Recently we got Ironport and setup for our web security. This is working fine so far. What I am looking now is to setup another Ironport
as failover. Checked the document and there isn't a clear explanation how to do this. Search the web and so far I have no luck.
Have anyone setup failover for Ironport?
In my environment, I have a pair of ASA and this setup as a stateful failover so I am thinking to setup Ironport same way if there is a such
feature in the Ironport. Also if the primary ironport dies, it should automatic failover the secondary if possible. Well that is a thought but
not sure the licensing will fit into those scenario. The ironport is S160 and version of AsynOS is 6.3.3.
Thank you for your help in advance.
The WSA does not have a failover mechanism similar to the ASA.
If you are configured for transparent proxy, and using wccp, that mechanism handles the redirection to a live proxy server.
If you are configured for explicit forward, you could use a PAC file similar to this, for sending clients to a live proxy server.
/* bunch of if statements for internal subnets/sites - all return "DIRECT" -not related to this test-*/
return "PROXY 10.66.71.17:80; PROXY 10.66.71.19:80; PROXY 10.66.71.21:80";
More infomration on WCCP here :
And the WSA documentations will have information about wccp.
More information o PAC files here :
And more on WSA documentation
I hope this information helps you.