Cable connection guidelines for IPS and Layer 2 Engines

The cabling of IPS engines and Layer 2 Engines depends on the engine type and the installation.

Make sure that all Ethernet cables are correctly rated (CAT 5e or CAT 6 in gigabit networks).

Follow standard cable connections with inline IPS engines and Layer 2 Engines:

  • Use straight cables to connect the IPS engines and Layer 2 Engines to external switches.
  • Use crossover cables to connect the IPS engines and Layer 2 Engines to hosts (such as routers or Engines).
Note: Fail-open network interface cards support Auto-MDIX, so both crossover and straight cables might work when the IPS engine is online. However, only the correct type of cable allows traffic to flow when the IPS engine is offline and the fail-open network interface card is in bypass state. It is recommended to test the IPS deployment in offline state to make sure that the correct cables are used.

Cable connections for Master Engines that host Virtual IPS engines or Virtual Layer 2 Engines follow the same principles as the connections for inline IPS engines and Layer 2 Engines.

Figure: Correct cable types for Single IPS engines and Single Layer 2 Engines



Figure: Correct cable types for Serial IPS Clusters



Figure: Correct cable types for Active/Standby Layer 2 Engine Clusters



Figure: Correct cable types for Serial Virtual IPS Clusters



Figure: Correct cable types for Active/Standby Virtual Layer 2 Engine Clusters