Installation guide
42
Chapter 5 Defining IPS Engines
Bypassing Traffic on Overload
By default, inline IPS engines inspect all connections. If the traffic load is too high for the inline
IPS engine to inspect all the connections, some traffic may be dropped. Alternatively, inline IPS
engines can dynamically reduce the number of inspected connections if the load is too high.
This can improve performance in evaluation environments, but some traffic may pass through
without any access control or inspection.
To bypass traffic on overload
1. Switch to the Advanced tab.
2. Select Bypass Traffic on Overload.
Finishing the Engine Configuration
To finish the engine configuration
1. Write down the networks to which each Interface ID is connected
2. Click OK close the engine properties. You are promoted to open the Routing view
3. Click No.
Caution – Using Bypass mode requires a fail-open network interface card. If the ports that
represent the pair of Inline Interfaces cannot fail open, policy installation fails on the
engine. Bypass mode is not compatible with VLAN re-tagging. In network environments
where VLAN re-tagging is used, Normal mode is automatically enforced.
What’s Next?
Proceed to Finishing the Engine Configuration.
What’s Next?
You are now ready to transfer the configuration to the physical IPS engines. Proceed to
Saving the Initial Configuration (page 83).