Introduction

Content Gateway scales from a single node to a cluster of 2 or more nodes, with a maximum recommended limit of 16. This allows you to quickly increase capacity and improve system performance and reliability.

Note: For assistance with scaling your deployment, contact your Forcepoint account representative.
  • Content Gateway detects the addition and deletion of nodes in the cluster and can detect when a node is down.
  • You can add or delete a node from a cluster at any time.
  • When you remove a node from the cluster, Content Gateway removes all references to the missing node.
  • Restarting a node in the cluster causes all nodes in the cluster to restart.
  • When the Virtual IP failoverfeature is enabled, the live nodes in a cluster can assume a failed node’s traffic.
  • Nodes in a cluster automatically share configuration information except for the following:
    • Filtering Service and Policy Service IP addresses are not propagated around the cluster.
    • In transparent proxy deployments with WCCP, the service group enabled/ disabled state and weight settings are not propagated. See Transparent interception with WCCP v2 devices.
    • When SSL support is enabled, the Dynamic Incident List is not propagated around the cluster.

Content Gateway uses a proprietary protocol for clustering, which is multicast for node discovery and heartbeat, and unicast for all data exchange within the cluster.

Important:

It is recommended that a dedicated network interface be used for Content Gateway cluster communication, except when the host is a Forcepoint appliance, in which case the P1 interface is recommended.

In a proxy hierarchy, the nodes in the cluster cannot be a mixture of HTTP parents and children.