Im-ips card configuration, Configuration overview, From internal network to external network – H3C Technologies H3C SecBlade IPS Cards User Manual
Page 67: From external network to internal network
60
Figure 43 Create a segment
Figure 44 Configure the segment
IM-IPS Card Configuration
NOTE:
The IM-IPS card is only for the SR8800 routers.
Configuration Overview
The router and the SecBlade IPS card are connected through internal 10GE interfaces. With OAA
configured, the router automatically redirects traffic to the SecBlade IPS card through its 10GE interface.
After processing the traffic, the SecBlade IPS card sends the traffic back to the router through its internal
10GE interface, and the router forwards the traffic. The detailed data forwarding process is as follows.
From internal network to external network
1.
Packets from the internal network enter the router.
2.
The router redirects the packets to the SecBlade IPS card.
3.
The SecBlade IPS card processes the packets, and then forwards them back to the router.
4.
The router forwards the packets out its external network interface.
From external network to internal network
1.
Packets from the external network enter the router.
2.
The router redirects the packets to the SecBlade IPS card.
3.
The SecBlade IPS card processes the traffic, and then forwards them back to the router.
4.
The router forwards the packets out its internal network interface.