FortiGate-7000 HA supports failover protection to provide FortiOS services even when one of the FortiGate-7000s encounters a problem that would result in partial or complete loss of connectivity or reduced performance for a standalone FortiGate-7000. This failover protection provides a backup mechanism that can be used to reduce the risk of unexpected downtime, especially in a mission-critical environment.
To achieve failover protection in a FortiGate-7000 cluster, one of the FortiGate-7000s functions as the primary, processing traffic and the other as the secondary, operating in an active stand-by mode. The cluster IP addresses and HA virtual MAC addresses are associated with the interfaces of the primary. All traffic directed at the cluster is actually sent to and processed by the primary.
While the cluster is functioning, the primary FortiGate-7000 functions as the FortiGate network security device for the networks that it is connected to. In addition, the primary FortiGate-7000 and the secondary FortiGate-7000 use the HA heartbeat to keep in constant communication. The secondary FortiGate-7000 reports its status to the primary FortiGate-7000 and receives and stores connection and state table updates from the primary FortiGate-7000.
FortiGate-7000 HA supports four kinds of failover protection:
- Device failure protection automatically replaces a failed device and restarts traffic flow with minimal impact on the network.
- FIM failure protection makes sure that traffic is processed by the FortiGate-7000 with the most operating FIMs.
- Link failure protection maintains traffic flow if a link fails.
- FPM failure protection makes sure that traffic is processed by the FortiGate-7000 with the most operating FPMs.
- Session failure protection resumes communication sessions with minimal loss of data if a device, module, or link failure occurs.