Fortinet Document Library

Version:


Table of Contents

About FortiWeb for Azure

Deploying FortiWeb on Azure

Use Case: High Availability for FortiWeb on Azure

Deploying Auto Scaling on Azure

Deploying FortiWeb-VM on Azure Stack

  • Select version:
  • 6.1
6.1.1
Download PDF
Copy Link

Overview

FortiWeb's High Availability (HA) solution on Azure uses Azure load balancer to achieve Active-Active HA and Active-Passive HA.


The following resources will be created in the deployment process:

  • A load balancer with public IP address.
  • Two FortiWeb-VM instances. By default, these two VMs are added in the load balancer's backend pool. We only support two FortiWeb-VMs in an HA group on Azure.
  • A public facing subnet connecting the FortiWeb outgoing interface (port1) to the load balancer.
  • A private subnet where one or more web application VMs that FortiWeb protects are located.

All the web traffic passes through the load balancer first, then it is directed to a collection of VMs called a backend pool. In this case, the pool consists of FortiWeb-VM1 and FortiWeb-VM2.

  • In the Active-Active HA scenario, the web traffic is distributed between ForiWeb-VM1 and FortiWeb-VM2.
  • In the Active-Passive HA scenario, the web traffic is directed only to the master node (the above graph assumes FortiWeb-VM1 is the master node). When FortiWeb-VM1 fails to operate, the load balancer will distribute the traffic to the new master node FortiWeb-VM2.

Please note that on public cloud platform, configurations are synchronized through FortiWeb's HA feature, but the traffic distribution among HA cluster members is achieved by the load balancer instead.

 

 

 

 

Overview

FortiWeb's High Availability (HA) solution on Azure uses Azure load balancer to achieve Active-Active HA and Active-Passive HA.


The following resources will be created in the deployment process:

  • A load balancer with public IP address.
  • Two FortiWeb-VM instances. By default, these two VMs are added in the load balancer's backend pool. We only support two FortiWeb-VMs in an HA group on Azure.
  • A public facing subnet connecting the FortiWeb outgoing interface (port1) to the load balancer.
  • A private subnet where one or more web application VMs that FortiWeb protects are located.

All the web traffic passes through the load balancer first, then it is directed to a collection of VMs called a backend pool. In this case, the pool consists of FortiWeb-VM1 and FortiWeb-VM2.

  • In the Active-Active HA scenario, the web traffic is distributed between ForiWeb-VM1 and FortiWeb-VM2.
  • In the Active-Passive HA scenario, the web traffic is directed only to the master node (the above graph assumes FortiWeb-VM1 is the master node). When FortiWeb-VM1 fails to operate, the load balancer will distribute the traffic to the new master node FortiWeb-VM2.

Please note that on public cloud platform, configurations are synchronized through FortiWeb's HA feature, but the traffic distribution among HA cluster members is achieved by the load balancer instead.