1. If configure properly, it will definitely not break any connectivity (its a bump in the wire). Of course if some traffic is denied by any IPS signature itself, that is a different matter. Please see this example for more help:
2. Inline mode is deployed where you want proactive protection and the the IPS box you have has sufficient throughput and other resources that will allow it to monitor that segment of your network (or multiple segments for that matter..)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...