Main page image

A Financial Services Company Required a Reliable, Highly Available Firewall Solution

Overview

Business Problem

After a new business critical software solution was deployed, a redundant firewall solution was required to guarantee site uptime

Exmos Solution

Install an Active/Active Stonegate firewall cluster with a load-balanced ADSL, SDSL and Leased line. This would provide Internet connection failover, in and outbound, and firewall hardware failover

Tools Used

  • Stonegate Management Centre
  • Stonegate Firewalls
  • Stonegate VPN Client

Benefits

If one firewall fails, the other firewall picks up the load transparently with no downtime. The Stonegate hardware is also replaced within 24hrs. Higher percentage of uptime for the new business critical application

Abstract

With a new Software solution going being rolled out to hundreds of business clients, downtime had to be minimised and single hardware failure and single internet connection failure could no longer be a problem. This leading UK financial services company needed to guarantee uptime to their end users.

Working closely with their IT team, Exmos planned and installed a Stonegate Firewall cluster. This removed the single piece of hardware as a point of failure. As part of the solution, multiple pre-existing internet connections, and one new Leased line, were included so the Stonegate Cluster would load balance all the outbound and inbound traffic. And as only one internet connection had to be up to allow all the in and outbound traffic to run smoothly, this removed a single internet connection as a point of failure.

Business Problem

With a new software roll-out imminent, the internal IT team had to guarantee their clients who were up taking the new line of business application access to their servers, and they also had to guarantee their own staff access to their data centre. Loss of access to either would mean lost revenue.

With their new Data Centre about to be included in the equation and a new Leased line giving them full 100Mb access, the network planning needed to be mapped out in great detail to offer the most cost effective and simple solution

Exmos Solution

After a detailed network solution was mapped out, Exmos proposed a Stonegate Firewall Cluster solution. This firewall cluster included the installation of the clients own Stonegate Management Centre (SMC). Once configured in the SMC the firewalls detailed configuration was tested thoroughly by our experienced staff before the final onsite Stonegate Cluster deployment.

Once the Stonegate Cluster was installed, a testing/proving phase was carried out. This included disconnecting one firewall node of the cluster to ensure network traffic carried on seamlessly. Also tested were the load-balancing capabilities of the internet connections, disconnecting them all in turn and monitoring as inbound and outbound traffic continued to flow with no user impact. The results from both of these tests proved to our customer we had successfully removed both worrisome points of failure: a single firewall and a single internet connection.

Business Benefits

Installed early 2008, the customer has been very pleased with the performance of the Stonegate firewalls and so far no downtime has been reported. The Stonegate cluster also handles the full 100Mb connection to the off-site data centre easily and bulk data transfers confirm this.

Since Exmos have removed the single points of failure, the customer's software rollout has been very successful and connectivity has never been a problem at their end!