XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy.
Which two features must be enabled to meet the customer's requirements? (Choose two.)
Correct Answer: B,D
In the context of XYZ Corporation's legacy environment with asymmetric routing, enabling redundancy while supporting asymmetric routing can be effectively managed with Palo Alto Networks firewalls. Asymmetric routing occurs when the path the traffic takes to reach a destination is different from the path it takes to return.
To handle this scenario, the following two features must be enabled:
* HA Active/Active (B): High Availability (HA) in an active/active configuration allows both firewalls in the pair to process traffic simultaneously. This is essential for handling asymmetric routing as both
* firewalls can process and route packets independently, ensuring that the traffic can flow correctly even if it comes back via a different path.
* Policy-Based Forwarding (D): Policy-Based Forwarding (PBF) enables the firewall to make routing decisions based on policies that match traffic to specific interfaces, rather than relying solely on the routing table. This is crucial for asymmetric routing because it allows the firewall to direct return traffic along a specific path, aligning with the asymmetric nature of the traffic flow.
References:
* Palo Alto Networks, High Availability Concepts, and Policy-Based Forwarding documentation.