Cable connection guidelines for IPS and Layer 2 Firewalls
The cabling of IPS engines and Layer 2 Firewalls depends on the engine type and the installation.
Make sure that all Ethernet cables are correctly rated (CAT 5e or CAT 6 in gigabit networks).
Follow standard cable connections with inline IPS engines and Layer 2 Firewalls:
- Use straight cables to connect the IPS engines and Layer 2 Firewalls to external switches.
- Use crossover cables to connect the IPS engines and Layer 2 Firewalls to hosts (such as routers or Firewalls).
Note: Fail-open network interface cards support Auto-MDIX, so both crossover and straight cables might work when the IPS engine is online. However,
only the correct type of cable allows traffic to flow when the IPS engine is offline and the fail-open network interface card is in bypass
state. It is recommended to test the IPS deployment in offline state to make sure that the correct cables are used.
Cable connections for Master Engines that host Virtual IPS engines or Virtual Layer 2 Firewalls follow the same principles as the connections for inline IPS engines and Layer 2 Firewalls.