Network Security Server Operational Modes

To understand operational mode on the FireEye Network Server appliance, first you should understand the port pairs and how they can be individually controlled. Dependent on how many operating ports your appliance is fitted with they will fall into a number of pairs. Pair A will relate to p-ether three and four ports on the appliance. Pair B to p-ether 5 and 6 and so on. Pairs can be split into two inbound tap or monitoring ports or used as a pair for inline monitoring pair. This means there are three types of monitoring that can take place on the appliance. Inline, which will block malicious traffic. Monitor, which will see malicious traffic and report it but not block it and Span or Tap, which will receive data only and report on it if it’s malicious. By default and on initial configuration all ports are set to individual tap ports. Configuration needs to take place to ensure you have the ports set as you would like to either monitor or block data. As well as setting each pair for the type of monitoring you can also set up the actions of how to deal with malicious data the appliance encounters. Options include a user side warning and comfort page. Either with access denied or forbidden messages which allows you to create the specific wording for each port pair.

Scroll to Top