Can anyone give me the benefit of their experience regarding redundant
management. Dealing with a worldwide implementation of Checkpoint
Firewalls and the customer is concerned with having redundant management servers
in the case that a connection goes down between the management server and the
remote module(s).
Desired functionality =============== Redundant Management Options
For Example:
***************
Primary Management Server in USA is up and running. Secondary Management Server in London is up and running. Wide area connections between London and USA goes down. Primary Management Server can no longer communicate with London firewalls. Secondary Management Server in London can still access and manage firewalls in London. I would just like to say that I am looking for the various model/architecture options which may provide the desired result. I understand that the remote module will continue to function normally without the managements server ever coming back online. Having two enterprise management servers seems possible and the only issue would be making sure the rulebase, nat, etc are all up to date. I was also looking into Provider-1. I think I could make it do what I want, but it seems designed for a different set of circumstances. Regards Bill |