Allen Pomeroy » papers http://www.pomeroy.us IT security thoughts and personal stuff Sat, 28 Jan 2012 08:55:00 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 High availability firewalls with OpenBSD, pf and CARP http://www.pomeroy.us/2009/05/high-availability-firewalls-with-openbsd-pf-and-carp/ http://www.pomeroy.us/2009/05/high-availability-firewalls-with-openbsd-pf-and-carp/#comments Fri, 15 May 2009 21:42:03 +0000 apomeroy http://blog.networkforensics.us/?p=61 One can now inexpensively build a fault tolerant firewall cluster that removes any single point of failure in the security policy enforcement points at your security zone boundaries. Synchronous firewall state table updates and an open source version of virtual router redundancy protocol (CARP) gives the ability to seamlessly insert or remove firewalls from a cluster. No more patching firewalls at 2am hoping for the best (or not patching because it’s too hard).

PDF

]]> http://www.pomeroy.us/2009/05/high-availability-firewalls-with-openbsd-pf-and-carp/feed/ 0