I know It can do load-balancing for two pix firewall by L4 -switch(such as cisco css-11k serial).Perhaps You can search CSS-11k switch to find some information on CCO.
What about SLB, included in IOS12.1? I am going to try it with 2 Gauntlets. It makes mention of firewall load-balancing. I am hoping that it will not put too much of a load on my router.
I am currently involved in a project where we have implemented firewall load balancing using the Cisco/ArrowPoint CS11150 devices. It seems to work well. We are using Checkpoint firewalls but I believe it is possible to use PIX's.
Hope this helps
We are looking at a similar implementation and have discovered a few things. When using the Arrowpoints / Cisco LBs, you have to add L2 switches between each set of LBs and the firewalls, on the inside and outside, to load balance the firewalls. Because the Arrowpoints don't route traffic through themselves, you won't have enough paths to load balance without the L2 switches. There is a funky work around if you don't have the switches but the word from the TAC is that they won't support it. If you just want to do failover, you don't need the external LBs or L2 switches.
You might want to search CCO for "FWLB" and check this url:
I heard rumors that the PIX rev 5.3 was suppose to be able to do load balancing on it's own...so far I have not seen a trace of it. Does anyone have any info on load balancing with rev 6?
You Can use a local DIrector or some other type or redirector and If you get a product that is smart enough you wont lose reduntancy
No the PIX cannot do load balancing on it's own. Cisco instead would like you to purchase another device to integrate into your architecture. The LD/PIX combo is theoretically possble but I wonder about the ability to maintain state info(sticky) with true load balancing....
You can do it with Cisco CSS switches which does L5 load balancing and it's documented. However, it's a costly design.
you can do PIX load balancing with two Content Switches (formerly Arrowpoint). However, why would you need to? A PIX 535 is rated at worst over a GIGABIT.