Load balancing among a cluster of firewall security devices

Abstract

A method for balancing load among firewall security devices in a network is disclosed. Firewall security devices are arranged in multiple clusters. A switching device is configured with the firewall security devices by communicating control messages and heartbeat signals. Information regarding the configured firewall security devices is then included in a load balancing table. A load balancing function is configured for enabling the distribution of data traffic received by the switching device. A received data packet by the switching device is forwarded to one of the firewall security devices in a cluster based on the load balancing function, the load balancing table and the address contained in the data packet.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application is a continuation-in-part of U.S. patent application Ser. No. 13 / 356,399, filed on Jan. 23, 2012, which claims the benefit of U.S. Provisional Application No. 61 / 443,410, filed on Feb. 16, 2011 and U.S. Provisional Application No. 61 / 542,120, filed on Sep. 30, 2011, all of which are hereby incorporated by reference in their entirety for all purposes.COPYRIGHT NOTICE[0002]Contained herein is material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction of the patent disclosure by any person as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all rights to the copyright whatsoever. Copyright ©2011-2013, Fortinet, Inc.BACKGROUND[0003]1. Field[0004]Embodiments of the present invention generally relate to the field of load balancing in a computer network. In particular, various embodiments relate to a method and system for balan...

AI Technical Summary

Benefits of technology

[0015]Methods and systems, according to various embodiments of the present invention, provide high availability (HA) clusters of firewall security devices having enhanced reliability and increased performance, the two key requirements of critical enterprise networking. Load balancing in HA is implemented by configuring a plurality of firewall security devices in an HA cluster. In the network, HA clusters process network traffic and provide normal security services such as firewalling, virtual private network (VPN), virus scanning, web filtering, and spam filtering services.

[0016]According to an embodiment of the present invention, if a firewall security device in a cluster fails, another firewall securit

Problems solved by technology

There is a threat to such confidential data by malware, viruses, spyware, key loggers, and unauthorized access to information and so forth.

This poses great danger to unwary computer users.

However, the firewall can be a single point of failure.

If it fails, there will be no restrictions on the viruses, spyware, key loggers, and unauthorized access and the services may get hampered badly.

However, there is a limitation with respect to the number of firewall systems that a single network switch can handle in a cluster.

Further, due to highly varying and growing traffic requirements of tod

Images