FortiGate-6000 HA supports failover protection to provide FortiOS services even when one of the FortiGate-6000s encounters a problem that would result in partial or complete loss of connectivity or reduced performance for a standalone FortiGate-6000. This failover protection provides a backup mechanism that can be used to reduce the risk of unexpected downtime, especially in a mission-critical environment.
To achieve failover protection in a FortiGate-6000 cluster, one of the FortiGate-6000s functions as the primary, processing traffic and the other as the secondary, operating in an active stand-by mode. The cluster IP addresses and HA virtual MAC addresses are associated with the interfaces of the primary. All traffic directed at the cluster is actually sent to and processed by the primary.
While the cluster is functioning, the primary FortiGate-6000 functions as the FortiGate network security device for the networks that it is connected to. In addition, the primary FortiGate-6000 and the secondary FortiGate-6000 use the HA heartbeat to keep in constant communication. The secondary FortiGate-6000 reports its status to the primary FortiGate-6000 and receives and stores connection and state table updates from the primary FortiGate-6000.
FortiGate-6000 HA supports three kinds of failover protection:
- Device failure protection automatically replaces a failed device and restarts traffic flow with minimal impact on the network.
- Link failure protection maintains traffic flow if a link fails.
- FPC failure protection makes sure that traffic is processed by the FortiGate-6000 with the most operating FPCs.
- SSD or log disk failure (FortiGate-6501F or 6301F only) makes sure that traffic is processed by the FortiGate-6501F or 6301F with the most operating SSDs.
- Session failure protection resumes communication sessions with minimal loss of data if a device, FPC, or link failure occurs.