| Where Can I Use
This? | What Do I Need? |
|---|
A WildFire 2-node HA (high availability) cluster
experiences a split-brain condition when a node (or both HA peers)
believes the other is no longer operational. This occurs when both
the HA and cluster connections fail as a result of network connectivity
or configuration issues, but allows the appliances to continue processing
samples. When this occurs both WildFire appliances assume the role
of the active (or primary) controller without a backup, negating
the benefits of a HA deployment, such as redundancy and load-balancing.
Furthermore, this prevents the WildFire appliances from efficiently
utilizing analysis resources. When WildFire clusters experience
a minor disruption, it automatically attempts to recover from split-brain
conditions. More serious events will require manual intervention.
When
a split-brain occurs, the following conditions apply:
Neither
WildFire peer is aware of the state nor the HA role of the other.
Both WildFire peers become the primary server and will continue
to receive samples from firewalls, but operate as independent appliances.
Cluster-related tasks are suspended when HA is not available.
3-node
WildFire appliance clusters should not experience split-brain conditions
when properly configured because of the additional redundancy provided
by the third server node.
