Allen Pomeroy » papers http://www.networkforensics.us Blog of an IT security specialist .: beta :. Sun, 07 Feb 2010 18:06:34 +0000 en hourly 1 High availability firewalls with OpenBSD, pf and CARP http://www.networkforensics.us/2009/05/high-availability-firewalls-with-openbsd-pf-and-carp/ http://www.networkforensics.us/2009/05/high-availability-firewalls-with-openbsd-pf-and-carp/#comments Fri, 15 May 2009 21:42:03 +0000 edhacker http://blog.networkforensics.us/?p=61 One can now inexpensively build a fault tolerant firewall cluster that removes any single point of failure in the security policy enforcement points at your security zone boundaries. Synchronous firewall state table updates and an open source version of virtual router redundancy protocol (CARP) gives the ability to seamlessly insert or remove firewalls from a cluster. No more patching firewalls at 2am hoping for the best (or not patching because it’s too hard).

PDF

]]> http://www.networkforensics.us/2009/05/high-availability-firewalls-with-openbsd-pf-and-carp/feed/ 0