IWSVA provides native High Availability (HA) to ensure business continuity using active/passive
pairs deployed in Transparent Bridge mode.
 |
Note
The IWSVA HA solution currently only supports active/passive pairs in "Transparent
Bridge mode for High Availability." It only supports two HA nodes in one HA cluster.
Redundancy among multiple IWSVAs deployed in the other supported deployment modes
is handled externally to IWSVA. Specifically, load balancers support redundancy in
any of the proxy modes. The Cisco WCCP device can manage traffic to redundant IWSVAs
in WCCP mode. The ICAP client can manage traffic to redundant IWSVAs in ICAP mode.
|
The four terms to describe HA cluster members are:
-
Active member—The IWSVA unit providing real-time content scanning.
-
Passive member—The IWSVA unit in passive standby mode.
-
Parent member—The IWSVA unit responsible for accepting all configuration changes and synchronizing
the policy and configuration with the child member.
-
Child member—The IWSVA unit that is receiving the policy and configuration changes in the background.
HA switchover can be automatic (failover) or manual.
For failover:
-
IWSVA's HA service monitors the critical services of the IWSVA application and the
underlying OS for failures. If an abnormality occurs on the active unit, the HA service
switches from the active node to the passive node automatically.
-
Some of the administrator's HA management operations—like joining of a node or the
shutdown of the parent—can trigger an automatic switchover. HA handles this type of
switchover gracefully and automatically.
For manual switchover:
