Select Page

Sep 16, 2019

The Benefits of True High Availability, in Virtual Form Factor


Today, if an enterprise hasn’t moved their business to cloud, it’s an anomaly. However, the cloud, despite such benefits as low cost, convenience to use resource by need, ease of management, high elasticity, flexible business models, also faces security challenges more than ever.

Cloud users expect to enjoy the same reliable security protection as in the traditional physical environment, when in fact, security without HA (High Availability) entails huge business risk. Once a host failure occurs, it will cause not only business interruption, but also data loss. For any key business running on an enterprise cloud, it will cause irreparable damage.

What is High Availability (HA)?

HA is short for High Availability and is the effective solution for business continuity. HA in a traditional environment is common to us, but HA on the cloud is not as simple as you imagine.

  • A cloud environment has many limitations compared to the physical environment. For example, broadcast, multicast, and virtual MACs are rejected on the public cloud, causing the HA function to fail.
  • Public cloud platforms have different requirements and constraints. One solution cannot meet all platform requirements. It is necessary to study the technical characteristics of each public cloud platform to better deliver an HA solution.

But, these challenges are easily addressed by Hillstone Networks.

Hillstone Networks CloudEdge – the benefits of an HA solution, without the hardware

After getting certified on Microsoft Azure, Alibaba Cloud, AWS and many other regional public clouds, Hillstone Networks launched CloudEdge HA solution that runs as a hardware-based HA solution on AWS.

What does this mean? It means that the user experience of a virtual firewall, CloudEdge HA, is exactly the same as when users perform HA on a hardware-based firewall. Through in-depth research and testing of the AWS cloud platform, we delivered policy and session synchronization, combining the features of both AWS and cloud security services.

What this delivers is a true HA solution where no session is interrupted and there’s no need for manual intervention. This is a true security HA solution – automated fail over without disruption in services.

Here is a scenario we can image:

AWS: Don’t broadcast messages and virtual MACs on the AWS platform.

Hillstone Networks: Don’t worry. We only use unicast.

AWS: Your service IP address need to be able to float on different interfaces to achieve HA, right?

Hillstone Networks: So easy. Thanks to AWS, the secondary interface address can flexibly float.

AWS: The principle of master-slave failover is within seconds. During the failover, the service side won’t feel a thing.

Hillstone Networks: No problem. After the master-slave failover, the cloud platform will be informed automatically. There will be no business interruption.


More on CloudEdge

CloudEdge is a virtualized network security product specifically designed for cloud computing environments. It is in the form of a virtual host, using an “All in one” concept that inherits the essence of Hillstone’s next-generation firewall products. It can be used for network deployment under virtualization platforms such as VMware, KVM, Hyper-V, XEN, providing users with security protection among cloud computing networks.

CloudEdge supports refined application identification, virtual private network (VPN), intrusion prevention (IPS), virus filtering (AV), load balancing and other functions, with rapid deployment and migration capabilities. It can provide cost-effective protection for public cloud, private cloud, and hybrid cloud tenants, reducing initial purchase, management and maintenance costs for customers.

With the advantages of cloud computing, the security service resources can be deployed and expanded on demand through CloudEdge. In addition, CloudEdge can be tightly integrated with existing cloud management platforms to directly extend management and security protection capabilities into cloud computing architectures.