Installation guide

Defining Traffic Inspection Interfaces for IPS Engines

Defining Logical Interfaces

A Logical Interface is used in the IPS policies and the traffic inspection process to represent a

network segment. The SMC contains one default Logical Interface. A Logical Interface can

represent any number or combination of interfaces and VLAN Interfaces, except that the same

Logical Interface cannot be used to represent both Capture Interfaces and Inline Interfaces on

the same IPS engine. The rules in the ready-made IPS Template match all Logical Interfaces.

 To define a Logical Interface

1. Select Configuration→Configuration→Security Engine. The Security Engine Configuration

view opens.

2. Expand the Other Elements branch.

3. Right-click Logical Interfaces and select New Logical Interface. The Logical Interface

Properties dialog opens.

4. Enter a unique Name.

5. (Optional) If you use VLAN tagging on Capture or Inline Interfaces, select View interface as

one LAN if you do not want the IPS engine to see a single connection as multiple

connections when a switch passes traffic between different VLANs and all traffic is mirrored

to the IPS engine through a SPAN port.

6. Click OK.

Repeat these steps to define any additional Logical Interfaces.

What’s Next?

 If you want to use Reset Interfaces together with Capture Interfaces, define the Reset

Interfaces first. Proceed to Defining Reset Interfaces (page 40).

 To define Capture Interfaces, proceed to Defining Capture Interfaces (page 40).

 To define Inline Interfaces, proceed to Defining Inline Interfaces (page 41).