回复： difference between inline and inline tap

qerubn543621 · ‎09-09-2023

About these two modes inline and inline tap
Which one is more suitable? 1or2

I referred to this article and the description is 1, which is more suitable.

https://rayka-co.com/lesson/cisco-firepower-deployment-modes/
1. Inline tap mode can send a copy of the traffic to another device.
2. Inline mode can drop malicious traffic.

I would like to ask if there is any official documentation, because I can’t find it.

betliu · ‎09-20-2023

Please refer to https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/720/management-center-device-config-72/interfaces-settings-ifcs-ips.html for IPS Interface Types.

There are benefits to using tap mode with FTDs that are deployed inline. For example, you can set up the cabling between the threat defense and the network as if the threat defense were inline and analyze the kinds of intrusion events the threat defense generates. Based on the results, you can modify your intrusion policy and add the drop rules that best protect your network without impacting its efficiency. When you are ready to deploy the threat defense inline, you can disable tap mode and begin dropping suspicious traffic without having to reconfigure the cabling between the threat defense and the network.

Tap mode significantly impacts threat defense performance, depending on the traffic.

qerubn543621 · ‎09-24-2023

difference between inline and inline tap, So which one is correct ? 1or2.
1. Inline tap mode can send a copy of the traffic to another device.
2. Inline mode can drop malicious traffic.