Symantec 10521148 Implementation Guide - Page 38
Bandwidth licensing options, Passive mode, In-line mode, Interface grouping, Fail-open, Clustering
View all Symantec 10521148 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 38 highlights
30 Deploying the 7100 Series Deployment options be appliances or software versions on other platforms. You can integrate the appliance with third party intrusion detection products as well. See the following sections for more information: ■ Bandwidth licensing options ■ Passive mode ■ In-line mode ■ Interface grouping ■ Fail-open ■ Clustering ■ External IDS products Bandwidth licensing options The Symantec Network Security 7100 Series offers extremely flexible bandwidth deployment licensing. You can choose from three bandwidth levels for the 7120, and four levels for a 7160 or 7161. If your network traffic increases beyond your licensed rate, you can add to your license in 50 Mbps increments for the 7120, and in 250 Mbps increments for the 7160 and 7161. For more information about licensing, see "Licensing" on page 91. Passive mode Passive mode is the default method of monitoring traffic on network segments. It provides intrusion detection with logging, alerting, and response capabilities. Passive mode also provides maximum performance. Symantec Network Security 4.0 software provides the same functionality on other platforms as passive mode on the 7100 Series. When configuring monitoring interfaces to monitor network segments: ■ The 7120 can monitor four different network segments with a total bandwidth up to 200 Mbps of network traffic. ■ The 7160 and 7161 models can each monitor up to eight network segments, with a total bandwidth up to 2 Gbps. In passive mode, Network Security detects attacks as they enter the monitored network. You can configure response rules to provide alerts, send TCP resets, execute scripts, or take other actions. See the Symantec Network Security Administration Guide for more information on response rules.