Thread Info
  • Locked Locked
  • Replies 3 replies
  • Subscribers 7 subscribers
  • Views 5259 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High Availability Software + Appliance

ChrisBell

Hi there,

Has anybody had any luck getting HA to work with a physical and software unit in the cluster?

Is this a supported feature?

Cheers,

Chris



This thread was automatically locked due to age.

  • Hi Chris,

    Normally cannot, but this is a good idea for redundant hardware failure and waiting for replacement.

    You can refer this Article ID: 120973 for a HA setup

    https://community.sophos.com/kb/en-US/120973

    Thanks

    ChuongDT

  • Hi Chris.

    Not supported. Your hardware needs to be identical, down to the hardware revision of the appliance, for a working cluster.

    You can, however, have a hardware with Sophos UTM software installed sitting around and restore a backup from your hardware appliance on it in case of a disaster. You'll need to make sure to keep regular backups of your UTM appliance and that this backup UTM is always updated to the same version as your hardware appliance. It also needs at least the same number of network interfaces as your hardware appliance for a fast recovery, otherwise you might have some issues with network interfaces being swaped when you restore a backup from an appliance. If you can do that, you can recover from a failure in minutes, but it will be a very manual intervention. Test it out, map which hardware network interfaces get assigned to which ethX after a restore, and you can have at least a plan for a rainy day.

    My two cents: get a second appliance. It will pay itself very quickly if you have a business need that requires no interruption.

    EDIT: there's the matter of the license here. Your software install will not be activated by the license from the hardware appliance backup. You'll need to get a trial license from your Sophos partner or install the UTM software on the hardware right before restoring the backup. That will give you 30 days to work things out, and it means keeping an updated ISO at hand.

    EDIT 2: sorry about that link, I was replying on my mobile and it got there somehow

    Again, get a second appliance. The cost is not worth the trouble of keeping an alternative.

    Regards,

    Giovani

  • Hi, Chris, and welcome to the UTM Community!

    If by "hardware," you mean a Sophos/Astaro hardware appliance, then you've already gotten your answer from Diep and Giovani.  If you mean that you have your own hardware and are running the UTM software appliance on it, then the answer to your question is "yes" if you configure both with the same number of active NICs.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML