Cluster Checkpoint
10
-
Upload
vikas-singh -
Category
Documents
-
view
105 -
download
2
description
sfett
Transcript of Cluster Checkpoint
A ClusterXL cluster is a group of identical Check Point Security Gateways connected in such a way that if one fails, another immediately takes its place.
Check Point's ClusterXL is a software-based Load Sharing and High Availability solution that distributes traffic between clusters of redundant Security Gateways.
ClusterXL uses unique physical IP and MAC addresses for the cluster members and virtual IP addresses to represent the cluster itself. Virtual IP addresses do not belong to an actual machine interface.
ClusterXL provides an infrastructure that ensures that data is not lost due to a failure, by ensuring that each
cluster member is aware of connections passing through the other members.
Passing information about connections and other Security Gateway states between the cluster members is known as “State Synchronization”.
HIGH AVAILABILITY LOAD BALANCING
The ability to maintain a connection when there is a failure by having another machine in the cluster take over the connection, without any loss of connectivity. Only the Active machine filters packets.
One of the machines in the cluster is configured as the Active machine. If a failure occurs on the Active machine, one of the other machines in the cluster assumes its responsibilities.
ClusterXL is a software-based Load Sharing and High Availability solution that distributes network traffic between clusters of redundant Security Gateways.
ClusterXL provides: Transparent failover in case of machine failures Zero downtime for mission-critical environments
(when using State Synchronization) Enhanced throughput (in Load Sharing modes) Transparent upgrades
ClusterXL Load Sharing distributes traffic within a cluster of gateways so that the total throughput of multiple machines is increased.
In Load Sharing configurations, all functioning machines in the cluster are active, and handle network traffic (Active/Active operation).
If any individual Check Point gateway in the cluster becomes unreachable, transparent failover occurs to the remaining operational machines in the cluster, thus providing High Availability. All connections are shared between the remaining gateways without interruption.
