3 Replies Latest reply: Aug 15, 2014 11:21 AM by imanfauzi RSS

    Clustering Firewall with sidewinder (F Series) and S series

    imanfauzi

      Dear All,

       

      I would to ask about clustering on firewall.

      we have a mcafee firewall sidewinder 2150F and we need to buy another one, which is S series (S4016, S5032 and etc) available now. mcafee sales told me they did not sell a sidewinder more.

      my question :

      1. Can sidewinder firewall create cluster / HA with S series firewall?

      2. is S series firewall using stonesoft or not?

      Please help us.

       

      Thanks,

        • 1. Re: Clustering Firewall with sidewinder (F Series) and S series
          araindra

          hi imanfauzi,

           

          try to answ :

          1. i dont think F series can work interoperability HA with S series, you need change with S series or push your client to upgrade NGF series

          2. S series in different model than stonesoft series, stonesoft start with NGF for code

           

          FE2100.jpg

          ha.jpg

           

          thx

          • 2. Re: Clustering Firewall with sidewinder (F Series) and S series
            PhilM

            You probably spoke to someone who didn't know what Sidewinder was.

             

            Sidewinder became McAfee Firewall Enterprise after v6 (Sidewinder G2), but those of us who have worked with the product for that long still know it as "Sidewinder".

             

            Officially McAfee always encouraged HA clusters to be made up of the same hardware appliances. But, fundamentally, as long as each has the same number of active interfaces and the zones/burbs are created in the same order on each appliance then you should be able to create an HA cluster.

             

            Mixing appliances could be tricky if they are of different performance specifications (e.g. using an S3008 as the main appliance and teaming it up with an S1104). When a failover event occurs is it likely the users will notice a drop in performance. Also, with the S1004 only having 4 interfaces you would only be able to use 4 of the 8 interfaces available on the larger appliance.

             

            Ultimately, I have always recommeded to customers that they use the same appliance (or direct equivalent) when setting up HA clusters.

             

            As far as I know regarding the Stonesoft NGFW product, this will be able to run on the S-model appliances, but not the older ones.

             

            Hope that helps.

            -Phil.

            • 3. Re: Clustering Firewall with sidewinder (F Series) and S series
              imanfauzi

              Hi Inbol,

               

              Glad to see you here,

              Thanks for this information. it would be help to understand my customer.