Technical Documentation

Transparent Mode Overview

You deploy a virtual router in transparent mode when you are ready to take action against network attacks.

In transparent mode, the IDP appliance is in the path of network traffic. You connect the device traffic interfaces to network devices, such as firewalls or switches. The virtual router receives traffic from an input port of a traffic interface pair. For Layer 3 traffic, IDP inspects and processes it according to your security policy rules, taking action against threats and forwarding safe traffic through the output port of the traffic interface pair. For Layer 2 connections, you can choose to drop them or pass them through the device without inspection.

You do not need to configure other network devices to be aware of the IDP appliance.

Figure 1 illustrates a transparent mode deployment.

Figure 1: Network Diagram: Transparent Mode

Image g036603.gif

Table 1 lists the features and limitations of transparent mode.

Table 1: Transparent Mode: Features and Limitations

Features

Limitations

  • Simple, transparent deployment
  • No changes to routing tables or network equipment
  • Supports all IDP security policy rulebases and all rule actions
  • Optionally passes through Layer 2 traffic
  • Passes through non-IP and non-ARP traffic
  • Passes through heartbeats used in deployments with an external bypass unit
  • Passes through bridge protocol data unit (BPDU) packets used in deployments with Spanning Tree Protocol (STP)
  • Internal bypass, peer port modulation, and flow bypass under congestion features minimize risk that the IDP appliance will be a point of failure
  • Cannot connect IP networks with different address spaces

Published: 2010-01-12