McAfee IIP-S14C-NA-100I Product Guide - Page 25

Cabling for in-line mode, Cabling the I-1400 to monitor in in-line mode

Get McAfee IIP-S14C-NA-100I - IntruShield 1400 Sensor Appliance PDF manuals and user guides View all McAfee IIP-S14C-NA-100I manuals
Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

McAfee® IntruShield® IPS 4.1 IntruShield Sensor 1400 Product Guide Cabling for in-line mode Attaching cables to the I-1400 Sensor Cabling for in-line mode Cabling the I-1400 to monitor in in-line mode In-line mode requires that you use a pair of sensor ports as described in the section Using peer ports (on page 15). Caution: Cabling sensors for in-line mode requires a brief network interruption as you insert it in the flow of network traffic. To avoid extended network downtime, you should cable a sensor for in-line mode after you have completed all other configuration tasks. The I-1400's internal 10/100 ports fail open, meaning they allow traffic to continue to flow unimpeded if the sensor fails. To interrupt traffic, you must use the special failclosed dongles that is supplied in the sensor box. ► To connect the I-1400 to the devices you want to monitor in in-line mode: Note: This procedure uses port pair 1A and 1B as the example. 1 Do one of the following: For fail-closed operation, plug a Cat 5/Cat 5e cable with a fail-closed dongle into port 1A. The fail-closed dongle will interrupt traffic if the sensor fails. For fail-open operation, plug a Cat 5/Cat 5e cable into port 1A. Note: See Cable types for routers, switches, hubs, and PCs (on page 16) to determine which cable type to use with which type of network device. 2 Plug a Cat 5/Cat 5e cable into port 1B. 3 Connect the other end of each cable to the network devices that you want to monitor. (For example, if you plan to monitor traffic between a switch and a router, connect the cable connected to 1A to the switch and the one connected to 1B to the router.) Cabling for Tap mode Cabling the I-1400 to monitor in internal Tap mode Internal tap mode requires that you use both sensor ports as described in Using peer ports (on page 15). The I-1400's internal tap works in fail open mode, meaning it allows traffic to continue to flow unimpeded if the sensor fails. Note, however, that in the event of a sensor error or reboot, there may be a brief (seconds to minutes) network interruption as the two devices connected to the sensor establish connectivity. 17

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
McAfee® IntruShield® IPS 4.1
Attaching cables to the I-1400 Sensor
IntruShield Sensor 1400 Product Guide
Cabling for in-line mode
Cabling for in-line mode
Cabling the I-1400 to monitor in in-line mode
In-line mode requires that you use a pair of sensor ports as described in the section
Using peer ports (on page 15).
Caution:
Cabling sensors for in-line mode requires a brief network interruption as
you insert it in the flow of network traffic. To avoid extended network downtime, you
should cable a sensor for in-line mode
after
you have completed all other
configuration tasks.
The I-1400’s internal 10/100 ports
fail open
, meaning they allow traffic to continue to
flow unimpeded if the sensor fails. To interrupt traffic, you must use the special fail-
closed dongles that is supplied in the sensor box.
To connect the I-1400 to the devices you want to monitor in in-line
mode:
Note:
This procedure uses port pair 1A and 1B as the example.
1
Do one of the following:
±
For
fail-closed
operation, plug a Cat 5/Cat 5e cable with a fail-closed dongle
into port 1A. The fail-closed dongle will interrupt traffic if the sensor fails.
±
For
fail-open
operation, plug a Cat 5/Cat 5e cable into port 1A.
Note:
See Cable types for routers, switches, hubs, and PCs (on page 16) to
determine which cable type to use with which type of network device.
2
Plug a Cat 5/Cat 5e cable into port 1B.
3
Connect the other end of each cable to the network devices that you want to
monitor. (For example, if you plan to monitor traffic between a switch and a
router, connect the cable connected to 1A to the switch and the one connected to
1B to the router.)
Cabling for Tap mode
Cabling the I-1400 to monitor in internal Tap mode
Internal tap mode requires that you use both sensor ports as described in Using peer
ports (on page 15).
The I-1400’s internal tap works in
fail open
mode, meaning it allows traffic to continue
to flow unimpeded if the sensor fails. Note, however, that in the event of a sensor
error or reboot,
there may be a brief (seconds to minutes) network interruption as the two devices
connected to the sensor establish connectivity.
17