Cisco Cisco Web Security Appliance S190 Guía Del Usuario
3-17
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 3 Deployment
Deploying the L4 Traffic Monitor
•
Network address translation (NAT). When configuring the L4 Traffic
Monitor, connect it at a point in your network where it can see as much
network traffic as possible before getting out of your egress firewall and onto
the Internet. It is important that the L4 Traffic Monitor be ‘logically’
connected after the proxy ports and before any device that performs network
address translation (NAT) on client IP addresses.
Monitor, connect it at a point in your network where it can see as much
network traffic as possible before getting out of your egress firewall and onto
the Internet. It is important that the L4 Traffic Monitor be ‘logically’
connected after the proxy ports and before any device that performs network
address translation (NAT) on client IP addresses.
•
L4 Traffic Monitor action setting. The default setting for the L4 Traffic
Monitor is monitor only. After setup, if you configure the L4 Traffic Monitor
to monitor and block suspicious traffic, ensure that the L4 Traffic Monitor and
the Web Proxy are configured on the same network so that all clients are
accessible on routes that are configured for data traffic.
Monitor is monitor only. After setup, if you configure the L4 Traffic Monitor
to monitor and block suspicious traffic, ensure that the L4 Traffic Monitor and
the Web Proxy are configured on the same network so that all clients are
accessible on routes that are configured for data traffic.
Connecting the L4 Traffic Monitor
You can connect the L4 Traffic Monitor to the network in any of the following
ways:
ways:
•
Network tap. When you use a network tap, you can choose the following
communication types:
communication types:
–
Simplex. This communication type uses one cable for all traffic between
clients and the appliance, and one cable for all traffic between the
appliance and external connections. Connect port T1 to the network tap
so it receives all outgoing traffic (from the clients to the Internet), and
connect port T2 to the network tap so it receives all incoming traffic
(from the Internet to the clients).
clients and the appliance, and one cable for all traffic between the
appliance and external connections. Connect port T1 to the network tap
so it receives all outgoing traffic (from the clients to the Internet), and
connect port T2 to the network tap so it receives all incoming traffic
(from the Internet to the clients).
–
Duplex. This mode uses one cable for all incoming and outgoing traffic.
You can use half- or full-duplex Ethernet connections. Connect port T1
to the network tap so it receives all incoming and outgoing traffic.
You can use half- or full-duplex Ethernet connections. Connect port T1
to the network tap so it receives all incoming and outgoing traffic.
Note
Cisco recommends using simplex when possible because it can increase
performance and security.
performance and security.
•
Span/mirror port of an L2 switch. Connecting is similar to a simplex or
duplex tap, depending on whether the connection uses two separate devices
or one device.
duplex tap, depending on whether the connection uses two separate devices
or one device.
•
Hub. Choose duplex when you connect the L4 Traffic Monitor to a hub.