FlexEdge Secure SD-WAN in the IPS and Layer 2 Engine roles
IPS engines and Layer 2 Engine pick up network traffic, inspect it, and create event data for further processing by the Log Server.
The main features of Secure SD-WAN in the IPS and Layer 2 Engine roles include:
- Multiple detection methods — Misuse detection uses fingerprints to detect known attacks. Anomaly detection uses traffic statistics to detect unusual network behavior. Protocol validation identifies violations of the defined protocol for a particular type of traffic. Event correlation processes event information to detect a pattern of events that might indicate an intrusion attempt.
- Response mechanisms — There are several response mechanisms to anomalous traffic. These include different alerting channels, traffic recording, TCP connection termination, traffic block listing, and traffic blocking with Inline Interfaces.
- Unified SMC and integration with other Secure SD-WAN Engines — The IPS engines, Layer 2 Engine, Master Secure SD-WAN Engines, Virtual IPS engines, and Virtual Layer 2 Engines are managed centrally through the SMC. The SMC provides extensive reporting tools for generating statistical reports based on logs, alerts, and operating statistics.