Check Point CloudGuard IaaS High Availability for Azure


Setting Up Check Point Clusters in Azure

A cluster is a group of Virtual Machines that work together in High Availability Mode. One Cluster Member is the Active, and the second Cluster Member is the Standby. The cluster fails over from the Active Cluster Member to the Standby Cluster Member when necessary.

  • Cluster Members communicate to each other with unicast IP addresses.

  • For inbound, outbound, and East-West traffic, Cluster Members rely on Azure Load Balancers to represent their external and internal Virtual IP addresses. Load Balancers only forward traffic to the Active Cluster Member.

  • For VPN traffic, Load Balancers use API calls to Azure to communicate the failover from the Active Cluster Member. The Standby Cluster Member then promotes itself to Active.

    During cluster failover, the Standby Cluster Member associates the private and public cluster IP addresses of the Active Cluster Member with its external interface.