Layer 2 interfaces for FlexEdge Secure SD-WAN in the Firewall/VPN role

Layer 2 interfaces on Engine in the Firewall/VPN role allows the Engine to provide the same kind of traffic inspection that is available for Engine in the IPS and Layer 2 Firewall roles.

Layer 2 interfaces on the Engine in the Firewall/VPN role provide the following benefits:

• When the same Engine has both layer 2 and layer 3 interfaces, administration is easier because there are fewer Engine elements to manage in the Engine.
• It is more efficient and economical to use one Engine hardware device that has both layer 2 and layer 3 interfaces because a smaller number of Engine appliances can provide the same traffic inspection.
• When you use layer 2 interfaces on Engine in the Firewall/VPN role, the Engine can use options and features that are not available on Engine in the IPS or Layer 2 Firewall roles.

  For example, an Engine in the Firewall/VPN role can use Forcepoint Endpoint Context Agent (ECA), Forcepoint User ID service, NetLinks for communication with the Secure SD-WAN Manager, and dynamic control IP addresses, while also providing the same kind of traffic inspection that is available for Engine in the IPS and Layer 2 Firewall roles.