Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Experience with Active/Active Clustering on Sonicwall NSA Firewalls

Posted on 2014-07-25
3
Medium Priority
?
1,180 Views
Last Modified: 2014-07-28
Does anyone have any experience with running a pair of SonicWall's in an Active/Active Configuration?

We are thinking of adding another unit to make a pair to add extra performance with our new internet connection while adding some redundancy.

Does it work well?
How is the failover/failback?
Do you get close to the combined throughput of both units?
Any gotchas?
0
Comment
Question by:PerimeterIT
  • 2
3 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40221584
Can you please describe your current setup including model numbers and bandwidth information? Also which security packages on the sonicwall you use and any other firewall/Ids/gav/etc devices.
0
 
LVL 1

Author Comment

by:PerimeterIT
ID: 40222050
We have a pair of NSA 3500's with the HA license.
Its for a 1gb/s sync internet connection, expecting 2500 simultaneous connections.

This is a temporary project, and throughput is essential. We have disabled IPS and all scanning functionality. Security wise we are happy with a basic firewall/NAT.
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 2000 total points
ID: 40222108
I assume you have see this:
http://www.sonicwall.com/downloads/SonicOS_5.6.5_Active-Active_Clustering.pdf

My personal experience doesn't get into active active clusters but I will say that sonicwall performance is 1/2 of stated in all cases I've experienced e.g. if it can handle 500mbps up and 500mbps down they state that as 1gbps.
The isd throughput is also 1/2 again (so 1/4 of stated)  in default high/medium/low threat detection. To get back up to 1/2 of stated you have to switch to "performance mode" which doesn't look for low value threats.

Anyway the point of all this is You may not get 1gbps up and down even with two 3500s in a cluster.
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question