Active/Active Clustering Full Mesh

An Active/Active Clustering Full-Mesh configuration is an enhancement to the Active/Active Clustering configuration option and prevents any single point of failure in the network. All firewall and other network devices are partnered for complete redundancy. Full-Mesh ensures that there is no single point of failure in your deployment, whether it is a device (security appliance/switch/router) or a link. Every device is wired twice to the connected devices. Active/Active Clustering with Full-Mesh provides the highest level of availability possible with high performance; see the following table.

The routers in the security appliance’s upstream network should be preconfigured for Virtual Router Redundancy Protocol (VRRP).
Full Mesh deployments require that Port Redundancy is enabled and implemented.

Benefits of Active/Active Clustering Full Mesh

No Single Point of Failure in the Core Network	In an Active/Active Clustering Full-Mesh deployment, there is no single point of failure in the entire core network, not just for the security appliances. An alternative path for a traffic flow is always available in case there are simultaneous failures of switch, router, security appliance on a path, thus providing the highest levels of availability.
Port Redundancy	Active/Active Clustering Full-Mesh utilizes port redundancy in addition to HA redundancy within each Cluster Node, and node level redundancy within the cluster. With port redundancy, a backup link takes over in a transparent manner if the primary port fails. This prevents the need for device level failover.