Fortinet black logo

FortiGate-7000 Handbook

Failover protection

Copy Link
Copy Doc ID 9ef55e39-7839-11ea-9384-00505692583a:691647
Download PDF

Failover protection

FortiGate-7000 HA supports failover protection to provide FortiOS services even when one of the FortiGate-7000s encounters a problem that would result in partial or complete loss of connectivity or reduced performance for a standalone FortiGate-7000. This failover protection provides a backup mechanism that can be used to reduce the risk of unexpected downtime, especially in a mission-critical environment.

To achieve failover protection in a FortiGate-7000 cluster, one of the FortiGate-7000s functions as the primary, processing traffic and the other as the secondary, operating in an active stand-by mode. The cluster IP addresses and HA virtual MAC addresses are associated with the interfaces of the primary. All traffic directed at the cluster is actually sent to and processed by the primary.

While the cluster is functioning, the primary FortiGate-7000 functions as the FortiGate network security device for the networks that it is connected to. In addition, the primary FortiGate-7000 and the secondary FortiGate-7000 use the HA heartbeat to keep in constant communication. The secondary FortiGate-7000 reports its status to the primary FortiGate-7000 and receives and stores connection and state table updates from the primary FortiGate-7000.

FortiGate-7000 HA supports three kinds of failover protection:

  • Device failure protection automatically replaces a failed device and restarts traffic flow with minimal impact on the network.
  • Module failure protection makes sure that traffic is processed by the FortiGate-6000 with the most operating FIMs and FPMs.
  • Link failure protection maintains traffic flow if a link fails.
  • Session failure protection resumes communication sessions with minimal loss of data if a device, module, or link failure occurs.

Failover protection

FortiGate-7000 HA supports failover protection to provide FortiOS services even when one of the FortiGate-7000s encounters a problem that would result in partial or complete loss of connectivity or reduced performance for a standalone FortiGate-7000. This failover protection provides a backup mechanism that can be used to reduce the risk of unexpected downtime, especially in a mission-critical environment.

To achieve failover protection in a FortiGate-7000 cluster, one of the FortiGate-7000s functions as the primary, processing traffic and the other as the secondary, operating in an active stand-by mode. The cluster IP addresses and HA virtual MAC addresses are associated with the interfaces of the primary. All traffic directed at the cluster is actually sent to and processed by the primary.

While the cluster is functioning, the primary FortiGate-7000 functions as the FortiGate network security device for the networks that it is connected to. In addition, the primary FortiGate-7000 and the secondary FortiGate-7000 use the HA heartbeat to keep in constant communication. The secondary FortiGate-7000 reports its status to the primary FortiGate-7000 and receives and stores connection and state table updates from the primary FortiGate-7000.

FortiGate-7000 HA supports three kinds of failover protection:

  • Device failure protection automatically replaces a failed device and restarts traffic flow with minimal impact on the network.
  • Module failure protection makes sure that traffic is processed by the FortiGate-6000 with the most operating FIMs and FPMs.
  • Link failure protection maintains traffic flow if a link fails.
  • Session failure protection resumes communication sessions with minimal loss of data if a device, module, or link failure occurs.