Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for ProfiTap F1-10G-BP BYPASS TAP
Summary of Contents for ProfiTap F1-10G-BP BYPASS TAP
- Page 1 F1-10G-BP BYPASS TAP INSTALLATION AND CONFIGURATION MANUAL www.profitap.com...
- Page 2 BRINGING CLARITY INTO NETWORKS. ANYTIME. ANYWHERE.
- Page 3 For any questions, technical or otherwise, please contact our customer support through our website: www.profitap.com or by email: info@profitap.com For the latest documentation and software, visit our Resource Center: http://www.profitap.com/resource-center/...
-
Page 4: Table Of Contents
2. 1 Technical and Electrical Specifications 2.2 Front View 2.3 Rear View 2.4 LED Functionality 3. Connecting Power and Start-Up 4. Accessing the F1-10G-BP Bypass Tap Configuration 1. Web Administration 1. 1 Device Status 1.2 Port Management 1.3 Global Statistics 1.4 Bypass Settings... -
Page 5: Installation
INSTALLATION 1. UNPACKING & INSTALLATION 1.1 Unpacking Carefully unpack all the items supplied with the F1-10G-BP and retain the packaging for later use: ◉ 1 x F1-10G-BP main unit ◉ 2 x 12V 1.5A Power supply ◉ 1 x DB9 to RJ45 Console cable Note: Please contact the supplier if any part is missing or damaged. -
Page 6: Product Overview
2. PRODUCT OVERVIEW Active in-line security appliances are single points of failure in any network. The F1-10G-BP bypass TAP monitors the health of your appliance over copper or fiber connections and removes any point of failure by automatically switching traffic in a bypass mode, to keep the network critical link up. - Page 7 customized. Predefined packets include IPX, ICMP request/reply, LCP request/reply and TCP-SYN. The device is factory programmed with two globally unique MAC addresses, used as source MAC addresses for Heartbeat A and B. HEARTBEAT RATE CONTROL The Heartbeat injection rate can be set from 50µs to 4s (default value is 1s). HEARTBEAT FAILURE TIMEOUT The Heartbeat failure timeout can be set from 50µs to 4s (default value is 3s).
- Page 8 BYPASS CIRCUITS Covering all failure scenarios, the F1-10G-BP unit is equipped with both a physical bypass (passive) and a logical bypass (activated by the FPGA) used to maintain data flow: ◉ In case of power outage, the physical bypass is activated by default (fail open), allowing the network connection on the tapped line to remain functional.
-
Page 9: Technical And Electrical Specifications
2.1 Technical and Electrical Specifications ◉ Dimensions (WxDxH): 120 x 205 x 41 mm — 4.72 x 8.07 x 1.61 in ◉ Weight: 950 g — 2. 1 lb ◉ Power requirement: 12V 1.5A ◉ BTU/hr: 62... -
Page 10: Front View
2.2 Front View 1, 2 PSU1, PSU2 Status LEDs Rx / Tx activity LEDs for TAP A & TAP B Bypass Status Led SFP+ interfaces, accepting copper/fiber modules, used for connecting to monitored Fan Status LED security appliances. 1Gbps/10Gbps Serial Management interface In-Line network ports, accepting LC optical 115200/8/1/n fiber connections. -
Page 11: Led Functionality
2.4 LED Functionality LED FUNCTION / STATE MEANING / CONTROL PSU is operating normally Green OVP: Over Voltage Protection Fan LED Orange UVP: Under Voltage Protection PSU is operating normally Green Bypass LED Monitored appliance is down, bypass is Orange activated. -
Page 12: Accessing The F1-10G-Bp Bypass Tap
4. ACCESSING THE F1-10G-BP BYPASS TAP System access can be achieved through serial or Ethernet connection. By default, the unit network interface has DHCP enabled. For accessing the unit through the serial connection, follow these steps: Power up the unit. -
Page 13: Configuration
Type the device IP in a browser. Alternatively, connect via SSH, using the unit’s IP address. Login with the default credentials. (master:master). Modify the default admin account, if desired. Login again, using the modified username:password combination. CONFIGURATION 1. WEB ADMINISTRATION The F1-10G-BP can be administered either in CLI mode or in a graphical OS and platform independent web-based interface, called BP Manager. - Page 14 ◉ Date and time information ◉ Network details ◉ Sensors (the air temperature is measured in proximity of the fans block, the system temperature is measured within the forwarding plane chip). ◉ Temperature readings for CPU, system and external air. 1.2 Ports Management The Port Management page displays the name, link status and speed of...
