SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  IPS inline-tab mode

    Posted 07-07-2017 02:32

    inline tap mode ensure best performance and speed , by allow the firewall to pass the traffic and send a copy from the traffic to the IPS engine and if there is an attack the prevention action will be ignore !!!!!

     

    My question here what is the use of this mode if attack will pass , it will be like a stupid engineer who admire fast processing and the network is under attack ???



  • 2.  RE: IPS inline-tab mode
    Best Answer

     
    Posted 07-07-2017 07:04

    Hi AhmedMohamed

     

    The purpose of inline-tap is detection of attacks while not compromising on performance. Use case scenarios for this is during initial deployment to assess integrity of the network before implementing integrated mode on the traffic path most susceptible to attacks. 

     

    Moreover you can still reset a TCP connection in inline-tap mode but not until the inspection engine returns a value. 

     

    Also, starting with 15.1X49-D10 inline-tap mode is not supported on SRX Series devices.

     

    Hope this helps

     

    Regards,

    Anand
    --------------------------------------------------------------------------------------------------------
    If this post was helpful, please mark this post as an "Accepted Solution".
    Kudos are always appreciated!
    --------------------------------------------------------------------------------------------------------