topic Re: FTD IPS inline in Network Security

FTD IPS inline

lambay2000 — Sat, 30 Mar 2024 22:32:00 GMT

Dears

Please confirm the attached diagram flow will work with IPS inline mode,

My goal is to inspect traffic before it reaches to server in DC , Device A is capable of redirecting traffic to IPS interface 1 on vlan 20 through switch after traffic is inspected it should route back through interface 2 on vlan 30 through switch to Device A.

Thanks

Re: FTD IPS inline

Ruben Cocheno — Sat, 30 Mar 2024 23:28:22 GMT

@lambay2000

It's recommended to have the IPS between VLAN 40 and Switch2 using another VLAN.

Re: FTD IPS inline

lambay2000 — Sun, 31 Mar 2024 07:39:17 GMT

Dear Ruben

Can i know how does the IPS switches frames ?

please find the attached diagram and correct me if the below statements are wrong

IPS is acting as an virtual wire so instead of two vlans 40 and 50 it should be only one vlan 50 hence IPS is not aware of vlans but to communicate on the same IP subnet the F5 device has a vlan attached to it and acting as a router on stick.
Either a device ( server or router) is connected directly or through the switch it doesn't matters as far as the opposite end device has the same subnet IP and vlan number.

Now lets back to the design submitted earlier.

The F5 device is built for this purpose that means it will redirect the traffic to an IPS and it is waiting to receive it back from IPS, hence IPS is not aware of vlans it just stiches the frames from one interface to another interface the frames will receive on the switch on the same broadcast domain and it will receive the frames on the f5 another interface. Please correct me if i m wrong

Thanks

Re: FTD IPS inline

lambay2000 — Tue, 02 Apr 2024 14:06:09 GMT

Dears

anyone can reply to my query

thanks