Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 7 subscribers
  • Views 8468 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Couple of questions about business continuity planning and cold standby units

Ralph Smith

I have a main office with an SG330, and several smaller offices with SG115s and SG125s.  In looking at possible backup scenarios for the devices, one option for the smaller offices would be to keep a cold standby SG125 unit with no licenses.  Then if one of the units fails at a smaller office, we would update the standby to the latest version, restore a backup config for that office and it should be good to go - correct? 

What happens with licensing on the standby unit - will it run with trial licenses for a week or so until I get the failed unit repaired or replaced, or do I need to transfer the licenses to the replacement unit?

Is this a valid approach?

At the main office, one option would be to get a second SG330 and run it as a passive hot standby.  Is there any reason, if I could find one, that I wouldn't be able to purchase a used one as the failover, or do I need to get a new one from Sophos?  We are non-profit with very little budget for buying new devices as backups.

 

At the main site, if the SG330 fails, would it work to install the downloadable version on a computer here, restore a backup of the SG330 and run that until the failed unit is replaced or repaired? Would there be any licensing issues?

 

Is it possible to install the downloadable version on a server here and use that as a passive hot standby, or does it need to be another appliance of the same model? 

Thanks for any comments. 



This thread was automatically locked due to age.
Parents
  • 0

    Hey Ralph.

    Let mee see if I can help you.

    "What happens with licensing on the standby unit - will it run with trial licenses for a week or so until I get the failed unit repaired or replaced, or do I need to transfer the licenses to the replacement unit?"

    If they are the same model, if I remember correctly, the license from the backup would be activated on the backup unit as you restore the backup. If they are different models the backup would restore as well, but you would need a new license before being able to fully activate the new unit.

    "At the main office, one option would be to get a second SG330 and run it as a passive hot standby.  Is there any reason, if I could find one, that I wouldn't be able to purchase a used one as the failover, or do I need to get a new one from Sophos?  We are non-profit with very little budget for buying new devices as backups."

    An active/passive cluster is always the best approach. It means zero downtime in case of a failure. I don't think Sophos have such a tight control over devices. As long as the device is of the same model, the active/passive cluster should just work. You actually pay for the subscription, so I don't think an appliance bought from a third party would be an issue, as long as it's an official hardware. Of course, you could not expect any warranty coverage, as RMA, over that device.

    "At the main site, if the SG330 fails, would it work to install the downloadable version on a computer here, restore a backup of the SG330 and run that until the failed unit is replaced or repaired? Would there be any licensing issues?"

    The backup would be restore and as long as you have the same number of network interfaces on both devices you should have no issue getting it up, but you would need a license for the Software version of UTM in order to be able to fully activate this backup device. Even a 30-day trial one would do, but you would need a license for the Software version as the SG330's license would not activate this install.

    "Is it possible to install the downloadable version on a server here and use that as a passive hot standby, or does it need to be another appliance of the same model? "

    You would actually might be able to form a cluster if the number of network interfaces matches, but ir order to have a working hot standby all devices need to be the same model, exactly because of licensing. Your standby might be able to take over, but would not be able to be activated all subscription features with SG330's license, so this is a no go anyway. 

    I hope this helps.

    Regards,

    Giovani

Reply
  • 0

    Hey Ralph.

    Let mee see if I can help you.

    "What happens with licensing on the standby unit - will it run with trial licenses for a week or so until I get the failed unit repaired or replaced, or do I need to transfer the licenses to the replacement unit?"

    If they are the same model, if I remember correctly, the license from the backup would be activated on the backup unit as you restore the backup. If they are different models the backup would restore as well, but you would need a new license before being able to fully activate the new unit.

    "At the main office, one option would be to get a second SG330 and run it as a passive hot standby.  Is there any reason, if I could find one, that I wouldn't be able to purchase a used one as the failover, or do I need to get a new one from Sophos?  We are non-profit with very little budget for buying new devices as backups."

    An active/passive cluster is always the best approach. It means zero downtime in case of a failure. I don't think Sophos have such a tight control over devices. As long as the device is of the same model, the active/passive cluster should just work. You actually pay for the subscription, so I don't think an appliance bought from a third party would be an issue, as long as it's an official hardware. Of course, you could not expect any warranty coverage, as RMA, over that device.

    "At the main site, if the SG330 fails, would it work to install the downloadable version on a computer here, restore a backup of the SG330 and run that until the failed unit is replaced or repaired? Would there be any licensing issues?"

    The backup would be restore and as long as you have the same number of network interfaces on both devices you should have no issue getting it up, but you would need a license for the Software version of UTM in order to be able to fully activate this backup device. Even a 30-day trial one would do, but you would need a license for the Software version as the SG330's license would not activate this install.

    "Is it possible to install the downloadable version on a server here and use that as a passive hot standby, or does it need to be another appliance of the same model? "

    You would actually might be able to form a cluster if the number of network interfaces matches, but ir order to have a working hot standby all devices need to be the same model, exactly because of licensing. Your standby might be able to take over, but would not be able to be activated all subscription features with SG330's license, so this is a no go anyway. 

    I hope this helps.

    Regards,

    Giovani

Children
No Data
Unfiltered HTML