01-29-2012 07:51 AM
Hi,
Just want to ask the proper way to deploy layer 4 monitoring for Ironport WSA, so below is the diagram.
Lets say the switch has 5 available ports. From fa0/3 to fa0/7.
Do I just use Duplex mode and Tap a line from T1 to the switch? eX. T1 of Ironport to fa0/3
Or use Simplex mode? ex T1 to Fa0/3 then T2 to Fa0/4.
Thanks
Clients -------------------------Fa0/0 SWITCH Fa0/1 -------------------------- Fa0/0 FIREWALL
Fa0/2
|
|
|
Ironport
Solved! Go to Solution.
01-29-2012 04:50 PM
Richard,
You've got it right, either way. If you put it in duplex, you echo everything from Fa0/1 to Fa0/2. If you go "Simplex", echo traffic leaving Fa0/1 (on the way to the firewall) Fa0/3, and incoming traffic to Fa0/4. On a busy network the duplex port on the Ironport could get overloaded...
I'd probably put all of the "security" stuff on a seperate VLAN so that any broadcasts on the client network don't add to the load.
Ken
01-29-2012 04:50 PM
Richard,
You've got it right, either way. If you put it in duplex, you echo everything from Fa0/1 to Fa0/2. If you go "Simplex", echo traffic leaving Fa0/1 (on the way to the firewall) Fa0/3, and incoming traffic to Fa0/4. On a busy network the duplex port on the Ironport could get overloaded...
I'd probably put all of the "security" stuff on a seperate VLAN so that any broadcasts on the client network don't add to the load.
Ken
01-29-2012 05:31 PM
Thanks.
02-15-2012 06:24 PM
Hi,
A follow up question, do i need to configure a span port for this to work? or do I just need to plug it in without any configuration on the switch?
This is for tap and duplex mode. what additional configuration do I need to configure on the switch for this to work.
02-15-2012 06:27 PM
Yes you need a span port. Span the port that the firewall is connected to to the port T1 is connected to.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: