[c-nsp] Firewall/IPS Load Balancing
Eugeniu Patrascu
eugen at imacandi.net
Tue Mar 20 05:31:42 EDT 2012
On Tue, Mar 20, 2012 at 00:50, Murphy, William
<William.Murphy at uth.tmc.edu> wrote:
> I thought I would poll the list to solicit recommendations on how to do firewall/IPS load balancing. I am considering a traffic distribution switch from GigaMon but I am curious what other products might be out there, or perhaps even features in Cisco 6500 product that would achieve the same result. I am not interested in paying for full blown ADC/SLB boxes (ACE or whatever) with more features than I need, and the GigaMon approach seems like it fits that bill. Thanks in advance for your feedback.
Hi,
I think you are a bit confused: GigaMon does not produce/sell load
balancing "switches". What they do sniffing equipment that has the
possibility to be very granular at what you want to capture and to
audit this (like before receibing traffic you have to authenticate to
the device).
If you want firewall high availability, the simplest solution is to
buy two firewalls and run them in A/A or A/P configuration.
ACE or another SLB solution will balance incoming traffic to a pool of
servers based on some criteria that you can usually choose from.
I think you need to better describe what are your needs and what you
want to accomplish.
HTH,
Eugeniu
More information about the cisco-nsp
mailing list