This article provides information about support for Universal Threat Management (UTM) while using SRX chassis clusters.
SRX HA chassis clusters support two modes of setup: Active/Passive and Active/Active.
-
Active/passive mode: In active/passive mode, transit traffic passes through the primary node while the backup node is used only in the event of a failure. When a failure occurs, the backup device becomes the master and takes over all forwarding tasks.
-
Active/active mode: In active/active mode, transit traffic passes through both nodes of the cluster all the time.
Chassis cluster deployments support Universal Threat Management (UTM) with Active/Passive and Active/Active setup modes in the following Junos OS versions:
| HA Deployment type |
UTM Feature |
Supported Junos version |
| Active/Passive |
ALL |
All current |
| Active/Active |
Content Filtering |
All current |
| URL Filtering - Redirect |
All current |
| URL Filtering - Local |
All current |
| URL Filtering - Enhanced |
19.4R1 |
| Anti-Spam |
All current |
| Anti-Virus (Sophos-engine) |
19.4R1 |
| Anti-Virus (Express engine) |
11.4 until 12.3X48 |
| Anti-Virus - (Kaspersky engine) |
11.4 until 12.3X48 |
Example of Active/Passive:
{primary:node1}
root@NODE1> show chassis cluster status
Cluster ID: 5
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 1
node0 10 secondary n/a no
node1 100 primary no no
Redundancy group: 1 , Failover count: 1
node0 10 secondary n/a no
node1 100 primary no no
Note: If you are performing a manual failover, make sure to issue the same failover for all redundancy groups.
2020-06-05: Updated article to reflect support options for UTM use in HA clusters