Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Configuring a Fail Strategy for Traffic
A fail strategy must be defined for any situation where the inspection engine is down, then how should the traffic be handled. You can either bypass or block the traffic. By default, the fail strategy is set to Bypass, which means that traffic flow continues even when the Intrusion Prevention engine crashes and fails to inspect the traffic. When Block strategy is selected as the fail strategy, then traffic flow is blocked if it does not go through the inspection.
To configure the fail strategy, complete the following steps:
- In the WebUI, select one of the following options:
- To configure a Branch Gateway group, complete the following steps:
- Set the filter to a group containing at least one Branch Gateway.
The dashboard context for a group is displayed. - Click .
- Click the Branch Gateway group configuration dashboard. icon to view the
- Set the filter to a group containing at least one Branch Gateway.
- To configure a Branch Gateway, complete the following steps:
- Set the filter to Branch Gateway. or a group containing at least one
- Under
A list of gateways is displayed in the List view. , click > . - Click a gateway under
The dashboard context for the gateway is displayed. .
- To configure a Branch Gateway group, complete the following steps:
- Under , click > .
- Click the IDS Intrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network./IPS Intrusion Prevention System. The IPS monitors a network for malicious activities such as security threats or policy violations. The main function of an IPS is to identify suspicious activity, log the information, attempt to block the activity, and report it. configuration page. icon to open the Gateway
- In the tab, under , by default, is selected as the mode of inspection.
-
Configure Fail Strategy:
- Select Bypass if you want the traffic flow to continue even when the Intrusion Prevention engine crashes and fails to inspect the traffic.
A slight disruption in the traffic occurs when AOS detects an engine failure and takes action based on the fail strategy configuration.
When Bypass is selected, the new and existing sessions are redirected after the IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it. engine becomes active.
- Select Block, if you do not want the traffic to flow until the Intrusion Prevention engine inspects the data packets.
If you select this option, your traffic flow is blocked until the Intrusion Prevention engine starts inspecting the traffic.
- Select Bypass if you want the traffic flow to continue even when the Intrusion Prevention engine crashes and fails to inspect the traffic.