search

McAfee FIREWALL 2.10 Bedienungsanleitung Seite 4

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 26
  • Inhaltsverzeichnis
  • LESEZEICHEN
    • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 3
Benefits of Implementing a Load Balancer
Since secure, reliable and available Internet access is essential and not just a luxury, steps must be taken to
ensure 100% up time. Loadbalancer.org appliances provide the perfect solution by allowing multiple Web
Gateway devices to be deployed in a load balanced and highly available cluster. Benefits include:
High-Availability – If a Web Gateway fails, service is not interrupted
Maintenance – Web Gateways can easily be taken out of the cluster for maintenance
Performance – For additional performance simply add more Web Gateways to the cluster
Load Balancer Configuration Options
The following sections describe the various load balancer configuration methods that are possible when load
balancing Web Gateways.
Layer 4 (Recommended)
DR Mode - Direct Server Return Mode (Recommended)
In this mode, traffic from the client to the Web Gateway passes via the load balancer, return traffic passes
directly back to the client which maximizes performance. Direct routing works by changing the destination
MAC address of the incoming packet on the fly which is very fast. This mode is transparent by default
meaning that the Web Gateway sees the real client IP address and not the IP address of the load balancer.
Due to its speed, overall simplicity and effectiveness, Direct Routing (DR) mode with source IP persistence is
our recommended method and can be used in both proxy mode & transparent (routed) proxy mode.
NAT Mode - Network Address Translation Mode
This mode requires the implementation of a two-arm infrastructure with an internal and external subnet to
carry out the translation (the same way a firewall works). The real servers (i.e. the Web Gateways) must
have their default gateway configured to be the load balancer. It offers high performance and like DR mode is
transparent by default.
Layer 7
SNAT / HAProxy Mode - Source Network Address Translation
Using HAProxy in SNAT mode means that the load balancer is acting as a full proxy and therefore it doesn't
have the same raw throughput as the layer 4 methods. Also, this method is not transparent by default so the
real servers will see the source address of each request as the load balancers IP address. This is generally
not desirable although this can be resolved in two ways; either by reading the X-Forwarded-For header that's
included by default when using HAProxy, or by enabling Tproxy on the load balancer. The issues with using
Proxy are that the default gateway on the real servers (i.e. the Web Gateways) must be changed to point as
the load balancer and also it requires a two-arm infrastructure with two subnets which complicates the
deployment.
SNAT mode does not have the raw throughput of the layer 4 solutions and is therefore not normally used for
Web Gateway / Proxy load balancing deployments.
4
Seitenansicht 3
1 2 3 4 5 6 7 8 9 ... 25 26

Kommentare zu diesen Handbüchern

Keine Kommentare
Verwandte Produkte und Handbücher für Hardware-Firewalls McAfee FIREWALL 2.10
Hardware-Firewalls McAfee FIREWALL 2.10 Bedienungsanleitung   (5 Seiten)
Hardware-Firewalls McAfee SG720 Installationsanleitung   (32 Seiten)
  • Shaan Red lightning Sure Comfort QEP Burnham
  • Keurig Kaffeemacher Horizon Fitness Fitness, Gymnastik & Krafttraining Remington Rasierer für Frauen Marantz MP3 / MP4-Player Aerocool Netzteile
  • Power Acoustik C 1b AG Neovo C-17P Kodak P86
  • Acer PD311 Betriebsanweisung Samsung 150MB Bedienungsanleitung Samsung 961BF Bedienungsanleitung Samsung PS51E550D1W Bedienungsanleitung