NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Any comments on the following?



Any comments on the following?

We are currently running FW1 v4.0 SP8 on a single HP9000 server and are looking at a solution for improving our services by installing some form of HA product for  FW1.. Are there any limitations with the Nokias and the failover of connections using VRRP monitored circuits? We use ISAKMP (3DES) and FWZ (DES) encryption methods at the moment. Will these failover okay?

Our problems may come with the HA working with our switches and our routing scenario. We want to make the network as dynamic as possible, so everything learns when new kit is added. Don't really want to have static routes on the firewall as there are just too many. Prefer to listen to OSPF.. Connected to the firewall is two Cisco 5500 (running HSRP on the firewall side link) for client links, two 6500 on the internal (HSRP again) and the ISP link is connected directly the firewall via a router with ACL. 

Any other recommendations or limitations to watch out for of these HA products, or funnys on the way they work?
We have one token ring too currently on the firewall, we here that can be problematic, but we could loose that.

Really its between Nokias and StoneBeat-HA or FullCluster.


Andrew Lagden
Unix Administrator





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.