Manualshelf

Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
31323334353637383940
40
Chapter 5 Defining IPS Engines
Defining Reset Interfaces
Reset Interfaces can deliver TCP resets and ICMP “destination unreachable” messages to
interrupt communications picked up from Capture Interfaces when the communications trigger a
response.
VLANs are supported for sending resets, but the correct VLAN is selected automatically. An
interface you want to use as the Reset Interface must not have any manually added VLAN
configuration.
The Reset Interface must be in the same broadcast domain as the Capture Interface that uses
the Reset Interface. The resets are sent using the IP addresses and MAC addresses of the
communicating hosts.
To define a Reset Interface
1. Right-click and select New Physical Interface. The Physical Interface Properties dialog
opens.
2. Select the Interface ID.
3. Select Normal Interface as the Type.
4. Click OK.
This interface can now be used as a Reset Interface. When you set up the physical network,
make sure that the Reset Interface connects to the same network as the Capture Interface(s).
Defining Capture Interfaces
Capture Interfaces listen to traffic that is not routed through the IPS engine. You can have as
many Capture Interfaces as there are available physical ports on the IPS engine (there are no
license restrictions regarding this interface type).
External equipment must be set up to mirror traffic to the Capture Interface. You can connect a
Capture Interface to a switch SPAN port or a network TAP to capture traffic. For more
information, see Capture Interfaces (page 19).
To define a Capture Interface
1. Right-click and select New Physical Interface. The Physical Interface Properties dialog
opens.
2. Select the Interface ID.
3. Select Capture Interface as the Type.
4. (Optional) Select a TCP Reset Interface for traffic picked up through this Capture Interface.
5. If your configuration requires you to change the Logical Interface from Default_Eth, select
the Logical Interface in one of the following ways:
Select an existing Logical Interface from the list.
Select Other and browse to another Logical Interface.
Select New to create a new Logical Interface.
6. Click OK.
Note – An interface that is used only as a Reset Interface must not have an IP address.