Interface Setup – Cisco IPS-Only Deployment in Inline Mode
Interface Setup
An inline set is a logical group of one or more interface pairs. Before you add an inline set, you must create an inline interface pair and associate the pair with the inline set you want to add. To create an inline set, follow these steps:
Step 1. Navigate to Devices > Device Management. A list of all the devices that are registered with management center appears (see Figure 6-6).
Figure 6-6 The Device Management Page Displays a List of Managed Devices
Step 2. Click the pencil icon that is next to the threat defense you want to configure. The device editor page appears, showing all the physical interfaces of a threat defense on the Interfaces tab.
Step 3. Select the pencil icon next to each interface that will be part of an inline pair—in this case, the GigabitEthernet0/0 and GigabitEthernet0/1 interfaces (see Figure 6-7).
Figure 6-7 The Interfaces Tab Shows the List of Interfaces on a Threat Defense
Step 4. In the Edit Physical Interface window, the default value of the Mode drop-down is None. Keep it unchanged, because this setting represents inline mode. Then assign a name to the interface and click the Enabled check box to enable it. Assigning an IP address is not necessary for an inline interface. Click OK to return to the Interfaces tab.
Figure 6-8 shows the settings on the GigabitEthernet0/0 interface. This example uses the name INSIDE_INTERFACE for the GigabitEthernet0/0 interfaces.
Figure 6-8 The Edit Physical Interface Window
Step 5. Repeat step 4 for the other interface in the inline pair. For example, you can enable the GigabitEthernet0/1 interface with the name OUTSIDE_INTERFACE.
Step 6. After both interfaces are named and enabled, click the Save button to save the changes.
Figure 6-9 shows an overview of each interface configuration. Note that the IP address or security zone is not configured. Only the logical interface is necessary for an inline interface.
Figure 6-9 Overview of the Interface Configuration