Chapter 9: Inline Quarantine Method - Extreme Networks Sentriant AG Software User's Manual
Hide thumbs
Also See for Sentriant AG:
- Installation manual (80 pages) ,
- User manual (422 pages) ,
- Software user's manual (526 pages)
Table of Contents
Advertisement
9
Inline Quarantine Method
Inline is the most basic Sentriant AG installation. When deploying Sentriant AG inline, Sentriant AG
monitors and enforces all endpoint traffic. Sentriant AG allows endpoints to access the network or
blocks endpoints from accessing the network based on their Internet Protocol (IP) address with a built-
in firewall (iptables).
When Sentriant AG is installed in a single-server installation, Sentriant AG becomes a Layer 2 bridge
that requires no changes to the network configuration settings.
As shown in
(Figure
132), Sentriant AG is installed inline in a multiple-server configuration, the
multiple ESs form a Layer 2 bridge that spans two switches, resulting in a network loop. This is an
undesirable situation. To prevent this, you may have to configure the switch that connects the
Sentriant AG ESs to use Spanning Tree Protocol (STP), if STP is not already configured. The STP
automatically detects the loop, and closes one of the offending ports on the switch based on the switch
configuration. If an ES becomes unavailable, the switch automatically reconnects the previously closed
port so that there is always a path from the VPN to an ES.
See the Sentriant AG Installation Guide for more information on installing Sentriant AG in inline mode.
227
Sentriant AG Software Users Guide, Version 5.3
Advertisement
Table of Contents
