"Sean M. Dunlop" <[EMAIL PROTECTED]> writes: > Florin, > > Is there, or can you add, the capability to export and import 'rule set only' > information for the purpose of running dual or hot standby firewalls? > > Two possible scenarios: > > 1) Active-Passive Standby: Two MNF's set up as clones, one is idle, the other is > active - Hot standby enabled via VRRP, each box will have different Ip's (and one > virtual via vrrp) but the rulesets will be identical. A manual or automated process > to mirror changes to the rulesets would be lovely :-) > > 2) Active-Active Clones: Two MNF's at different locations that border the same DMZ'z > but enter the LAN at different points. OSPF on the LAN determines gateway > availability and dynamic routing to DMZ's and External. Both firewalls need to hold > the same rulesets, how can you centralise this management? A manual or automated > process to mirror changes to the rulesets would be lovely :-) > > Is this dealt with already? Adding rules twice (I will be using scenario 2 above) is > a pain and potential for error.
Hi there, there is nothing about failover/high availability on MNF for the moment .. but I will have a look this during the next week ... > Cheers > > Sean Dunlop > > Network & Security Administrator > > Department of Treasury & Finance > > 200 St Georges Tce > > Perth Western Australia 6000 > > Ph - (618) 9262 140 > > Mb - (618) [0]414 488 504 > > Email - [EMAIL PROTECTED] > > Web - www.dtf.wa.gov.au impressive signature ! :o) -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
