How NGAF pass-through mode works?

KHANH NGUYEN Lv1Posted 17 Sep 2023 11:00

I'm working with an NGAF device, and would like to learn more about how pass through mode works. Thank you for providing detailed documentation about this content. thanks a lot

Newbie517762 has solved this question and earned 20 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

HiHi,

Pls find the link for Sangfor NGAF_V8.0.5_Bypass Mode Deployment Guide.

Regards,
Is this answer helpful?
Newbie517762 Lv5Posted 18 Sep 2023 10:10
  
HiHi,

Pls find the link for Sangfor NGAF_V8.0.5_Bypass Mode Deployment Guide.

Regards,
RegiBoy Lv5Posted 18 Sep 2023 11:37
  
Transparent mode in NGAF is a deployment mode that can be selected in the Sangfor NGAF device. It acts like a transparent device in the network, standing between the 2nd and 3rd layer. Please refer to the configuration on the NGAF Manual.
GingP Lv2Posted 18 Sep 2023 11:45
  
Sangfor NGAF_V8.0.5_Bypass Mode Deployment Guide - Please refer to the guide
Shiela012 Lv3Posted 18 Sep 2023 13:28
  
Sangfor NGAF_V8.0.5_Bypass Mode Deployment Guide
1 Applicable Scenario
Bypass Mode: It can protect while not affecting the user network environment and avoid downtime risk caused by NGAF devices. It will connect to the mirror port of the switch to ensure that traffic will go through the switch when the user accesses the server.
2 Configuration Steps
2.1 Configure Interfaces and Logging Option
Navigate to Network > Interface to add or modify the zone and the type of Physical Interface. Set the Network Objects into your desired group of users.
2.2 Configure Logging Option
Navigate to System > Logging Option to activate the Internal Report Center from Traffic audit logs section, as shown below. Kindly click the Apply button to save the configuration from allowing NGAF to audit the user's traffic in their network activities.
2.3 Configure IPS and WAF Policies
Access to Policies and configure IPS and WAF features.
You can check the Realtime Vulnerability Analytics checkbox if you need it for your server.
In Protection, you can activate Intrusion Prevention and Web App Protection.
Navigate to System > General > System > Network, check the Send TCP Reset message in mirror mode to reject checkbox to prevent the packets from entering the network from WAF/IPS.
3 Precautions
AF traffic ranking will show the traffic of the local IP group and non-local IP group.
If there are any other protection functionalities, you have to navigate to System > Network > and select Send TCP Reset message in mirror mode to reject. Else, WAF, IPS, or other functionalities will not be effective.
engineer_baz Lv1Posted 19 Sep 2023 11:01
  
which the NGAF device does not perform any inspection or filtering on the traffic that passes through it. This can be useful for troubleshooting purposes, or for connecting to devices that are not compatible with the NGAF device.

To enable NGAF pass-through mode, you must configure the NGAF device to bypass all security policies. Once this is done, all traffic will flow through the NGAF device without being inspected or filtered.

It is important to note that when NGAF pass-through mode is enabled, your network will be vulnerable to attack. Therefore, it is important to only enable NGAF pass-through mode when necessary.
Zonger Lv5Posted 19 Sep 2023 16:58
  
In NGAF (Next-Generation Application Firewall) device, "pass-through mode" typically refers to a mode in which network traffic is allowed to pass through the device without undergoing deep inspection or firewall rules. This mode is often used for scenarios where you want the NGAF device to function as a transparent bridge, simply forwarding traffic without applying security policies or inspecting the data packets in detail. It's commonly employed when the NGAF device is used for monitoring or network troubleshooting purposes, allowing traffic to flow without any interference from the firewall's security features.
mdamores Posted 20 Sep 2023 10:23
  
To configure pass-through mode, you would set rules or policies to specify which traffic are allowed or not. Below are some steps to configure pass-through mode in Sangfor NGAF depending on the version and configuration in each deployment.
1.        Login to Sangfor NGAF management console
2.        Check the firewall policy or rule configuration page
3.        Create rule or policy with specific policy for traffic in pass-through mode
4.        In the rule or policy configuration, make sure that the option for Pass-through mode was set to allowed or enabled.
5.        Always make sure to save and apply the configuration changes.
Please take note that while pass-through mode is useful for some cases, it reduces the security level provided by NGAF. So always make sure to use it with precaution and only when necessary
MISMIS Lv3Posted 20 Sep 2023 10:35
  
"Pass-through mode" often refers to a setting in NGAF (Next-Generation Application Firewall) devices that permits network traffic to flow through the device without going through deep inspection or firewall rules.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders