Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
Example: Configuring IDP Inline Tap Mode
This example shows how to configure a device for inline tap mode.
Requirements
Before you begin, review the inline tap mode feature. See Understanding IDP Inline Tap Mode.
Overview
The inline tap mode feature provides passive, inline detection of Application Layer threats for traffic matching security policies that have the IDP application service enabled.
 | Note: IDP inline tap mode does not require a separate tap or span port. |
Configuration
Step-by-Step Procedure
To configure a device for inline tap mode:
- Set inline tap mode.[edit]user@host# set security forwarding-process application-services maximize-idp-sessions inline-tap
- If you are done configuring the device,
commit the configuration.[edit]user@host# commit
- Restart the system from operational mode.user@host> request system reboot
Note: When switching to inline tap mode or back to regular mode, you must restart the device .
- If you want to switch the device back to regular
mode, delete inline tap mode configuration.[edit security]user@host# delete forwarding-process application-services maximize-idp-sessions inline-tap
Verification
To verify that inline tap mode is enabled, enter the show security idp status command. The line item for the forwarding process mode shows “Forwarding process mode : maximizing sessions (Inline-tap)”.
