What two events can trigger an HA failover in FortiGate?

The physical disconnection of a heartbeat interface is a significant factor in triggering an HA (High Availability) failover in FortiGate firewalls. In a typical HA setup, FortiGate devices communicate over a dedicated heartbeat interface to monitor each other's status and health. If the heartbeat interface on the primary unit fails or becomes disconnected, the devices can no longer communicate effectively. This lack of communication can lead to a situation where the primary unit cannot confirm that it is still functional, causing it to initiate a failover to the secondary unit to maintain continuous network availability.

This mechanism ensures that if one unit fails or becomes unable to perform its duties, the other unit can immediately take over the responsibilities, thus minimizing downtime and maintaining service availability for users. The heartbeat interface acts as a crucial component for monitoring and maintaining the HA status between the FortiGate devices.

Other potential events mentioned, such as high CPU usage, power failure, or failure of a firewall policy, do not inherently trigger an HA failover. High CPU usage might affect the performance of the unit but does not automatically signify a failure that would necessitate a failover. Power failure would lead to a loss of functionality, but it is not a configured event within the HA status checks. The failure