We'd love to hear about it! Click here to go to the product suggestion community
Is the web appliance capable of a high availability or clustering configuration? I am looking through the management appliance configuration guide and only see talk of having multiple deployments. We merely want a secondary available in the event of the primary's failure for whatever reason. How are other customers doing this? I see plenty of discussion for central policy management and multi-site orgs but nothing that leads to what I'm looking for.
That depends on your deployment mode. There is nothing stopping you from having 2-3 virtual appliances for redundancy however the appliances themselves do not offer any sort of ha in that respect. Traffic must be sent to the appliance.
For example, if you are doing transparent redirection with WCCP the asa would figure out that appliance 46 is down and route the requests to the next member in the WCCP pool.
if you are in explicit mode, you could use a proxy .pac file to figure out what appliance to use.
likewise you can also create a VIP on the management appliance. This is is a simple yet effective way to load balance between managed appliances.
lastly : if you have a bridged appliance, the hardware card itself will fail open, so even if the appliance dies the gateway is still accessible.
if as you suggest you just want a backup you can flip on / off.. just deploy a vm in esxi and leave it off but configured.. in the event the applaince dies you could power it up, apply any updates and you're off and running.