We have 3 Stonebeat Full cluster installations here, each with 2
firewall nodes configured. The first install was a bit tricky, but after
the second, we've got it down to an art. You'll have to configure
static multicasting on your switches and place static routes on
your routers at the network level.. The firewall installation is the
same and stonebeat gets installed after you've configured the fw.
Make sure you read the manual very carefully as you do the install.
We are still having a problem failing over our Cisco-Checkpoint
VPN's and are forcing those sessions to one firewall. You have to
enable ip-pools to handle your securemote sessions. We're using
RFC 1918 addresses for those and it works great. Overall, I'm very
pleased with the product...the load balancing, and failover work
great..Full cluster uses checkpoints state table syncronization.
Once the initial configuration is complete it's fairly trivial to add
nodes to a cluster, although one still has to have a decent amount
of UNIX / Router / Switch experience. Monitoring is fairly straight
forward and the filtering and configuration files are easy to
manipulate and understand.
One of these days, I'm going to try the Rainfinity product and the
Resilience product. Resilience is hardware failover but is limited to
only 4 ports. Our current deployments are huge and 4 ports won't
suffice. The demo was pretty cool though....failed over ftp and
PCAnywhere via securemote without a hitch...Good luck on your
decision. You'd probably think I work for Stonebeat, but no...I've
just had success with their product. And their support is
excellent...-BK
On 21 Jun 2000, at 17:22, Chuck Melanson wrote:
>
> Hello all,
>
> Thanks for all the replies on the Gauntlet hater email - I know it
> sounded bad, but I do try to sell solutions before products, but in that
> case the circumstances required it.
>
> I do have the need for a load balancing / fault tolerance solution, I
> have talked with Stonesoft / Nokia / Radware sales reps, and have heard
> a lot of nice stories, but need some real world experiences. I don't
> have the luxery of a test-bed environment before installation, so I'm
> going to have to make the best judgement call based on the information
> that I get.
>
> Can anyone send their experiences with these two products my way -
> anything about licensing, adding nodes, management, etc. Keep in mind
> that it will be end-user managed.
>
> Thanks,
> Chuck.
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
