One of the most utilized networks for interconnecting distributed computer systems is the Internet. The Internet allows users of computer systems to exchange data throughout the world. In addition, many private networks in the form of corporate or commercial networks are connected to the Internet. These private networks are typically referred to as an “intranet.” To facilitate data exchange, the intranet generally uses the same communications protocols as the Internet. These Internet protocols (IP) dictate how data is formatted and communicated. In addition, access to corporate networks or intranets can be controlled by network gateways, which can include a firewall system.
As the popularity of the Internet grew, businesses turned to it as a means of extending their own networks. First came the intranet, which was an access-controlled site designed for use only by company employees. Now, many companies are creating their own VPN (virtual private network) to accommodate the needs of remote employees and distant offices. An SSL VPN is generally a private network that uses SSL technology over a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated, real-world connection such as a leased line, an SSL VPN uses “virtual connections” routed through the Internet and cryptographically protected by SSL from the company's private network to the remote site or employee.
It can be appreciated that a load balancer can be used to increase the capacity of a network (or node), which is typically includes a collection of servers usually maintained by an enterprise to accomplish server needs far beyond the capability of one machine. For example, often, a network comprised of a plurality of servers will have both a primary and a backup server allocated to a single task, so that in the event of the failure of the primary server, a backup server will take over the primary server's function. In addition, it can be appreciated that load balancing can also be important so that no single device or node is overwhelmed.
A load balancer can also allow the service to continue even in the face of server down time due to server failure or server maintenance. Typically, a load balancer consists of a virtual server, which, in turn, consists of an IP address and port. The virtual server is bound to a number of physical services running on the physical servers in a server farm. These physical services contain the physical server's IP address and port. A client sends a request to the virtual server, which in turn selects a physical server in the server farm and directs this request to the selected physical server. Load balancers are sometimes referred to as “directors” or “dispatcher”, which reflects the load balancer's role in managing connections between clients and servers.
In a cluster of SSL VPN devices or gateways, it would be desirable to enable configurations of a cluster of two or more nodes in the form of SSL VPN devices or gateways, which act as a single entity to provide high availability and scaleable performance without the use of an external load balancer and/or dispatcher.