home contact us

           PRODUCT DETAILS
         SECURITY GATEWAYS

Check Point Enterprise Suites

Check Point Express

VPN-1 Pro
       SECURITY APPLIANCES

InterSpect Appliances

Safe@Office Appliances

VPN-1 Edge Appliances

Nokia Appliances

Firewall Fast
          SECURITY GATEWAY
                    COMPONENTS

ClusterXL

ConnectControl

FloodGate-1

SmartDefense

SSL Network Extender

UserAuthority

Web Intelligence
       SECURITY MANAGEMENT

SmartCenter & SmartCenter Pro

SmartView Monitor

SmartView Reporter

Provider-1

SiteManager-1
         ENDPOINT SECURITY

VPN-1 Clients

Zone Labs Integrity

Connectra Appliances
<
ClusterXL
Secure Virtual Network Architecture

The Challenge

As organizations increasingly rely on the Internet and VPNs to support mission critical business processes, the costs associated with losing connectivity increase dramatically. Even a momentary failure of a corporate VPN or firewall gateway can interrupt high-value transactions resulting in lost revenues, dissatisfied customers, and reduced productivity. Today’s e-business must guarantee uninterrupted access to network resources.

The Solution

Check Point Software Technologies addresses the need for fault tolerant VPN and firewall gateways with its High Availability Module. The module delivers seamless fail-over for mission critical VPN-1™ and FireWall-1®  deployments by allowing customers to create clusters of redundant gateways. In the event that a primary gateway fails, all connections are re-directed to a designated backup.

Transparent VPN Fail-Over
The High Availability Module maintains all VPN tunnel connections during a fail-over. If a primary gateway becomes unavailable, all VPN sessions continue seamlessly without the need for users to re-connect and re-authenticate. Users will not even notice that an alternate gateway has taken over. In addition, high value business transactions and large file transfers continue intact without the need to restart.


The High Availability Module provides seamless fail-over for mission-critical VPN-1 and FireWall-1 deployments.

Integrated Management
All High Availability set-up parameters are configured directly from the Check Point Management Client and stored on the Check Point Management Server. If a fail-over occurs, the event is logged to Check Point’s log file and an alert can be automatically sent to an administrator via email, SNMP, page, etc. In addition, the status of all gateway clusters can be viewed in real time using the Check Point Status viewer. The end result is a powerful solution that is simple to deploy and requires minimal ongoing management overhead.

Tight Integration High availability properties are configured with the Check Point Management Client.

Auto Recovery/Hot Swap
Gateways can be removed and added to a functioning cluster without reconfiguring or restarting the cluster. For example, if a failure occurs as a result of an operating system problem, the failed machine may automatically restart (if the operating system has been configured for automatic reboot) and re-enter the cluster without intervention from the administrator. This feature also enables maintenance of cluster machines during normal business hours with no service disruption.

Health Check
The High Availability Module incorporates a programmable health check that continuously monitors gateway processes to identify potential problems. In addition to detecting VPN-1/FireWall-1 failures, it can determine system health by communicating with third-party applications. For example, a disk space agent may notify the Health Check if the amount of available disk space reaches a pre-defined minimum. The system can then respond by forcing a fail-over to a backup gateway. The Health Monitor enables a proactive response to a range of problems; which although not representing catastrophic failures, can effect overall system performance and reliability.





© Copyright 1997-2005, Mission Critical Systems, All Rights Reserved