Руководство По Установке для Cisco Cisco Firepower Management Center 4000
2-5
Cisco NGIPS for Blue Coat X-Series Installation and Configuration Guide
Chapter 2 Understanding Deployment
Understanding Deployment Scenarios
Internal Tap in a Passive Deployment
You can deploy Cisco NGIPS for Blue Coat X-Series in passive mode using an internal tap to receive
copies of all packets passing through another application in the network. In this example, Cisco NGIPS
for Blue Coat X-Series receives copies of all packets passing through an application hosted on a VAP in
the VAP group called Monitored VAP Group.
copies of all packets passing through another application in the network. In this example, Cisco NGIPS
for Blue Coat X-Series receives copies of all packets passing through an application hosted on a VAP in
the VAP group called Monitored VAP Group.
Using an Inline Deployment
You can deploy as an inline access control system, where, in addition to trusting or monitoring traffic,
you can block traffic based on access control rule criteria. You can also set up intrusion and file policies
and select them in your access control policies to perform further analysis and, if needed, block traffic
based on intrusion prevention and file control settings. If you deploy with a firewall, you can monitor
traffic that is allowed inbound by the firewall policy or enters your network due to firewall
misconfiguration. You can also detect and prevent attacks originating from hosts on the internal network.
you can block traffic based on access control rule criteria. You can also set up intrusion and file policies
and select them in your access control policies to perform further analysis and, if needed, block traffic
based on intrusion prevention and file control settings. If you deploy with a firewall, you can monitor
traffic that is allowed inbound by the firewall policy or enters your network due to firewall
misconfiguration. You can also detect and prevent attacks originating from hosts on the internal network.