A firewall clustering system connects two or more firewalls between an
internal network and an external network. The plurality of two or more
firewalls are combined to supply high-availability and scaling of
processing capacity. Firewalls maintain client-server state information.
Flow controllers are connected to the firewalls and placed on both the
internal "trusted" side and the external "untrusted" side of the
firewalls. Flow controllers are placed on both sides of the firewalls to
ensure that traffic for a given client-server session flows through the
same firewall in both inbound and outbound directions. The firewalls
perform filtering operations and/or network address translation (NAT)
services. In both cases, the flow controllers supply high availability,
scalability, and traffic distribution for the firewalls in the firewall
cluster.