-
Page 15: Bypass Settings
injected in case of a 100% network bandwidth utilization, are counted here. ◉ Rx Heartbeat packets: all Heartbeat packets (replied from an ALIVE monitored appliance) received in good shape are counted here. 1.4 Bypass Settings The Bypass page represents the heart of F1-10G-BP functionality configuration, allowing the user to custom tailor the unit’s behavior, given various environment scenarios. - Page 16 HEARTBEAT A, B: There are two sections, one corresponding to the Heartbeat packet sent from NET A port to NET B port and one corresponding to the Heartbeat packet sent from NET B port to NET A port, allowing the user to customize these packets and save/load them to/from a local location.
-
Page 17: Administration
HEARTBEAT RECOVERY AFTER: After a Heartbeat timeout occurs, it is important not to consider the appliance alive again (or the network being up again) after only receiving a single Heartbeat packet. It is safer to receive at least 2 or more Heartbeat packets to be sure the service is alive again. - Page 18 Firmware Update tab allows the system to be updated to a new version, from a locally stored update file. Note: Please do not unplug the power cable during the update process. ▶ The device will reboot once the installation is complete and the webpage will be reloaded.
-
Page 19: Logs
The SNMP service allows users to configure the following security options: ◉ SNMP communities: (for SNMP v1 and v2c) Allows adding, deleting or editing SNMP communities, used for establishing trust without standard credentials. ◉ SNMP users: (for SNMP v3 only) Allows adding, deleting and editing SNMP users, including their security level and authentication/privacy type and hash. -
Page 20: Cli Administration
2. CLI ADMINISTRATION After logging into the system, the user has access to all available commands. Useful commands to navigate the console: ◉ ‘ls’ or ‘help’ for available branches. ◉ TAB autocompletes commands and also shows the available branches. ◉ Ctrl+D cancels a command. - Page 21 The following commands are available in the CLI: date_time show: Displays the date. set: Allows the user to set the date and time. factory_reset Should the system become corrupted or the main parameters need to be restored to their default values, this option resets the device to the factory state and reboots the system.
- Page 22 network settings edit: Allows the user to set the IP acquisition mode of the unit to either DHCP or STATIC. In case STATIC is selected, the user has to input the IPv4, network mask, gateway and DNS address. interface.disable: Disables the Ethernet interface. The serial management port will still be operating.
- Page 23 show_legal_info Displays the Product Legal Information. system_log monitor: Displays all system related logs and their timestamps in real time. show: Displays all system related logs and their timestamps. snmp Allows the user to configure the Simple Network Management Protocol. SNMP v1 and v2c use a community string for authentication, sent as clear text, an approach less than ideal, security wise.
- Page 24 ENCRYPTION AUTHENTICATION LEVEL BEHAVIOR METHOD Authentication is done using a user- Authentication is done using a user- no auth no auth USERNAME ONLY USERNAME ONLY name only. name only. The authentication is done using the The authentication is done using the PASSPHRASE IN PASSPHRASE IN auth...
-
Page 25: Operation Use Cases
OPERATION USE CASES The following cases depict all possible functional states in which F1-10G-BP can operate, depending on the environment changes and its configuration. CASE 1 - NORMAL OPERATION The traffic is forwarded to the appliance and heartbeat packets are injected in the network traffic in both directions. - Page 26 CASE 3 - HEARTBEAT FAILURE, BYPASS OFF If the heartbeat packets are sent to the appliance but are not forwarded back, and the Bypass in case of heartbeat failure option is set to OFF, the FPGA will not activate the bypass feature, resulting in a link failure between Network Device A and Network Device B.
- Page 27 CASE 5 - APPLIANCE LINK DOWN, BYPASS OFF If the Appliance is unpowered or the ports are disconnected, and the In case the TAP link is DOWN option is set to OFF, the FPGA will not activate the bypass feature, resulting in a link failure between Network Device A and Network Device B.
- Page 28 CASE 7 - POWER FAILURE, BYPASS OFF If power failure occurs and In case of power failure option is set to OFF (fail close), the physical bypass circuit (optical relay) inside the F1-10G-BP will not be activated result- ing in a link failure between Network Device A and Network Device B.
- Page 29 CASE 9 - MANUAL BYPASS, TAP OFF If the Manual Bypass option is set to ON but TAP Mode option is set to OFF, the physical bypass circuit (optical relay) inside the F1-10G-BP is activated. The network path between Network Device A and Network Device B remains functional, but there is no traffic forwarded to the appliance.
-
Page 30: Legal
LEGAL DISCLAIMER The manufacturer makes no representations or warranties with respect to the con- tents hereof and specifically disclaims any implied warranties of merchantability or fitness for any particular purpose. The manufacturer reserves the right to revise this publication and to make changes in the content thereof without obligation of the man- ufacturer to notify any person of such revision or changes. - Page 31 PROFITAP HQ B. V . - High Tech Campus 84 5656AG Eindhoven - The Netherlands sales@profitap.com www.profitap.com © 2021 Profitap — v2.2-11...
Need help?
Do you have a question about the F1-10G-BP BYPASS TAP and is the answer not in the manual?
Questions and answers