My thoughts on a fault-tolerant firewall:
o 2 firewalls working in parallel
(most of the popular firewalls can do this)
o Located in 2 different sites - as far apart geographically as possible
o Using 2 different ISPs
The utter failure of any one of the above components (firewall, site, ISP)
will slow performance somewhat (as the other firewall needs to handle the
additional load), but effective down-time should be essentially zero.
Fortified Networks Inc. - Management & Information Security Consulting
Phone: (317) 573-0800 - http://www.fortified.com/fortified/
The opinions expressed above are of the author and may not
necessarily be representative of Fortified Networks Inc.