Add inline IPS interfaces to Single Firewalls

There are two physical interfaces in an inline IPS interface. The traffic is forwarded from one interface to the other.

The traffic that the Single Firewall allows goes through the inline IPS interface as if it was going through a network cable. The Single Firewall drops the traffic you want to stop.

Inline interfaces are associated with a Logical interface element. The Logical interface is used in the Layer 2 Interface Firewall Policies and the traffic inspection process to represent one or more inline IPS interfaces.

Fail-open network cards have fixed pairs of ports. Make sure to map these ports correctly during the initial configuration of the engine. If you use the automatic USB memory stick configuration method for the engine’s initial configuration, the ports are configured automatically.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click the Single Firewall engine and select Edit <element type>.
    The Engine Editor opens.
  2. In the navigation pane on the left, browse to Interfaces.
  3. Right-click the empty space and select New Layer 2 Physical Interface.
  4. From the Interface ID drop-down list, select an ID number.
  5. From the Type drop-down list, select Inline IPS Interface.
  6. (Optional) From the Second Interface ID drop-down list, change the automatically selected interface ID.
  7. If your configuration requires you to change the logical interface from Default_Eth, select the logical interface in one of the following ways:
    • Select an existing Logical Interface element from the list.
    • Click Select and browse to another Logical Interface element.
    • Click New to create a Logical Interface element, then click OK.
  8. If you want the Single Firewall to inspect traffic from VLANs that are not included in the Single Firewall's interface configuration, leave Inspect Unspecified VLANs selected.
  9. If you want the Single Firewall to inspect double-tagged VLAN traffic, leave Inspect QinQ selected.
  10. Click OK.
  11. Click Save.
    Do not close the Engine Editor.

Next steps

Continue the configuration in one of the following ways:
  • Define how the Single Firewall handles traffic when the traffic load is too high using the Bypass Traffic on Overload setting.
  • Add VLAN interfaces to the inline IPS interface.
  • Add other types of layer 2 interfaces.
  • Select system communication roles for interfaces.
  • Bind engine licenses to the Single Firewall elements.