Advanced WildFire Powered by Precision AI™
WildFire Appliance Cluster Resiliency
Table of Contents
WildFire Appliance Cluster Resiliency
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Cluster nodes play one of three roles:
- Controller Node—Two controller nodes manage the queuing service and database, generate signatures, and manage the cluster locally if you don’t manage the cluster with a Panorama M-Series or virtual appliance. Each cluster can have a maximum of two controller nodes. For fault tolerance, each WildFire appliance cluster should have a minimum of two nodes configured as a primary controller node and a controller backup node HA pair. Except during normal maintenance or failure conditions, each cluster should have two controller nodes.
- Worker Node (cluster client)—Cluster nodes that are not controller nodes are worker nodes. Worker nodes increase the analysis capacity, storage capacity, and data resiliency of the cluster.
- Server Node (cluster server)—The third node in a WildFire cluster is automatically configured as a server node, a special type of worker node that provides database and infrastructure redundancy features in addition to standard worker node capabilities.
When a firewall registers with a cluster node, or when you add
a WildFire appliance that already has registered firewalls to a
cluster, the cluster pushes a registration list to the connected
firewalls. The registration list contains every node in the cluster.
If a cluster node fails, the firewalls connected to that node reregister
with another cluster node. This type of resiliency is one of the
benefits of creating WildFire appliance clusters.
Benefit | Description |
|---|---|
Scale | A WildFire appliance cluster increases the
analysis throughput and storage capacity available on a single network
so that you can serve a larger network of firewalls without segmenting
your network. |
High availability | If a cluster node goes down, HA configuration
provides fault tolerance to prevent the loss of critical data and
services. If you manage clusters centrally using Panorama, Panorama
HA configuration provides central management fault tolerance. |
Single signature package distribution | All firewalls connected to a cluster receive
the same signature package, regardless of the cluster node that
received or analyzed the data. The signature package is based on
the activity and results of all cluster members, which means that
each connected firewall benefits from the combined cluster knowledge. |
Centralized management (Panorama) | You save time and simplify the management
process when you use Panorama to manage WildFire appliance clusters.
Instead of using the CLI and scripting to manage a WildFire appliance
or cluster, Panorama provides a single-pane-of-glass view of your
network devices. You can also push common configurations, configuration
updates, and software upgrades to multiple WildFire appliance clusters,
and you can do all of this using the Panorama web interface instead
of the WildFire appliance CLI. |
Load balancing | When a cluster has two or more active nodes,
the cluster automatically distributes and load balances analysis,
report generation, signature creation, storage, and WildFire content
distribution among the nodes. |