Filter
Top Products
Network > Interfaces
263
SonicOS 5.8.1 Administrator Guide
Table 1 Wire Mode Settings
Wire Mode Setting Description
Bypass Mode Bypass Mode allows for the quick and relatively non-interruptive
introduction of Wire Mode into a network. Upon selecting a point of
insertion into a network (e.g. between a core switch and a perimeter
firewall, in front of a VM server farm, at a transition point between data
classification domains) the SonicWALL security appliance is inserted
into the physical data path, requiring a very short maintenance window.
One or more pairs of switch ports on the appliance are used to forward
all packets across segments at full line rates. While Bypass Mode does
not offer any inspection or firewalling, this mode allows the administrator
to physically introduce the SonicWALL security appliance into the
network with a minimum of downtime and risk, and to obtain a level of
comfort with the newly inserted component of the networking and
security infrastructure. The administrator can then transition from
Bypass Mode to Inspect or Secure Mode instantaneously through a
simple user-interface driven reconfiguration.
Inspect Mode Inspect Mode extends Bypass Mode without functionally altering the
low-risk, zero-latency packet path. Packets continue to pass through the
SonicWALL security appliance, but they are also mirrored to the multi-
core RF-DPI engine for the purposes of passive inspection,
classification, and flow reporting. This reveals the appliance’s
Application Intelligence and threat detection capabilities without any
actual intermediate processing.
When Inspect Mode is selected, the Restrict analysis at resource limit
option specifies whether all traffic is inspected. When this option is
enabled (which is the default), the appliance scans the maximum
number of packets it can process. The remaining packets are allowed to
pass without inspection. If this option is disabled, traffic will be throttled
in the flow of traffic exceeds the firewalls inspection ability.
Note Disabling the Restrict analysis at resource limit option will
reduce throughput if the rate of traffic exceeds the appliance’s
ability to scan all traffic.