this presentation provides you information on how you can implement a firewall/UTM high availability solution for your business and make it high performing .
1. High performing IT Solutions
Firewall /UTM
High availability Solution
Presented by
Mr.Vihang S . Kathe
Founder & Director
IBC
2. Need of H/A Solution for Business
Current Business scenario
Working of H/A Solution
How to avoid Downtime with H/A
Case Scenarios
Business Benefits
Question and Answers
Action plan Forward
4. Current Business Situation
• Network Availability is dependent on Single Firewall UTM Appliance .
• Remote Branches connected to this Firewall Appliance .
• Web servers , Application Servers and email services are NATted to
Firewall .
• Internal users dependent on Firewall for internet browsing .
• Multiple ISP might be terminated on Firewall for ISP failover solution
Incase this Firewall has a hardware failure
• Complete business communication fails .
• Users are not able to browse the internet , send emails and branch
offices are not able to connect to central applications .
• Results in complete business downtime .
6. How to ensure N/W availability
With High availability or Clustering solution with 2 Identical Firewall / UTM
appliance .
Firewall Clustering or Firewall Redundancy is the arrangement of 2 or more
Firewalls designed & configured either for Availability or for Performance or for
both.
Firewalls configured in Master-Slave/Hot-Cold/Active-Passive/Primary-
Backup mode, ensures High Availability of N/W.
So incase the primary Firewall fails , the complete network can be
automatically diverted to the secondary firewall thus ensuring no business
downtime /loss .
8. Working of H/A Solution
•One Firewall in Cluster is configured as
Primary/Master/Active.
•Redundancy based protocol VRRP is used to detect
failure.
•The Detection is based on Heartbeats.
•Heartbeats are token messages that Firewall sends
periodically to each other.
•If Primary stops Heartbeats, VRRP assumes Primary is
not Available.
•Subsequently VRRP selects the
Secondary/Slave/Passive Firewall to become new
Primary.
•The prevalent Primary Firewall owns a Virtual IP.
•This Virtual IP is the Gateway for All the Servers
, Applications and Network Nodes .
11. Firewall in Load balancing
•The other approach in Firewall Clustering is Multi-Primary or Load Balancing
mode.This configuration ensures Performance as well as Availability.
•N/W Traffic Flow can be evenly distributed. This results in Performance.
Also in case of Failure, Secondary Firewall takes over all the N/W traffic
management until Primary Firewall is restored/revived.
• This Scenario is particularly useful in Sudden High peak requirements of
network where Network load needs to be shared and ensure performance
for applications like Web Services , Trading , ERP , CRM or Emails .
14. How to avoid Business downtime with H/A
1. H/A ensures almost zero Downtime of your Business Network .
2. As a failure of any single Firewall Device involved in H/A design is transparent
to the N/W traffic .
3. In effect, the N/W stays unaffected in the event of failure of any single Firewall
without loss of packets, sessions and more importantly security.
4. H/A Solution Ensures that your IT infrastructure Runs smoothly without any
downtime . Thus ensuring your instant ROI .
5. Your Business Applications , internet services and remote branch connectivity
can run smoothly even if your primary firewall fails with an H/A design
15. Business Benefits of H/A Solution
Technical Benefits of H/A Design:
It ensure higher throughput of bandwidth
Smaller Latency
Lesser Bottlenecks in your networks
Higher Performance for your Apps
Higher Availability for your Servers , Apps and Networks
More frequent Security Updates & Patches
Business Benefits of H/A Design:
Almost Zero Business Downtime
Improved Productivity of N/W and business Applications .
Lesser Security threats as it ensure 100% firewall uptime .
Improved N/W Efficiency
Resilient IT infrastructure and Business productivity
16. Questions and Answer
• Cost of Ownership of the H/A Solution .
The cost of ownership of this solution can around 5-6 Lakhs depending
on your Network sizing and users .
• Budgetary allocation and ROI .
You can definitely justify the ROI of this solution by your Network
uptime from the date of installation of this solution till next 3yrs .
• How the Solution would be beneficial for my Business
This solution ensures high availability of your firewall/UTM appliance
and thus avoids any business downtime for your network and
applications .
• Business results provided by the H/A Solution .
The business results can be measured with Server uptime , Application
uptime and internet productivity of your employees .
• Action plan moving forward .
Follow us on our twitter handle , email us or call us on 02230584577 for
more details on the solution , thank you .