Layer 2 interfaces for FlexEdge Secure SD-WAN in the Firewall/VPN role
Layer 2 interfaces on Engine in the Firewall/VPN role allows the Engine to provide the same kind of traffic inspection that is available for Engine in the IPS and Layer 2 Firewall roles.
Layer 2 interfaces on the Engine in the Firewall/VPN role provide the following benefits:
- When the same Engine has both layer 2 and layer 3 interfaces, administration is easier because there are fewer Engine elements to manage in the Engine.
- It is more efficient and economical to use one Engine hardware device that has both layer 2 and layer 3 interfaces because a smaller number of Engine appliances can provide the same traffic inspection.
- When you use layer 2 interfaces on Engine in the Firewall/VPN role, the Engine can use options and features that are not available on Engine in the IPS or Layer 2 Firewall roles.
For example, an Engine in the Firewall/VPN role can use Forcepoint Endpoint Context Agent (ECA), Forcepoint User ID service, NetLinks for communication with the Secure SD-WAN Manager, and dynamic control IP addresses, while also providing the same kind of traffic inspection that is available for Engine in the IPS and Layer 2 Firewall roles.
Note: When you use layer 2 interfaces on in the Firewall/VPN role, follow the same cable connection guidelines as for IPS and Layer 2 Firewalls.