IBM Support

IBM QRadar Network Security IQNS (XGS) appliance High Availability (HA) cabling guide

Question & Answer


Question

How do you physically cable and attach a IBM QRadar Network Security IQNS (XGS) appliance in HA pair to your network?

Answer

This diagrams HA deployment for a single fail over segment or single load balanced segment. The IBM QRadar Network Security IQNS (XGS) HA solution operates in an Active / Active configuration. Because of this, there is no failover control that is built into the IPS. This design accommodates both fail over and load balanced HA segments.


Note:

1). The XGS HA does not operate in an Active / Standby configuration. This allows the network environment, around the XGS in HA, to operate in a failover and load balanced configuration.

2). In an HA deployment using XGS7100, every four-interface group is recommended to be configured in the same NIM group. Ex. Group 1=NIM1 and NIM2; Group 2 =NIM3 and NIM4.

3). If you have deployed XGS 7100 appliances in an Active / Standby deployment and 1GbE NIMs are used for connections, add the following tuning parameter to the Advanced Tuning Parameters policy and set the value to true (default=false) for resource optimization:

segment.ha.alignment=true

Primary Segment IQNS/XGS Appliance Connections

Port 1.1: Primary Firewall/Router
Port 1.2: Primary Switch
Port 1.3: (Mirror) goes to 1.3 of the Secondary Segment appliance
Port 1.4: (Mirror) goes to 1.4 of the Secondary Segment appliance

Secondary Segment IQNS/XGS Appliance Connections

Port 1.1: Secondary Firewall/Router
Port 1.2: Secondary Switch
Port 1.3: (Mirror) from 1.3 of the Primary Segment appliance
Port 1.4: (Mirror) from 1.4 of the Primary Segment appliance

Note: Any additional HA monitored segments can be added with the Network Interface Modules (NIMs) using the same 4-port connection pattern.

file:///C:/Users/Eddie/Pictures/xgs-ha.png

For additional information on implementing High Availability (HA) with IBM QRadar Network Security IQNS (XGS) see the below attached document.
 

[{"Product":{"code":"SSFSVP","label":"IBM QRadar Network Security"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Hardware","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"5.4","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSHLHV","label":"IBM Security Network Protection"},"Business Unit":{"code":"BU008","label":"Security"},"Component":" ","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"5.3;5.3.1;5.3.2;5.3.3","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
23 January 2021

UID

swg21691051