Firewall redundancy - how?
A few years since I last visited, but here I am with another dumb question...
I am looking to set up a high availability service from home, and of course want to keep the nasties out. I have one line from my ISP, and of course wish to stick a firewall on the internet-facing side. To be HA, though, I would really need two firewalls in case one box falls over.
How do I get input directed at one IP to go to either/or firewall without adding another box and thus a single point of failure?
Is the only way to do this to have a clustered pair, one live and one failover?
Isn't that adding complexity to what should be a basic box (and therefore adding vulns)?
Any guidance or pointing-in-the-right-direction would be appreciated.