CN-Series HSF Architecture
Table of Contents
CN-Series HSF Architecture
The CN-series HSF cluster consists of
a pool of CN-MGMT (management), CN-NGFW (dataplane), CN-GW (gateway)
and CN-DB (database) pods connected by internal networks. The CN-MGMT
pods provide the cluster management plane functionality The CN-NGFW
pods provide the cluster data plane security functionality. The
CN-GW pods are the entry point into the cluster and distribute traffic
between the CN-NGFW pods. The CN-DB pods provide the central cluster
session cache used by the CN-NGFW pods.
The CN-Series HSF supports two CN-MGMT containers that provide redundancy and availability.
However, only one of the two CN-MGMT containers can take connections from CN-NGFW DPs.
The connected CN-MGMT will run as a StatefulSet service to allow CN-NGFWs to connect
only to the active CN-MGMT. The other CN-MGMT container will not connect to CN-NGFW
containers unless the current CN-MGMT fails.
