Introduction

Many enterprises have high requirements for availability. In many environments, providing 99.99 percent uptime is part of the service-level agreement (SLA), which equals less than 53 minutes of downtime a year. In order for this uptime requirement to be met, high availability through redundancy and failover must be implemented. To support high availability, the PIX firewall provides both stateless and stateful failover capabilities.

In this chapter, you will learn how failover works on the PIX firewall. We will go through various configuration examples to learn all types of failover. You will also learn about LAN-based failover operation, which is one of the newer features available on the PIX firewall.

Failover Concepts

The failover feature of the Cisco PIX firewall provides the ability to deal with firewall failures. This is accomplished by running a second PIX firewall that automatically takes over in case the active firewall fails. Failover works with two, and exactly two, firewalls. When one of these firewalls fails, the other one takes over the failed firewall's functions. Failover works with all interface types. The two firewalls must be identical in the following ways:

• Same model of firewall (for example, a PIX 515 cannot be used with a PIX 515E)

• Same amount of flash memory and RAM

• Same software version (for example, software version 6.1 cannot be used with software version 6.2)

• Same number and types of interfaces

• Same activation key type (for example, DES or 3DES support)

In addition, there are some licensing restrictions for using failover: