I have some question regarding the external fail-open kit in an high availability environment.
What is the process if one cluster member fail? Does the NIPS bypass every traffic through
its external fail-open kit or is the traffic forwarded to its working cluster member?
Is an external fail-open kit "useless" in an clustered environment?
Thanks for your any help you can provide in this matter!
The recommended way of positioning a fail open kit in a failover pair would be to set up the primary to fail closed and set the secondary to fail open with a fail open kit.
This would allow your external devices to pass traffic through the primary device under normal situations, fail to the secondary if there is a failure and have a backup link through the fail open kit if both devices failed.
There is some information towards the end of the high availability section of the Device Administration guides in the product documentation that mentions this.
Thank you for your answer. This clear things up
How do we decide which sensor is primary and whichone is secondary?
From what I know both the sensors work in Active-Active configuration.
Please correct me in case my understanding is wrong.