Types of traffic inspection interfaces for Layer 2 Engines

Capture Interfaces and Inline Interfaces on Layer 2 Engines pick up traffic for inspection.

Layer 2 Engines inspect network traffic. Layer 2 Engines are typically installed inline, directly on the traffic path so that traffic must always pass through the Layer 2 Engine to reach its destination. Only traffic that attempts to pass through Inline Interfaces can be actively filtered.

You can also configure a Layer 2 Engine in Passive Engine mode. In Passive Engine mode, a Layer 2 Engine has Capture Interfaces defined for inspections that listen to and log network traffic.

Connections picked up through Capture Interfaces can be reset through specially set-up Reset Interfaces. Capture Interfaces and Inline Interfaces can be defined on the same Layer 2 Engine and used simultaneously.

Logical Interface elements allow you to group interfaces together according to network segment. You can then use the Logical Interface elements as matching criteria when you edit the rules in your Layer 2 Engine policies.