Could you please help me by resolving following queries regarding McAfee NIPS sensor active-active configuration ?
We have configured fail over pair of 2 identical sensors and set allow fail open= enable . Validated that both peer members of this pair are up and functioning.
Both appliances should be configured in active-active mode despite one device is IPS-NS-7200 (configured as primary i.e. template device in failover pair)and another is IPS-NS-7200-FO (by Default) (configured as secondary i.e. peer device). So as per best practices, what should be port assignment of individual sensors i.e. what all ports should be fail-open or fail-closed or any other combination and requesting an explanation for the same.
if sensor 1 goes down then what would be the scenario ? how we can make sure that traffic which was passing through sensor 1 earlier will still be transmitted/shifted and monitored by sensor 2 maintaining seamless business(because sensor 2 would be functioning as configured in active state)
Currently G0/1 port of both appliances is functioning as HA port for synchronization. If G0/1 of either primary or secondary goes down, what would be the situation ? will both appliances still be operated as configured and expected? Requesting explanation for the same if yes/no.