04-19-2018 11:00 AM - edited 02-21-2020 07:39 AM
Hello Security team,
I am using Fortigate Firewall right now, For redundancy I want to add one more firewall but not FortiGate.
I want to add Cisco ASA Firewall and want to configure as a secondary firewall, If in case Fortigate have some bug with IOS or hardware issue so that Cisco ASA will take care of everything including security policies, VPN tunnels etc.
The reason i am looking for something else is because sometime IOS issues can make down everything and having same vendors provide no solution.
Solved! Go to Solution.
04-19-2018 12:07 PM
I do not think any Firewall vendor has this capability. Everyone has their own operating system and features built in. Plus most of them have different concepts of failover.
What you can do is keep a cold spare device from another vendor, configured in a similar fashion to the Fortigate device. When the Fortigate runs into an issue, rip and replace it with the spare Firewall. This would be a manual switchover. Or you can keep them both up running with different LAN and WAN ip addresses and change your default route when such a failover is needed. Again some sort of manual work required.
04-19-2018 12:07 PM
I do not think any Firewall vendor has this capability. Everyone has their own operating system and features built in. Plus most of them have different concepts of failover.
What you can do is keep a cold spare device from another vendor, configured in a similar fashion to the Fortigate device. When the Fortigate runs into an issue, rip and replace it with the spare Firewall. This would be a manual switchover. Or you can keep them both up running with different LAN and WAN ip addresses and change your default route when such a failover is needed. Again some sort of manual work required.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide