Fortinet black logo

Administration Guide

Home FortiSandbox 3.2.1 Administration Guide

Requirements before Configuring a HA-Cluster

3.2.1
4.4.5
4.4.4
4.4.3
4.4.2
4.4.1
4.4.0
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.0.5
4.0.4
4.0.3
4.0.2
4.0.1
4.0.0
3.2.4
3.2.3
3.2.2
3.2.1
3.2.0
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.1.0
3.0.7
3.0.6
Copy Link
Copy Doc ID 14b43c77-e163-11ea-96b9-00505692583a:522775
Download PDF

Requirements before Configuring a HA-Cluster

  1. The scan environment on all cluster nodes should be the same.

    For example, the same set of Windows VM should be installed on all nodes so the same scan profile can be used.

  2. Port3 on all nodes should be connected to the Internet separately.
  3. All nodes should be on the same firmware build.
  4. Each node should have a dedicated network port for internal cluster communication.

    Internal cluster communication is encrypted and includes:

    • Job dispatch
    • Job result reply
    • Setting synchronization
    • Cluster topology broadcasting

    We recommend that these ports be connected to the same switch and have IP addresses in the same subnet. If the job load is heavy, we recommend using the 10G fiber port as the internal communication port.
    Note

    Port1 and any other administrative port set through the CLI command set admin-port are not recommended to be used as the internal communication port.
Previous
Next

Requirements before Configuring a HA-Cluster

  1. The scan environment on all cluster nodes should be the same.

    For example, the same set of Windows VM should be installed on all nodes so the same scan profile can be used.

  2. Port3 on all nodes should be connected to the Internet separately.
  3. All nodes should be on the same firmware build.
  4. Each node should have a dedicated network port for internal cluster communication.

    Internal cluster communication is encrypted and includes:

    • Job dispatch
    • Job result reply
    • Setting synchronization
    • Cluster topology broadcasting

    We recommend that these ports be connected to the same switch and have IP addresses in the same subnet. If the job load is heavy, we recommend using the 10G fiber port as the internal communication port.
    Note

    Port1 and any other administrative port set through the CLI command set admin-port are not recommended to be used as the internal communication port.
Previous
Next