Check Point ClusterXL Overview:
ClusterXL® provides high availability and load sharing
to keep businesses running by distributing traffic among
clusters of redundant gateways so that the computing
capacity of multiple machines may be combined to increase
total throughput.
Your Challenge:
High availability and load sharing are vital requirements
for any businesscritical firewall or VPN deployment.
However, setup and administration can be a complex,
time-consuming task. Additional hardware deployment,
software configuration, and monitoring can combine to
significantly increase the total cost of ownership.
Our Solution:
ClusterXL® is a software-based high availability
and load sharing solution for Check Point gateways.
It enables the distribution of traffic among multiple,
redundant gateways so that computing capacity may be
combined to increase total throughput. In the event
that an individual gateway becomes unreachable, all
connections are redirected without interruption to a
backup. Tight integration with Check Point management
and enforcement points ensures that ClusterXL deployment
is simple.
Features & Benefits:
Product Features
- Transparent failover of all connections
- Software-based load sharing
- Tight integration with Check Point gateways
Product Benefits
- Provides resilient security
- Does not require additional hardware
- Simplifies deployment and administration
Resilient security
ClusterXL maintains resilient security for all connections
during failover, including VPN connections. If a primary
gateway becomes unavailable, all sessions continue securely
without interruption. Users will have to neither reconnect
and reauthenticate nor notice that an alternate gateway
has taken over.
Load sharing
With load sharing, ClusterXL can expand the performance
capability of VPNs by distributing traffic between multiple
gateways. Up to five gateways may be added to a cluster.
ClusterXL provides
seamless failover and load sharing for mission-critical
Check Point gateway deployments.
Integrated management
ClusterXL setup parameters are configured directly from
the Check Point SmartDashboard™. If a failover occurs,
the event is logged, and an alert can be automatically
sent to an administrator via email, SNMP, text message,
and more. The status of all gateway clusters can be
viewed in real-time using Check Point SmartView Status™.
The result is a powerful, integrated management solution
that is simple to deploy and requires minimal ongoing
overhead.
Auto recovery and hot swap
Gateways may be added to or removed from a functioning
cluster without reconfiguring or restarting the cluster.
For example, if a failure occurs because of an operating
system problem, the failed machine could automatically
restart (if the operating system has been configured
for automatic reboot) and reenter the cluster without
administrator intervention. This enables maintenance
of cluster machines during normal business hours with
no service disruption.
Health Check
ClusterXL incorporates a programmable Health Check
that continuously monitors gateway processes. It enables
a proactive response to a range of problems that may
not represent catastrophic failures, but can affect
overall system performance and reliability.
In addition to detecting VPN-1®/FireWall-1® failures,
Health Check can determine system condition by communicating
with third-party applications. For example, a disk space
agent may notify Health Check if the amount of available
disk space reaches a predefined minimum. The system
can then respond by forcing a failover to a backup gateway.
Deployment and
ongoing administration of ClusterXL is simplified through
tight integration with Check Point Smart Management
Architecture.
Check
Point ClusterXL