Juniper Networks 710008-001 Fault Tolerant High Availability, Resiliency, Ospf, Bgp, Rip, Dsl

Page 13

FW/IPSec VPN Buyer’s Guide

3. Fault Tolerant – High Availability, Resiliency

Device, itself, provides

 

 

 

redundancy:

 

 

 

o

Solid-state

Yes

 

 

o

Redundant

Yes

 

 

 

components

 

 

 

o

(fans/power supplies)

 

 

 

Port Density

Yes

 

 

Supports dynamic routing

 

 

Enables the survival of

protocols:

 

 

failures at the transport level

o

OSPF

Yes

 

–needed for other

o

BGP

Yes

 

components of resiliency

o

RIP

Yes

 

 

High Availability (HA)

 

 

 

Configurations to reduce single

 

 

 

point of failure:

 

 

 

o

Stateful (sharing

Yes

 

 

 

session information) to

 

 

 

o

maintain connections

Yes

 

 

VPN sync (sharing

 

 

 

VPN information to

 

 

 

 

maintain security

 

 

 

 

association in the

 

 

 

o

event of a failure)

Yes

 

 

Active-passive HA

 

 

 

(one device

 

 

 

 

processing traffic, with

 

 

 

 

the second device as a

 

 

 

o

back-up)

Yes

 

 

Active-active HA (both

 

 

 

devices processing

 

 

 

o

traffic)

Yes

 

 

Active-active, full-

 

 

 

mesh HA to survive a

 

 

 

 

failure up or

 

 

 

 

downstream from

 

 

 

 

device

 

 

 

Redundant physical

 

 

 

connections (e.g. connections

 

 

Note: need to support

to different service providers)

Yes

 

dynamic routing to do this

Alternate transport options,

 

 

 

such as:

 

 

 

o

DSL

Yes

 

 

o

Dial back-up

Yes

 

 

A high Mean Time Before

Yes, using Bellcore

 

 

Failure (MTBF) expectancy

MTBF calculations

 

 

VPN Specific

 

 

 

Ability to run dynamic routing

 

 

 

through its tunnels to

Yes, Dynamic Route-

 

 

automatically learn the network

based VPNs (Best

 

 

and route around failures

Path VPNs)

 

 

Product’s HA performs VPN

 

 

Note: most routers cannot

sync (sharing VPN state

 

 

offer this functionality

information) to maintain the

 

 

 

VPN connection in the event of

Yes

 

 

a failure

 

 

 

 

Copyright © 2004, Juniper Networks, Inc.

13

Image 13
Contents Juniper Networks, Inc Part Number 710008-001 June Table of Contents Introduction Provide strong security Executive SummaryOffer ease of use and management Quick Checklist Offer ease of use and management Strong Security Detailed Buyer’s ChecklistFTP DNSVPN Specific Page Page Predictable Performance Ospf Fault Tolerant High Availability, ResiliencyBGP RIPYes, custom VPN CLI Ease of UseSSH SnmpMIB MIPNTP Simple Deployment and Installation Features for Remote Users and Offices