Types of interfaces for NGFW Engines in the IPS and Layer 2 Firewall roles

Interface definitions are an important part of IPS and Layer 2 Firewall elements.

Table 1. Types of interfaces for NGFW Engines in the IPS and Layer 2 Firewall roles
Interface type Purpose of interface Limitations
Physical

(Normal type)

System communications.

These interfaces are used when the engine is the source or the final destination of the communications. An example is control communications between the engine and the Management Server.

Define at least one interface that is dedicated to system communications for each IPS engine or Layer 2 Firewall.

 
Physical

(Capture Interface or Inline Interface type)

Traffic inspection.

Define one or more traffic inspection interfaces for each IPS engine or Layer 2 Firewall.

 
VLAN Divides a single physical interface into several virtual interfaces.
  • You cannot add VLAN Interfaces on top of other VLAN Interfaces (nested VLANs).
  • You cannot create valid VLAN Interfaces in a Virtual NGFW Engine if the Master NGFW Engine interface that hosts the Virtual NGFW Engine is a VLAN Interface.