McAfee MSA-3400-SWGI Installation Guide - Page 35

Cluster Management Configuration Standard appliance, Cluster Management Cluster Scanner, Benefits

Get McAfee MSA-3400-SWGI - Web Security Appliance 3400 PDF manuals and user guides View all McAfee MSA-3400-SWGI manuals
Add to My Manuals
Save this manual to your list of manuals

Page 35 highlights

Connecting and configuring the appliance Using the Configuration Console • One cluster failover. If the cluster master fails, the cluster failover will seamlessly take over the work of the cluster master. • One or more cluster scanners. They scan traffic according to the policies synchronized from the master. Note that the master and the failover can also scan traffic. Benefits • Scalable performance through load balancing multiple devices removes the need for costly upgrades. • Easier management through synchronization of configuration and updates, reducing administrative overhead. • Improved resilience through high availability, reducing possibility of unscheduled outages. • Improved intelligence through consolidated reports. Setting up the cluster All members of the cluster must be installed and configured separately. When configuring a master or failover, the administrator must do the following: • For Proxy or Transparent Router Mode, set a virtual IP address that is the same on both the master and failover. The cluster members then use VRRP to failover. • For Transparent Bridge, set up the cluster to use STP to failover. The bridge priority must be lower on the master (set by default). For all cluster members, the administrator must set the cluster identifier. This unique identifier ensures that members of the cluster are joined correctly. To create multiple clusters, you can use a different identifier for each cluster. Direct all network traffic that is to be scanned to the Cluster Master (or the virtual IP address if a Cluster Failover will be used. Managing the cluster Once configured, the cluster is joined automatically using the cluster identifier. The Dashboard on the cluster master lists the device and cluster type. The administrator then only needs to use the user interface of the cluster master for management, for example, setting scanning policies. The cluster master will then automatically push this configuration to the other cluster members. The cluster master collates: • Anti-virus updates • Reports • Queued email • McAfee Quarantine Manager (MQM) NOTE: Software patches need to be applied to each separate device in turn. Cluster Management Configuration (Standard appliance) Cluster management is disabled. Cluster Management (Cluster Scanner) Use this page to specify information for a scanning appliance. McAfee Email and Web Security Appliance 5.5 Installation Guide 35

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
One
cluster failover
. If the cluster master fails, the cluster failover will seamlessly take over
the work of the cluster master.
One or more
cluster scanners
. They scan traffic according to the policies synchronized from
the master.
Note that the master and the failover can also scan traffic.
Benefits
Scalable performance through load balancing multiple devices removes the need for costly
upgrades.
Easier management through synchronization of configuration and updates, reducing
administrative overhead.
Improved resilience through high availability, reducing possibility of unscheduled outages.
Improved intelligence through consolidated reports.
Setting up the cluster
All members of the cluster must be installed and configured separately.
When configuring a master or failover, the administrator must do the following:
For Proxy or Transparent Router Mode, set a virtual IP address that is the same on both the
master and failover. The cluster members then use VRRP to failover.
For Transparent Bridge, set up the cluster to use STP to failover. The bridge priority must
be lower on the master (set by default).
For all cluster members, the administrator must set the
cluster identifier
. This unique identifier
ensures that members of the cluster are joined correctly. To create multiple clusters, you can
use a different identifier for each cluster.
Direct all network traffic that is to be scanned to the Cluster Master (or the virtual IP address
if a Cluster Failover will be used.
Managing the cluster
Once configured, the cluster is joined automatically using the cluster identifier. The Dashboard
on the cluster master lists the device and cluster type.
The administrator then only needs to use the user interface of the cluster master for
management, for example, setting scanning policies. The cluster master will then automatically
push this configuration to the other cluster members.
The cluster master collates:
Anti-virus updates
Reports
Queued email
McAfee Quarantine Manager (MQM)
NOTE:
Software patches need to be applied to each separate device in turn.
Cluster Management Configuration (Standard appliance)
Cluster management is disabled.
Cluster Management (Cluster Scanner)
Use this page to specify information for a scanning appliance.
Connecting and configuring the appliance
Using the Configuration Console
35
McAfee Email and Web Security Appliance 5.5 Installation Guide