Disconnect mode for IPS engines and Layer 2 Firewalls and how it works

IPS engines and Layer 2 Firewalls support disconnect mode, which enables constant monitoring of link connections and minimizes delays caused by link failures.

When IPS engines or Layer 2 Firewalls are deployed in inline mode, link failures cause significant traffic transfer delays if the link failure is undetected. Failure to detect link failures can be prevented in disconnect mode.

If a link fails on one side of an Inline Interfaces pair, the IPS engine or Layer 2 Firewall:
  • Detects the failure
  • Simulates cable disconnection on the other side
  • Takes down the other side's link transmitter (TX)
The IPS engine or Layer 2 Firewall continues to monitor the receiver (RX) side of a pair of Inline Interfaces. It detects when the link is up again and brings the transmitter (TX) backup accordingly.
By default, disconnect mode is active on:
  • All IPS appliances that support the feature
  • On all Forcepoint NGFW appliances that are used in the IPS or Layer 2 Firewall role