Sangfor Community»Categories Products Network Secure (NGAF) explain what Mirror and Virtual wire interface types ...

explain what Mirror and Virtual wire interface types in ngaf

views: 302 | comments: 2 | added to Favorites 0
Lights on | 提示:支持键盘翻页<-左 右->
    组图打开中,请稍候......
Created: 2024-Nov-11 10:24

Summary:

Last edited by masih_pemula 11 Nov 2024 10:25. explain what Mirror and Virtual wire interface types in ngaf

Reply

Farina Ahmed Posted 2024-Nov-11 13:05
The Mirror interface is used to capture and analyze network traffic without interrupting or altering the flow of data. It typically acts as a "passive" interface that copies traffic from a monitored source for inspection, making it ideal for traffic analysis, monitoring, or intrusion detection.

The Virtual Wire interface is a more active, transparent mode of operation where the firewall acts as a bridge between two network segments, without altering the IP addressing or routing. It allows traffic to flow between interfaces as if the firewall were invisible to the network, providing security features like filtering and inspection without requiring changes to the network topology or IP configuration. Both interfaces help to enhance visibility and security in different deployment scenarios.
Newbie517762 Posted 2024-Nov-11 11:00
HiHi,

Mirror Interface is generally used for devices to monitor the intranet with bypass deployment. Select the network segment to be monitored under Network Objects. At the same time, you need to enable mirroring on the connected switch and mirror traffic to the NGAF device mirroring interface.

Virtual wire interface is also a common switching interface. It does not need to be configured with an IP address and does not support routing. For data forwarding, the device will not check the MAC table but directly forward it from the interface paired with the virtual network cable. Different from the bridge interface, the virtual wire interfaces appear in pairs.

Please find the link below for details: