High availability and failover

We claim: 1. A method comprising: listening, via a first device on a network, for heartbeat messages transmitted from one or more second devices on the network, the first device operating in a failover mode and one of the one or more second devices operating in a live mode, each of the heartbeat messages transmitted by the one or more second devices as well as corresponding heartbeat messages transmitted by the first device having a respective priority associated therewith; detecting a failover event when a number of heartbeat messages are not received from the one of the one or more second devices within a period of time; immediately after detecting the failover event, determining whether to switch the first device from the failover mode to the live mode by comparing the respective priority associated with heartbeat messages transmitted by the first device and the respective priority associated with the heartbeats transmitted by all of the one or more second devices except the one of the one or more second devices operating in the live mode; and obtaining, via the first device, an external identity for communicating with devices outside of the network upon determining to switch the first device from the failover mode to the live mode. 2. The method of claim 1 , wherein the external identity is a virtual identity generated by a cloud system for shared use by the first device and the one or more second devices depending on which device is operating in live mode, the virtual identity comprising a public internet protocol (IP) address and a virtual media access control (MAC) address, wherein the first device is also assigned a private identity for communicating with devices within the network, the private identity comprising a private IP address and a MAC address. 3. The method of claim 1 , wherein the listening for the heartbeat messages comprises receiving, from the one or more second devices, the heartbeat messages at identified intervals of time, the method further comprising sending, via the first device, the corresponding heartbeat messages when operating in live mode. 4. The method of claim 1 , further comprising synchronizing data between the first device and the one of the one or more second devices, the data comprising at least one of dynamic host configuration protocol (DHCP) settings, network address translation (NAT) state, or a port number. 5. The method of claim 4 , wherein the port number comprises a VPN port number associated with a VPN tunnel connecting the network to a cloud system, the VPN tunnel being shared by the first device and the one of the one or more second devices to communicate with the cloud system, the data synchronized between the first device and the one of the one or more second devices allowing for a handoff of the VPN tunnel between the first device and the one of the one or more second devices that is triggered by at least one of a failover event or a change in an operating mode of one of the first device or the one of the one or more second devices. 6. The method of claim 1 , further comprising sending status information to a cloud system via a tunnel between the cloud system and the first device, wherein the status information comprises at least one of a failover state, an operating mode, or a health status, and wherein the status information is associated with at least one of the first device or the one of the one or more second devices. 7. The method of claim 1 , wherein the first device listens to the heartbeat messages over one or more virtual local area networks (VLANs) configured on one or more ports on the first device, and wherein the first device receives, from the one of the one or more second devices, synchronization information for establishing a connection with a cloud system through a tunnel previously used by the one of the one or more second devices to communicate with the cloud system. 8. The method of claim 1 , wherein the first device actively provisions services in the network while operating in live mode, and wherein the first device remains on but does not actively provision the services on the network while operating in failover mode, and wherein the first device reports data to a cloud system via a VPN tunnel between the cloud system and the network while operating in live mode, wherein the first device establishes the VPN tunnel to the cloud system using a VPN port number received from the one of the one or more second devices and at least one of the external identity and a private identity associated with the first device. 9. A system operating in live mode on a computer network, the system comprising: a processor; and a computer-readable storage medium having stored therein instructions which, when executed by the processor, cause the processor to perform operations comprising: associating an external identity generated by a cloud system with the system, the external identity comprising a public address for communicating with devices outside of the computer network; sending heartbeat messages to at least one failover device operating in failover mode in the computer network; sending the external identity to one of the at least one the failover device for use by the one of the at least one failover device to communicate with devices outside of the computer network when operating in live mode, the one of the at least one failover device being selected to operate in the live mode upon determining that a priority associated with heartbeat messages transmitted by the one of the at least one failover device is higher than a priority associated with heartbeat messages transmitted by each additional failover device available in the computer network; and in response to a failover event: switching the system from live mode to at least one of a failover mode, a standby mode, an inactive mode, or a shutoff mode; and disassociating the external identity with the system. 10. The system of claim 9 , wherein the external identity comprises a virtual internet protocol (IP) address and a virtual media access control (MAC) address, wherein the system is assigned a private identity for communicating within the network, the private identity comprising a private IP address and a MAC address. 11. The system of claim 9 , the computer-readable storage medium having stored therein instructions which, when executed by the processor, perform operations comprising: synchronizing data between the system and the one of the at least one failover device, the data comprising settings associated with a tunnel between the system and the cloud system, wherein the data is synchronized between the system and the one of the at least one failover device via a link between the system and the one of the at least one failover device established based on settings generated by the cloud system. 12. The system of claim 9 , the computer-readable storage medium having stored therein instructions which, when executed by the processor, perform operations comprising sending the external identity to the one of the at least one failover device in response to at least one of a request or the failover event. 13. A non-transitory computer-readable storage medium having stored therein instructions which, when executed by a processor, cause the processor to perform operations comprising: receiving, via a first device on a network, heartbeat messages transmitted from one or more second devices on the network, the first device operating in a failover mode and one of the one or more second devices operating in live mode, each of the heartbeat messages transmitted by the one or more second devices as well as corresponding heartbeat messages transmitted by the