Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
761
Views
0
Helpful
1
Replies

Bypass Interface for IPS 4200

iskoy.istem
Level 1
Level 1

‎07-26-2011 10:32 PM - edited ‎03-10-2019 05:25 AM

Hi,

Can somebody help me how IPS bypass interface module for 4200 is used? Is it that, when IPS appliance fails (no power, hardware failure), traffic can readily flow from outside interface to inside bypassing the IPS? Usually in inline placement, IPS appliance is the point of failure during hardware failure, is the bypass module introduced to defy such failure?

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎07-28-2011 06:50 AM

The bypass module is only available on the 4260 and 4270 sensors. It can give you a hardware short of the Ethernet pairs in the event of a sensor power failure. The rest of the sensor product line uses a software bypass. We have found both of these methods to be less then reliable when a sensor experiences a software crash (the software need to realize the sensing app has crashed in order to activate the bypass). Using an external device has proven to be much more reliable.

A simple switch, with two VLANS can be used. Connect the two VLANS externally with your sensor and a patch cable. Assign a higher Spanning Tree Protocol cost to the cable connecting your two VLANS. The cable becomes a hot standby path to your sensor.

- Bob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card