PrepAway - Latest Free Exam Questions & Answers

There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is c

There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A-s interface issues were resolved and it became operational. When it re-joins the cluster, will it become active automatically?

A. No, since -maintain current active cluster member- option on the cluster object properties is enabled by default

B. No, since -maintain current active cluster member- option is enabled by default on the Global Properties

C. Yes, since -Switch to higher priority cluster member- option on the cluster object properties is enabled by default

D. Yes, since -Switch to higher priority cluster member- option is enabled by default on the Global Properties

Explanation: What Happens When a Security Gateway Recovers?

In a Load Sharing configuration, when the failed Security Gateway in a cluster recovers, all connections are redistributed among all active members. High Availability and Load Sharing in ClusterXL ClusterXL Administration Guide R77 Versions | 31 In a High Availability configuration, when the failed Security Gateway in a cluster recovers, the recovery method depends on the configured cluster setting. The options are:

  • Maintain Current Active Security Gateway means that if one member passes on control to a lower priority member, control will be returned to the higher priority member only if the lower priority member fails. This mode is recommended if all members are equally capable of processing traffic, in order to minimize the number of failover events.
  • Switch to Higher Priority Security Gateway means that if the lower priority member has control and the higher priority member is restored, then control will be returned to the higher priority member. This mode is recommended if one member is better equipped for handling connections, so it will be the default Security Gateway.

Reference: http://dl3.checkpoint.com/paid/7e/7ef174cf00762ceaf228384ea20ea64a/CP_R77_ClusterXL_AdminGuide.pdf?HashKey=1479822138_31410b1f8360074be87fd8f1ab682464&xtn=.pdf


Leave a Reply