Re: firewall cluster

["Leif Hardison" <inzeos () gmail com>]

Sandra,

If you are clustering different operating systems as part of a
redundant solution, I would suggest adding A and B nodes for each OS.
The reason being that you will want to insure that your test upgrades
indeed have no chance of impacting your availability if for some
change one OS crashes.

What products or tools are you looking at to implement the platform?
Will you be choosing a vendor or software package that is supported
between the OS at the same build levels to implement the clustering?

Regards,

Leif Hardison

On 3/27/07, sandra <sandra () fib upc edu> wrote:
> Hello,
>
> We want to set up a cluster of two firewalls with heartbeat. It will be an active-passive
> cluster, so if main firewall fails, secondary firewall would become active.
> We think that, although they are a cluster, they should have different Operating Systems
> (for example linux and BSD), so if a vulnerability has impact in our main firewall and
> drops it, the second firewall will start to serve without the same vulnerability affecting it.
> Do you think is a good idea or is better to have two identical firewalls for compatibility
> issues?
> Which combination of Operating Systems do you recommend?
> Thanks,
>
> Sandra