Configuring the interface list

Use the Interface List area of the Security Interfaces page for the Network IPS appliance to view and manage network security interfaces.

About this task

Navigating in the Network IPS Local Management Interface: Manage System Settings > Network > Security Interfaces

Navigating in the SiteProtector™ system: select the Security Interfaces policy

Procedure

  1. In the Interface List area, select the appropriate port.
  2. Click the Edit icon.
  3. Configure the following options:
    Option Description
    Mode (Non HA) Sets the monitoring or protection mode for the appliance:
    • Inline Protection: The appliance monitors traffic inline, and blocks attacks that are configured with the quarantine response, dynamic blocking response, and firewall rules.
      Note: This mode is the default mode of the appliance.
    • Inline Simulation: The appliance monitors traffic inline, but does not block any traffic. Instead, the appliance monitors traffic and provides passive responses.
    • Monitoring: The appliance monitors traffic from a tap, hub, or span port.
    Report link status Determines whether to include the status of the port link in the overall health status of the agent.

    If the appliance loses connectivity to one or more security ports, an error message is displayed by default in the Network IPS Local Management Interface at Appliance Dashboard > Network Health or in the SiteProtector system at Agent view > Health Summary. (To change the error message that is displayed, see the notification options for the sm.linklost.sev tuning parameter at More tuning parameters.)

    Note: Disabling this option (to not report link status) prevents ports that are not used or that are not physically cabled from incorrectly reporting lost connection or lost link error messages to the SiteProtector system. No notification messages about port disconnection to the security interfaces are reported in the Network IPS Local Management Interface at Appliance Dashboard > Network Health or in the SiteProtector system at Agent view > Health Summary.

    Port ID Assigns a meaningful name to either port ends of the network segment. This setting is repeated so you can pair ports together that define specific network segments.
    Example: Port A through port B is the Finance Department Network Segment.
    TCP Resets Specifies whether the appliance sends TCP resets through this port or through the external TCP reset port.
    Port Speed/Duplex Settings Sets the link speed and mode for the network adapter:
    • Auto or Auto Negotiate: Automatically sets the best common mode the moment that two interfaces are connected. This setting works for most environments. An exception is an environment with a switch or other network device that does not support auto-negotiation. Another exception is a case where the auto-negotiation process takes too long to establish a link.
      Note: The auto setting for the GX6000 series appliances link at 1 gigabit per second.
    • 10 MB Half Duplex: Devices transmit or receive data at 10 megabits per second but not at the same time.
    • 10 MB Full Duplex: Devices transmit and receive data at 10 megabits per second in both directions at the same time.
    • 100 MB Half Duplex: Devices transmit or receive data at 100 megabits per second but not both at the same time.
    • 100 MB Full Duplex: Devices transmit and receive data at 100 megabits per second in both directions at the same time.
    • 1000 MB Full Duplex: Devices transmit and receive data at 1000 megabits per second in both directions at the same time.
    Unanalyzed Policy Controls how the appliance processes traffic when the network is congested:
    • Forward: Forwards traffic without processing it. When traffic levels return to normal, the system resumes normal operation. You must use the Forward setting when the appliance is set to inline simulation mode.
    • Drop: Blocks some of the traffic without processing it. When traffic levels return to normal, the system returns to normal operation.
    Propagate Link Use this setting when the mode is set to either inline protection or inline simulation:
    • Auto: Uses the most appropriate link setting, which is based on how the network segment is configured. If the appliance is in inline protection, inline simulation, or HA mode, then the propagate link setting behaves as True. If the appliance is in passive monitoring mode, the setting behaves as False.
    • True: The link on the corresponding inline port breaks when one of the links is down (such as when a cable is broken or disconnected).
    • False: The link on the corresponding inline port is left intact when one of the links is down.