details, but v 3.0 does not give HA. It
allows the state to be shared between 2 machines, which helps
high-availability and allows separate inbound and outbound routes, but it
DOES NOT check the operating state of the other machine. Load balancing
must also be done separately. Furthermore to have the same rulebase on
both machines you need remote management, otherwise you have to remember
to copy the rulebase to the other machine everytime you change it, and
then install it. You could use cron to do this, of course, if the second
machine was in standby, or run some form of script that starts the fwui,
and then does a rcp when finished (if you want to allow rcp).
Also you can have more interfaces. A Sparcstation 5 has its basic LAN
le0, the SCSI card has another, le1, and you can add a quad ethernet to
get qe0 through qe3. Using a virtual interface you can share a heartbeat
link with the internal network. This gives you 5 usable interfaces. I
have done this and it works.
The basic Qualix SecureWatch is asymmetric but there is no real reason
why you can't make it symmetric and fail over the A machine interfaces to
a virtual interface on the B machine. Obviously in this case you can't
share disks, and you need FW-1 licences on both machines. Currently you
also lose all connections on the failed machine, but ver 3.0 should take
care of that.
distinti saluti/best regards
Philip Kerrigan
EDS Italia SpA
Viale Monza, 257
Milano, Italy tel. + (0)2 2524272
msitmi02.xz46g8@eds.com fax + (0)2 27002588
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic