High Availability (HA) is a clustering technology which is used to maintain uninterrupted service in the event of power, hardware or software failure. Sophos Firewall devices can be configured in Active-Active or Active-Passive HA modes. The Devices (The Primary and Auxiliary Device) are physically connected over a dedicated HA link port.
In Active-Active mode, both the Primary Device and Auxiliary Device process traffic while the primary unit is in charge of balancing the traffic. The load balancing is decided by the Primary Device. The Auxiliary Device can only take over if the primary unit experiences a power/hardware/software failure.
In Active-Passive mode, only the Primary Device processes traffic while the Auxiliary Device remains in stand-by mode, ready to take over if the Primary Device experiences a power/hardware/software failure.
Applies to the following Sophos products and versions Sophos Firewall
system diagnostics show version-info
Dedicated HA Link Ports connected directly over either a crossover or straight through cable
Dedicated HA Link Ports connected indirectly over a switch
To check the status of HA, go to the Control Center and locate the HA Details. It displays the configured HA mode.
HA status can also be verified from the CLI console by following the steps below:
system ha show details
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.