At 12:29 AM 1/23/96 +0100, Stefano Taino wrote:
>We are asked to warrant a >99,5% uptime for a firewall system in a financial
>organization. We're trying to figure out what's the best way to manage such
>a problem (a fault-tolerant hardware solution? A multiple firewall solution?
>other tricky configurations?).
>Has anybody out there already experienced and solved such a problem?
>
99.5% (presumably over one year) is not really all that high. Also, is it
99.5%, 7x24? Either way, worst case is somewhere around 40 hours per year.
That's a lot of downtime. I believe most workstation vendors would certify
a hardware uptime of 99.5%, so one platform should be sufficient. The other
issue is how to certify that the software will be up 99.5%. The only thing
you can do in this regard is see if the firewall vendor can give you their
bug list for the exact configuration you plan to implement (Sun Sparc, on
Solaris 2.4, etc). I would also use whatever stop gap measures available
such as RAID-5 hot swappable drives; UPS; don't upgrade to the next software
release (OS, firewall, etc) until the next release is available (i.e, don't
upgrade to 3.1 until 3.2 is out and don't upgrade to a *.0 revision, wait
for the *.1 release to get the appropriate major bug fixes.
If you really feel uncomfortable about a single system for 99.5% uptime
(which is quite doable), then obviously you need two systems. I am not
aware of a firewall vendor that supports high availability. Since you have
so much time (40+ hours), you could just simply have a hot stand-by that is
configured identically and keep up to date with all the databases of the
firewall. When the first system goes down, just have someone go over and
startup the standby system. I can't image someone having to do this more
than a couple times a year at best, plus this would accomodate upgrades of
software and hardware without significant downtime. Having automatic
fail-over via software might be possible, but you would have to hand-roll
that portion for now and might not be worth the effort. Also, the stand-by
system doesn't have to be an identical system. It could be a PC based
system that's real cheap compared to a workstation system, but could easy
function as a replacement until the primary system is fixed.
regards,
dale
>regards,
>Stefano.
>
>
======================================================================
Dale Lancaster
Raptor Systems
dalel @
netcom .
com
(214) 423-6212 "My opinions are my own ... who else would have them? :-)"
======================================================================
Follow-Ups:
|
|
