Details
Ensure a High Availability peer is fully synchronized and in a passive or active state.
Rationale:
To ensure availability of both the firewall and the resources it protects, a High Availability peer is required. In the event a single firewall fails, or when maintenance such as a software update is required, the HA peer can be used to automatically fail over session states and maintain overall availability
Solution
Navigate to Device > High Availability > General.
Click General. Click Data Link (HA2). Select the correct interface . Select the protocol (IPv4 or IPv6). Select the correct Transport. Set the Enable Session Synchronization box to be checked.
Save Configuration.
Default Value:
Not Configured
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Palo_Alto.