Adjust general Firewall clustering options

To tune the settings that relate to how the traffic load is balanced between several online nodes, adjust the Firewall clustering options.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click a Firewall Cluster element and select Edit Firewall Cluster.
    The Engine Editor opens.
  2. In the navigation pane on the left, browse to General > Clustering.
  3. Configure the settings.
    Note: Do not adjust the settings in the Advanced Cluster Settings dialog box unless you are certain it is necessary.
  4. Click Save and Refresh to transfer the changes.

Engine Editor > General > Clustering

Use this branch to view nodes and add new nodes to the NGFW Engine cluster.

Option Definition
Node ID

(Not editable)

Shows the ID number of the node.
Name Specifies the name of the node. Double-click the cell to edit the name.
Configuration Status

(Not editable)

Shows the configuration status of the node.
Certificate

(Optional)

Shows information about the node's certificate for external certificate management. Right-click the cell, then select Edit Certificate to create a certificate request for the NGFW Engine node.

You must create a separate certificate request for each NGFW Engine node.

Version

(Not editable)

Shows the version of the NGFW Engine software that is installed on the engine.
Comment

(Optional)

A comment for your own reference.
SNMP Location Specifies the SNMP location string that is returned on queries to the SNMPv2-MIB or SNMPv2-MIB-sysLocation object.
SNMP Engine ID

(SNMPv3 only)

A unique identifier for each NGFW Engine node that is used by the SNMP agent.

The engine ID is used with a hash function to generate keys for authentication and encryption of SNMPv3 messages. If you do not specify the SNMP engine ID, an SNMP engine ID is automatically generated.

Disabled Disables the node. You can enable the node later.
Add Node Adds a node to the cluster. Opens the Engine Node Properties dialog box.
Edit Node Allows you to change the properties of the selected node. Opens the Engine Node Properties dialog box.
Remove Node Deletes the selected node. The deleted node cannot be restored.
Clustering Mode

(Not Layer 2 Firewalls)

  • Balancing — All nodes are simultaneously online providing enhanced performance and high availability if there is node failure. Balancing mode is the default mode.
  • Standby — Only one node can be online at a time. We recommend having at least one other node on standby to allow automatic takeover if there is failure. Several nodes can be on standby at a time. A randomly selected standby node is turned online when the online node fails.
Note: Only standby clustering mode is supported for Layer 2 Firewall Clusters.
Clustering Allows you to change advanced settings for the cluster. Opens the Advanced Cluster Settings dialog box.