Symantec 10521148 Implementation Guide - Page 43
Fail-open, About the In-line Bypass unit
View all Symantec 10521148 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 43 highlights
Fail-open Deploying the 7100 Series 35 Deployment options Fail-open refers to a configuration that allows network traffic to continue even if the Symantec Network Security 7100 Series appliance has a hardware or software failure that affects one or more of its in-line interface pairs. For in-line interface pairs on the appliance, fail-open is an option that requires the purchase and installation of another device called the Symantec Network Security In-line Bypass unit. See the following sections for more information: ■ About the In-line Bypass unit ■ The 2 In-line Bypass unit ■ The 4 In-line Bypass unit ■ Port groups and the management port on the bypass unit ■ Online and bypass modes ■ Link parameters on bypass unit interfaces ■ Front panel LEDs on the bypass unit ■ Rear panel LEDs on the bypass unit About the In-line Bypass unit Since in-line mode by definition places the appliance into the network path, a hardware or software failure affecting the interface pair will interrupt network traffic, or fail closed. To avoid this you can install the In-line Bypass unit. The bypass unit monitors the 7100 Series status, and if it senses a failure, the bypass unit provides direct network connectivity. There are two bypass unit models, called the 2 In-line Bypass unit and the 4 In-line Bypass unit. The two models are designed to accommodate 7100 Series appliances with either four or eight copper monitoring interface ports. The following table summarizes the features of the bypass unit models: Table 3-2 Bypass unit features Feature 2 In-line Bypass unit 4 In-line Bypass unit Supported appliance model 7120 Supported number of in-line interface 2 pairs (equals number of port groups on bypass unit) 10/100/1000 Base-TX (MDIX) interfaces 2 7160 4 4