Have some queries regarding the HA configuration.
Suppose i have a pair of firewall working in active-passive mode. Inside interfaces of the firewall are connected to 1A ports on the NIPS. 1B port on NIPS are connected to the respective switches.
From what i understand, in case the link between firewall and ips goes down, firewall failover will happen and traffic will be moved to other firewall.
But what will happen in case the link between NIPS and switch goes down?
When the sensor is configure in inline mode the sensor monitor ports are set up as a port pair. If 1B goes down then 1A will automatically be brought down also.
Your firewall should be able to detect this and failover to the secondary device.
Most firewall vendors have an option to configure a ping test or some other type of heartbeat that will allow it to detect that traffic is not passing and trigger a failover also.
Thanks for the answer.
Do we have any reference to this in the McAfee documentation?
I talked to McAfee representative and he said that this has to be configured in the underlying switch like the way it is being configured in the Firewall. As per him, 1A will not automatically go down if 1B goes down.