A cluster is a group of computers dedicated to perform the same task. These computers (referred to as nodes of the cluster) use the same (or very similar) configuration files (policies, packet filtering, and so on). The goal of clustering in general is to integrate the resources of two or more devices (that could otherwise function separately) for backup, high availability or load sharing purposes. In other words, clusters are computer systems in which more than one computer shares the tasks or the load in the network. A PNS cluster usually consists of a group of firewall hosts that maintain the same overall security policy and share the same configuration settings.
Basically there are two types of clusters. In a failover cluster if a machine breaks down, a spare computer is started immediately to ensure that the service provided by the computers is continuously available (see Section 12.2.1, Fail-Over clusters). Load balancing clusters are used when the traffic generated by the provided service is beyond the capabilities of a single computer (see Section 12.2.2, Load balance clusters).
Clustering provides the following advantages:
ensures continuous service and decreased downtime,
contributes to High Availability (HA),
assists to satisfy service level agreements, and
improves load balance in the system.
The following terms will be frequently used in this chapter:
- Host
A single computer offering services to the clients.
- Node
A single computer that belongs to a cluster, offering services to clients. Both nodes of the cluster offer exactly the same functionality.
- Cluster
A (logical and physical) group of computers offering services to the clients. Clusters are made up of nodes. In MS, the nodes of a cluster are handled together: from the administration point of view a cluster behaves similarly to a single host.
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu