I have actually 6 (2*3) clusters of 16200/26000 on 2 sites and have to start the design of a new site. I'm considering maestro with only one model and at least 3 appliances per security group. I think it's the way to go to avoid paying a standby member doing nothing 99,99% of it's life... actually appliances are from 2019... only QLS are new but to big to have 3 per security group. I would like a smaller QLS appliance or a newer range of maestro appliances ! Thanks for your job !
Maestro is good if you want a lot of traffic in one firewall and you want to be able to scale it within the same firewall. Ie 20G in one firewall. Other option would be to run VSX with VSLS (both can also be combined) With VSX you split it up to more virtual firewall, however if just running vsx with vsls one firewall can maximum utilize the performance of 1 box, so to use it in a good way you would need to split up in multiple virtual firewall that you then load over multiple members. Ie 2 x 10G in the cluster, like one dedicated firewall for DMZ and one for Client internet access.
