I was introduced to Netoptics iBypass switches years ago, but it wasn’t until recently that I had the chance to administer one. As a new product to me, I read the user manual to make sure the IPS was connected correctly to the monitor ports. I worked with the sales engineer to make sure I understood how to use the product.
At time of deployment, I set the Bypass Mode to “TAP”. I did this because the admin of the IPS wasn’t ready to start blocking traffic yet. I was to change it after he had a chance to collect data for a while.
When the IPS admin was ready to have me reroute traffic through the IPS, we ran into some problems. I found that when I made the change, data wasn’t rerouted through the IPS. I had read the manual on how to do this, but clearly I didn’t do it correctly. See the image below with the Bypass Mode definitions.
I found the definitions to be a little confusing. It was confusing to me because I didn’t know what the Netoptics definition of Bypass was. Bypass meant that the data was going to bypass the IPS or monitoring tool. I was thinking that Bypass meant that it was going to Bypass the normal data flow path. Due to this, I had put the iBypass switch into bypass mode instead of normal mode for the data to flow through the IPS.
After learning this, I was able to set the iBypass to “Fail-open”. This mode put the iBypass into normal mode… Normal mode meaning that it is rerouting traffic through the IPS. If the IPS failed, the iBypass would send the data through bypassing the failed IPS.
Here are my definitions of Ixia’s Netoptics iBypass modes.
- Tap – Copy the data and send it to the IPS.
- Fail-Close – Reroute traffic through the IPS, when the IPS fails, don’t send data through the iBypass.
- Fail-Open – Reroute traffic through the IPS, when the IPS fails, keep sending data through the iBypass.
- Force-Bypass-Off – Force traffic through IPS.
- Force-Bypass-On-Close – Stop rerouting traffic, block all traffic.
- Force-Bypass-on-Open – Stop rerouting traffic, allow traffic to pass.
So far my experience with the iBypass switch has been a positive one.
I hope this helps you new iBypass switch users out there.
Please feel free to share your comments below!