Load Balancing ContentKeeper With RadWare

Similar documents
Debugging Network Communications. 1 Check the Network Cabling

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

Blue Coat Security First Steps Transparent Proxy Deployments

SOLUTION GUIDE. Radware & CyberGuard Complete Security Solutions offering Load Balancing, High Availability and Bandwidth Management.

Best Practices: Pass-Through w/bypass (Bridge Mode)

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

Starting a Management Session

How to Configure an Initial Installation of the VMware ESXi Hypervisor

Voice Over Internet Protocol (VoIP) Configuration

QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management. Lab 4: Remote Monitoring (RMON) Operations

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

SURF Feed Connection Guide

Computer Networking. Definitions. Introduction

Networking and High Availability

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Overview of WebMux Load Balancer and Live Communications Server 2005

Unpacking the Product. Rack Installation. Then, use the screws provided with the equipment rack to mount the firewall in the rack.

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

Configuring Redundancy

EXINDA NETWORKS. Deployment Topologies

Teldat Router. ARP Proxy

Using Cisco UC320W with Windows Small Business Server

Deploying Secure Internet Connectivity

50-Port 10/100/1000Mbps with 4 Shared SFP. Managed Gigabit Switch WGSW Quick Installation Guide

Session Title: Exploring Packet Tracer v5.3 IP Telephony & CME. Scenario

Knowledgebase Solution

H0/H2/H4 -ECOM100 DHCP & HTML Configuration. H0/H2/H4--ECOM100 DHCP Disabling DHCP and Assigning a Static IP Address Using HTML Configuration

Cisco S380 and Cisco S680 Web Security Appliance

Elastix SIP Firewall. Quick Installation Guide

iboss Enterprise Deployment Guide iboss Web Filters

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

Prestige 650R-31/33 Read Me First

NETFORT LANGUARDIAN INSTALLING LANGUARDIAN ON MICROSOFT HYPER V

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Quick Start Guide. Cisco Small Business. 200E Series Advanced Smart Switches

Planning for Information Network

QUICK START GUIDE. Cisco C170 Security Appliance

Networking and High Availability

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Basic Router and Switch Instructions (Cisco Devices)

Multi-Homing Dual WAN Firewall Router

VLAN 802.1Q. 1. VLAN Overview. 1. VLAN Overview. 2. VLAN Trunk. 3. Why use VLANs? 4. LAN to LAN communication. 5. Management port

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Configuring the Fabric Interconnects

Technical Support Information

Mobility System Software Quick Start Guide

SSL-VPN 200 Getting Started Guide

Optimum Business SIP Trunk Set-up Guide

First Installation Guide

FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall

Quick Start Guide. Cisco Small Business. 300 Series Managed Switches

White Paper Copyright 2011 Nomadix, Inc. All Rights Reserved. Thursday, January 05, 2012

SonicOS Enhanced Release Notes

Industrial L2+ Managed Gigabit/ 10 Gigabit Ethernet Switch. IGS-5225 Series. Quick Installation Guide

ON HOLD ANNOUNCER. Once you receive your audio announcer, check the packaging to ensure that all of the following items are enclosed:

Chapter 6 Using Network Monitoring Tools

Dominion KX II-101-V2

AT-S84 Version ( ) Management Software for the AT-9000/24 Gigabit Ethernet Switch Software Release Notes

Load Balancing for esafe Gateway 3.0 when using Alteon s AD2 or AD3

This techno knowledge paper can help you if: You need to setup a WAN connection between a Patton Router and a NetGuardian.

How To - Deploy Cyberoam in Gateway Mode

ProSAFE 8-Port and 16-Port Gigabit Click Switch

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Acellus Lab Cart. User s Manual. Version 4B. Acellus Corporation Copyright 2010 Acellus Corporation. All Rights Reserved.

Chapter 3 LAN Configuration

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Unified Access Point Administrator's Guide

Lab 2 - Basic Router Configuration

Chapter 6 Using Network Monitoring Tools

Configuring the BIG-IP and Check Point VPN-1 /FireWall-1

Deployment Guide: Transparent Mode

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

1 PC to WX64 direction connection with crossover cable or hub/switch

Read Me First for the HP ProCurve Routing Switch 9304M and Routing Switch 9308M

Section 5: Installing the Print Driver

StarMOBILE Network Configuration Guide. A guide to configuring your StarMOBILE system for networking

ALOHA Load Balancer Quickstart guide

Savvius Insight Initial Configuration

Configuring IPS High Bandwidth Using EtherChannel Load Balancing

Broadband Phone Gateway BPG510 Technical Users Guide

Connecting the DG-102S VoIP Gateway to your network

WAN Failover Scenarios Using Digi Wireless WAN Routers

External Storage 200 Series. User s Manual

Draytek Vigor 2820/2830 Configuration. A guide for Exa Resellers and IT Contractors

A typical router setup between WebSAMS and ITEd network is shown below for reference. DSU. Router

Trouble Shooting SiteManager to GateManager access

Secure Proxy Server Installation Guide

Coyote Point Systems White Paper

Using AnywhereUSB to Connect USB Devices

Networking Basics for Automation Engineers

Introduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console

Video Conferencing and Firewalls

Technical Note. Monitoring Ethernet Traffic with Tolomatic ACS & Managed Switch. Contents

CCNP SWITCH: Implementing High Availability and Redundancy in a Campus Network

How To Set Up A Netvanta For A Pc Or Ipad (Netvanta) With A Network Card (Netvina) With An Ipa (Net Vanta) And A Ppl (Netvi) (Netva)

Application Description

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

F-SECURE MESSAGING SECURITY GATEWAY

Transcription:

Load Balancing ContentKeeper With RadWare The RadWare Fireproof may be used with ContentKeeper to provide load balanced and redundant Internet content filtering for your network. The RadWare FireProof will provide dynamic load balancing of all IP traffic between all of the ContentKeeper appliances in the farm. The FireProof also provides fault tolerance or fail-over between ContentKeeper appliances. This coupled with the High Availability Module provides effective multi-layer dynamic load balancing and redundancy. Two RadWare FireProof AS1 10 Port (2 x Gigabit, 8 x 10/100) Application Switches may be used to dynamically load balance up to seven ContentKeeper appliances. Two RadWare FireProof AS2 21 Port (5x Gigabit, 16 x 10/100) Application Switches may be used to dynamically load balance up to fifteen ContentKeeper appliances. This document outlines the procedures involved in setting up and configuring a load balanced appliance farm. Refer to the network diagram on the next page when setting up.

Example Network Diagram Load Balancing ContentKeeper with RadWare This diagram represents a typical load balanced ContentKeeper deployment. This deployment is simple to set up and requires a minimal amount of configuration.

Diagram Excerpt This diagram is an excerpt of the network diagram on the previous page. It has been included here for convenience. The setup that this diagram details contains only a few network components including: A Router A Switch Two RadWare FireProof load balncing devices A number of ContentKeeper appliances Any number of ContentKeeper appliances up to fifteen may be load balanced using this configuration. For farms of up to seven ContentKeeper appliances use the FireProof AS1 ten port and for farms of eight to fifteen appliances use the FireProof AS2 twenty-one port. Contact ContentKeeper Technologies for more information on obtaining RadWare equipment.

Deploying Load Balanced ContentKeeper Appliances The procedure outlined below was designed from the perspective of someone who is building a new network and may not be suitable for an environment where a network already exists. Deploying a load balanced ContentKeeper installation in such an environment requires minimal reconfiguration and minimal downtime of the existing environment. The example deployment outlined in this document may be modified to suit environments with more demanding requirements. See the following notes. Customising The Example Deployment Use the following suggestions to help when using and customising the example load balanced ContentKeeper deployment. Attach the router to the local network and teach it to access the Internet from there. This is so that the load balanced installation may be successfully tested without disrupting network wide Internet access. Place a HUB between FireProof-1 and the router then attach a workstation to the HUB. This creates a simple, direct connection to the configuration interface without traversing the router or FireProof. Deploy this installation to the leg of a proxy server or firewall by replacing the router with the proxy server or firewall. All procedures apply to routers, proxy servers and firewalls.

Overview The following is an overview of the procedure used to configure the setup in the example network diagram above. Parts of this procedure refer to the example network diagram. Part 1 - Install 1. Configure the management interface with an IP address. 2. Install the FireProofs 3. Connect the management ports 4. Connect the ContentKeeper appliances 5. Install ConfigWare Part 2 - Configure 6. Configure VLANs 7. Assign IP addresses to interfaces 8. Set up the firewall tables 9. Configure default and static routes on the FireProofs 10. Configure default and static routes on the remaining network devices (including firewalls, routers and workstations) 11. Configure connectivity checks and test the deployment Part 1 - Install Refer to the RadWare FireProof User Guide, Chapter 2, for more detailed information. The PDF version is available for download from www.contentkeeper.com. Ensure All Prior Configuration Is Removed Accessing the boot menu by pressing a key in the specified time and selecting q for erase configuration from flash

Assigning An IP Address To The Management Interface You must assign an IP address to each FireProof before you can configure it. The IP address may be assigned via a terminal session. The connection parameters are: Baud: 19200 Data Bits: 8 Parity: None Stop Bits: 1 Flow Control: None You may find it more convenient to assign the IP address before placing the FireProof in a rack or cabinet. 1. Use a terminal emulator, such as hyper terminal, to connect to the serial interface on the front of the FP. 2. Edit a menu item by entering its number and pressing <return>. Configure the FireProof with an IP address (IP3), a subnet mask, a default rout and a management interface (which should be port 1). Use the default values for the remaining settings by pressing the <RETURN> key while at the Enter your choice? prompt until all default valued have been automatically entered and you are asked to Continue with the new configuration (y/n)? 3. Confirm the new configuration by pressing <y> <return> and the FireProof will restart. 4. Repeat the procedure for the second FireProof (IP7). Note: Do not configure a default route at this point.

Install The FireProofs, Connect The Configuration Interfaces & Connect The ContentKeeper Appliances Place the FireProofs in the production environment (i.e. a rack or cabinet) and apply power to them. Attach Ethernet port 1 on FireProof-1 to the internal interface of your Internet router. Attach Ethernet port 1 on FireProof-2 to the internal network. 1. Attach Bridge Port 1 of ContentKeeper 1 to port 2 on FireProof-1. Attach Bridge Port 2 of ContentKeeper 1 to port 2 on FireProof-2. 2. Attach Bridge Port 1 of ContentKeeper 2 to port 3 on FireProof-1. Attach Bridge Port 2 of ContentKeeper 2 to port 3 on FireProof-2. 3. Repeat the above process for the rest of the ContentKeeper appliances. Install ConfigWare For each FireProof, install ConfigWare on a workstation that is connected to the same subnet as the FireProof configuration interface. Refer to the RadWare FireProof User Guide, Part 2-11, for more detailed information. The PDF version is available for download from www.contentkeeper.com. Part 2 - Configure Procedures in this section are outlined on a per-fireproof basis. Screen shots are only included for one FireProof as they are the same for both, and as the procedures are almost identical, the differing steps have been highlighted for the second FireProof. All Screen shots are taken from FireProof-1 in the example. Launch ConfigWare And Connect To The FireProofs Configuring VLANs 1. Open VLAN in the Device menu on FireProof-1 and add interface F-1 to the default VLAN 100001.

2. Perform the same procedure on FireProof-2. Assigning IP Addresses To Interfaces 1. Open Interface Parameters under IP Router in the Router menu on FireProof-1 and insert an IP address for each ContentKeeper appliance. Ensure that it is assigned to the correct interface. Important: Each IP Address assigned for a ContentKeeper appliance must be on a different IP subnet. Refer to the example network diagram, IP4, IP5 and IP6. 2. Use the default values for Fwd Broadcast and Broadcast Type.

3. Repeat the procedure for FireProof-2. Ensure that the IP addresses assigned are on the correct subnet and do not clash with already assigned addresses. Refer to the example network diagram, IP8, IP9, and IP10. Setting Up Firewall Tables WARNING! You must have a device connected to a port with a link light for each entry in the firewall table that you want to make. The best practise is to connect the ContentKeeper appliances before configuring the FireProofs. 1. Open the Firewall Table from the FireProof menu on FireProof-1 and add one firewall for each ContentKeeper appliance. Use the IP address of the ports on FireProof-2. Refer to the example network diagram, IP8, IP9 and IP10. 2. Repeat the procedure for FireProof-2, but reverse the IP addresses used. Refer to the example network diagram, IP4, IP5 and IP6.

Configuring Default And Static Routes On The FireProofs 1. Open Routing Table from the Router menu on FireProof-1 and ensure that there are routes for each defined IP address as well as a default route. The default route for FireProof-1 should be the IP address of the internal interface of the router. 2. Add a static route to map the internal network (172.16.0.0 based on the example) to any one of the addresses in the firewall table. When a packet traverses this route, the FireProof sees that it is destined for an address in the firewall table and automatically load balances the incoming traffic between all addresses in the firewall table. 3. Perform only step 1 for FireProof-2. The default route for FireProof-2 is one of the addresses in its firewall table. Configuring Default And Static Routes On Network Devices The following routes must be configured in order for traffic to traverse the deployment in both directions. The Router must have a default route that will allow traffic to get to the Internet. This also applies to Firewalls and Proxy servers. The Router must have a static route that maps the internal network (172.16.0.0 based on the example) to the configuration interface address of FireProof-1. This also applies to Firewalls and Proxy servers. Network devices that are behind FireProof-2 (i.e. on the internal network) must have their gateway address set to the configuration interface address of FireProof-2.

Important Points To Consider Ensure that the ContentKeeper appliances are passing traffic. Ensure that two bridge ports are never plugged into the same network. Erase any existing configuration from the FireProofs before starting. Refer to the RadWare FireProof User Guide for detailed information such as FireProof hardware specifications and protocol information.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information