Back=right mouse click.
IWSVA provides native High Availability (HA) to ensure business continuity using active/passive pairs deployed in Transparent Bridge mode.
Note: The IWSVA HA solution currently only supports active/passive pairs in “Transparent Bridge mode for High Availability.” It only supports two HA nodes in one HA cluster. Redundancy among multiple IWSVAs deployed in the other supported deployment modes is handled externally to IWSVA. Specifically, load balancers support redundancy in any of the proxy modes. The Cisco WCCP device can manage traffic to redundant IWSVAs in WCCP mode. The ICAP client can manage traffic to redundant IWSVAs in ICAP mode.”
The four terms to describe HA cluster members are:
Active member—The IWSVA unit providing real-time content scanning.
Passive member—The IWSVA unit in passive standby mode.
Parent member—The IWSVA unit responsible for accepting all configuration changes and synchronizing the policy and configuration with the child member.
Child member—The IWSVA unit that is receiving the policy and configuration changes in the background.
HA switchover can be automatic (failover) or manual.
For failover:
IWSVA's HA service monitors the critical services of the IWSVA application and the underlying OS for failures. If an abnormality occurs on the active unit, the HA service switches from the active node to the passive node automatically.
Some of the administrator's HA management operations—like joining of a node or the shutdown of the parent—can trigger an automatic switchover. HA handles this type of switchover gracefully and automatically.
For manual switchover:
Administrators can manually force an HA switch over using the Web console on the parent node.
Notes: 1) HA disables the LAN By-pass feature. It is not required with HA. 2) HA requires the enabling of the Spanning Tree Protocol (STP). This prevents the creation of Layer 2 loops in the network. 3) If the switch used by the HA solution supports Rapid Spanning Tree Protocol (RSTP), then this requires that STP be disabled on the IWSVA to provide faster switching.