Nokia Network Security Solutions Handbook

Chapter 10: High Availability

Introduction

This book's introduction mentioned the fact that many businesses today demand 24 x 7 uptime from the hardware that makes up their network infrastructures. The corporate firewall is one of those essential pieces of hardware that cannot "go down" and is frequently called on to perform flawlessly. This demand is not that unreasonable when you consider that most corporate firewalls are a weak link in their network infrastructures. All mail and Web traffic (possibly outbound as well as inbound) typically flow through a firewall before entering or leaving the network, and a malfunctioning or nonfunctioning firewall will either stop all traffic flow or allow all traffic through unfiltered, performing nicely as a router.

Nokia provides three solutions to this problem:

  • An active/passive high-availability (HA) system known as Nokia VRRP HA; this option is described in detail in this chapter

  • An active/active, load-balanced firewall solution that utilizes an external load balancer (such as BigIP)

  • A new feature in IPSO 3.6 called Nokia IP Clustering

Nokia's most popular, widely deployed offering uses the Virtual Router Redundancy Protocol (VRRP) to provide an active-standby resilient firewall. IPSO uses VRRP (RFC 2338 dynamic routing protocol) to provide failover to a backup router in case of a primary failure. Additionally, Nokia has added an extension to VRRP, called VRRP Monitored Circuit, which handles both a total firewall failure as well as interface failures.

Another newer, slightly immature, but promising HA solution is Nokia's IP Clustering technology. Borrowing clustering technology from a previous...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Network Appliances
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.