HP X Unified Security Platform Failover Operation, Standby Operation

Chapter 8 System

How High Availability Works

The following sections describe how high availability works in failover and standby mode and how the polling works to monitor the state of the active device. For details on configuring High Availability, see “Configuration Overview” on page 237.

Failover Operation

After a pair of devices has been configured for high availability, the standby device only monitors the active device’s HA state and does not route any network packets or monitor the dynamic behavior of the active device. If the standby device detects that the active device has failed, it will assume control of the IP interfaces used to route the packets on the network. When a device becomes active it sends an SNMP trap to any configured NMS trap destinations.

When a device takes over, it will not be aware of the final network state of the previous active device before it failed. This affects the device’s network operation as follows:

•If dynamic routing is enabled, the new active device will start advertising its initial routing state and will need to relearn the network topology.

•TCP sessions that existed through the previously active device will be unknown to the new device and will be blocked. IPS and firewalling will only be performed on newly created sessions after the HA state transition.

•Site-to-site VPN tunnels that terminated on the previously active device will fail and will need to be re-established by the local device or its peer VPN terminator. To ensure that peer devices recognize a HA state transition and quickly re-establish tunnels, enable the Dead Peer Detection (DPD) option on IKE proposals.

•Client VPN connections (PPTP, L2TP and IPSec) will be closed and users will need to re-establish their VPN connection to the new active device using the same VPN IP address as before.

•The new active device will also be unaware of quarantined network equipment. However it will immediately establish quarantine for equipment that continues to transmit prohibited traffic.

When the device high availability state changes, the system generate messages in the system log. For a list of these messages, see “High Availability Log Messages” on page 302.

Standby Operation

You can ping the HA management IP addresses from a network device such as a PC to check network connectivity to the standby device. However, the following network tools will not function properly from the console when a device is in Standby mode:

•Ping

•Traceroute

•Traffic Capture

As long as the device in Standby mode has the appropriate Digital Vaccine (DV) license, the device can automatically retrieve the latest DV updates to ensure the up-to-date protection when the device switches to Active mode. To enable this functionality, the DV website must be accessible directly from the external interface through a static route.

236 X Family LSM User’s Guide V 2.5.1