Imperva Cyber Community

 View Only
  • 1.  IMPVHA Active-Active Failover In Detail

    Posted 29 days ago
    Dear all,

    Here I have a question about IMPVHA Active-Active Failover.
    According to what I read in the docs or in the community post, I still haven't found the complete configuration, considerations why I should choose it and traffic simulation from Active-Active Failover.
    Where can I get the resouce? Because there is a deployment Gateway that requires to use Active-Active Failover

    Thank you.
    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Rama Agastya
    Engineer
    PT Sinergy Informasi Pratama
    Jakarta
    ------------------------------


  • 2.  RE: IMPVHA Active-Active Failover In Detail

    Posted 28 days ago
    Hello Rama,

    Thank you for the post, active-active failover is used when we want to monitor traffic simultaneously. If one of them fails, all traffic flows through the other Gateway. Total network capacity is reduced until the failure is corrected, ref diagram below,



    Below is the reference link for more details on Bridge STP - Active-Active Failover,
    https://docs.imperva.com/bundle/v14.5-waf-administration-guide/page/8567.htm 


    ------------------------------
    Syed Noor Fazal
    Product Support Engineer
    ------------------------------



  • 3.  RE: IMPVHA Active-Active Failover In Detail

    Posted 27 days ago
    Thank you for the explanation, and I think I have read this in the documentation and I don't think it can answer what I'm confused about here.

    In my question here I am using IMPVHA Active-Active Failover, is there any difference between IMPVHA and Bride STP Active-Active Failover? Given the current deployment, mode is Bride IMPVHA?

    And one more thing, as described in the illustration, between incoming traffic and outgoing traffic from the Imperva Gateway there is a switch (that connects GW with inbound traffic and that connects GW with each protected server) that is interconnected between the Primary Gateway and the Secondary Gateway, the question here is, can we use Active-Active Failover if the topology is later deployed like this?

    -


    Thank you

    ------------------------------
    Rama Agastya
    Engineer
    PT Sinergy Informasi Pratama
    Jakarta
    ------------------------------