Cluster Architecture and Configuration for Network Security Devices
First Claim
1. A computer-readable storage medium comprising instructions configured to cause a computing device to perform a method for adding a computing device to a cluster, the method comprising:
- discovering the computing device on a communication network;
transmitting a device-specific configuration to the computing device comprising cluster configuration data and a role assignment;
verifying that the computing device has implemented the device-specific configuration; and
including the computing device in a secure cluster communications channel when implementation of the device-specific configuration by the computing device is verified.
10 Assignments
0 Petitions
Accused Products
Abstract
A computing device may be joined to a cluster by discovering the device, determining whether the device is eligible to join the cluster, configuring the device, and assigning the device a cluster role. A device may be assigned to act as a cluster master, backup master, active device, standby device, or another role. The cluster master may be configured to assign tasks, such as network flow processing to the cluster devices. The cluster master and backup master may maintain global, run-time synchronization data pertaining to each of the network flows, shared resources, cluster configuration, and the like. The devices within the cluster may monitor one another. Monitoring may include transmitting status messages comprising indicators of device health to the other devices in the cluster. In the event a device satisfies failover conditions, a failover operation to replace the device with another standby device, may be performed.
-
Citations
31 Claims
-
1. A computer-readable storage medium comprising instructions configured to cause a computing device to perform a method for adding a computing device to a cluster, the method comprising:
-
discovering the computing device on a communication network; transmitting a device-specific configuration to the computing device comprising cluster configuration data and a role assignment; verifying that the computing device has implemented the device-specific configuration; and including the computing device in a secure cluster communications channel when implementation of the device-specific configuration by the computing device is verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
a cluster comprising a plurality of computing devices; a cluster network interface, communicatively coupling the plurality of computing devices in the cluster; and a cluster management module implemented on one of the cluster computing devices, the cluster management module configured to, upon discovering a new computing device, determine a role of the new computing device in the cluster, transmit a device-specific configuration to the new computing device comprising a cluster configuration and the determined role, and to join the new computing device to a secure cluster communications channel when implementation of the device-specific configuration by the new computing device is verified. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method for adding a computing device to a cluster comprising a plurality of computing devices, each of the computing devices comprising a processor, memory, and communications interface communicatively coupled to a cluster network, the method comprising:
-
discovering a new computing device on the cluster network; receiving device-identifying information pertaining to the new computing device via the cluster network; generating a device-specific configuration for the new computing device using the device-identifying information; transmitting the device-specific configuration to the new computing device via the cluster network; and verifying implementation of the device-specific configuration by the new computing device; and establishing a shared key with the new computing device for secure cluster communications when implementation of the device-specific configuration is verified. - View Dependent Claims (27, 28, 29, 30, 31)
-
Specification