Disconnect mode for IPS engines and Layer 2 Firewalls and how it works

IPS engines and Layer 2 Firewalls support disconnect mode, which enables constant monitoring of link connections and minimizes delays caused by link failures.

Note: Disconnect mode is supported only on modular Forcepoint NGFW appliance models that have full-sized bypass interface modules (not mini modules).

When IPS engines or Layer 2 Firewalls are deployed in inline mode, link failures cause significant traffic transfer delays if the link failure is undetected. Failure to detect link failures can be prevented in disconnect mode.

If a link fails on one side of an Inline Interfaces pair, the IPS engine or Layer 2 Firewall:

Detects the failure
Simulates cable disconnection on the other side
Takes down the other side's link transmitter (TX)

The IPS engine or Layer 2 Firewall continues to monitor the receiver (RX) side of a pair of Inline Interfaces. It detects when the link is up again and brings the transmitter (TX) backup accordingly.