Introduction

As the reliance on data networks becomes greater, the importance of their availability increases. This chapter provides a comprehensive look at the features provided by the various NetScreen firewalls for achieving high availability (HA) networks. The effort involved in understanding and implementing the most highly available networks is significant and can be a daunting task. This chapter explores the available options in a progressive manner, building on the previous knowledge as much as possible. Juniper Networks have gone to great lengths to provide features that are both complete and appropriate for improving the availability of networks.

This chapter begins with a discussion about the nature of and justification for high availability networks. Having a feel for the multi-faceted nature of this topic is a great help, especially when trying to justify planned expenses to upper management.

Next, we examine how high availability can be achieved using the different methods and features available across the NetScreen range of firewalls. Several configuration examples are provided that can be used as a baseline to develop high availability solutions appropriate to your specific network.

Towards the end of the chapter, some of the more advanced issues are presented and ideas and recommendations are given on how to best approach them.

Throughout this chapter, there are examples with configuration instructions for both the command line interface (CLI) and the Web interface. Any instructions for configuration via the Web interface assumes that the firewall is already configured with an Internet Protocol (IP) address. It is...