EdgeLens
InLine Security Packet Broker
INT10G8XX56 | 1.18.5
User Manual
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Introduction
Garland’s innovative EdgeLens® is a bypass TAP, network packet broker hybrid, purpose-built to give you
the power of a bypass TAP to manage the availability of inline tools, instrument high availability (HA)
deployments, and tool chaining. The following mode options are available under the Bypass Taps panel.
Default Tap Mode
Primary-Secondary Tap Mode
In this mode, the network and inline appliance
ports are defined by the system for each tap.
Ports 17 through 44 may be configured as
packet broker ports or tap monitor ports. All four
taps, tap 1 through tap 4 may be configured
independently in this mode. The network ports
are typically connected to network devices such
as a server or router. The inline appliance ports
are typically connected to an inline appliance or
tool to monitor the network traffic. Heartbeat
packets are transmitted bi-directionally from the
inline appliance ports on the tap through the
inline appliance or tool to monitor the health of
the device.
In this mode, the network and primary inline
appliance ports are defined by the system for
each tap. The secondary inline appliance ports
will be automatically configured by the system in
the order assigned to each tap. The ports
availability are considered in vertical pairs,
17/18, 19/20, etc. Any port that is not assigned
as a secondary inline appliance port may be
configured as a packet broker port or tap
monitor port. All four taps, Tap 1 through Tap 4
may be configured independently in this mode.
The network ports are typically connected to
network devices such as a server or router. The
primary inline appliance ports are typically
connected to a primary inline appliance or tool to
monitor the network traffic. The secondary inline
appliance ports are typically connected to a
secondary inline appliance or tool to monitor the
network traffic. The network traffic is sent to the
primary inline appliance or the secondary inline
appliance. Heartbeat packets are transmitted
bi-directionally from the primary inline appliance
ports on the tap through the primary inline
appliance or tool to monitor the health of the
device. Likewise, heartbeat packets are
Figure 1 Default Tap Mode
transmitted bi-directionally from the secondary
inline appliance ports on the tap through the
secondary inline appliance or tool to monitor the
health of the device.
Figure 2 Primary-Secondary Tap Mode
Copyright © 2022 Garland Technology, LLC. All rights reserved.
2
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Load Balance Tap Mode
ATLB2 Chained Tap Mode
In this mode, the network and initial inline
When the taps are placed in this mode the
appliance ports are defined by the system for
each tap. Each tap may have up to three
additional inline appliance ports applied, a total
of 4. The ports will be automatically configured
by the system in the order assigned to each tap.
The ports availability are considered in vertical
pairs, 17/18, 19/20, etc. Any port that is not
assigned as an inline appliance port may be
configured as a packet broker port. The network
ports are typically connected to network devices
such as a server or router. The inline appliance
ports are typically connected to IPSs or tools to
monitor the network traffic. The network traffic is
load-balanced to the inline appliance ports.
However, heartbeat packets are transmitted
bidirectionally from inline appliance ports on the
tap through the IPSs or tools to monitor the
health of the devices.
system automatically defines:
- Ports 1-2, 3-4, 5-6 and 7-8 as network
ports
- Ports 9 through 16 as entity A inline
appliance ports
- Ports 17 through 24 as entity B inline
appliance ports
- Ports 25 through 33 as entity C inline
appliance ports
- Ports 33 through 40 as entity D inline
appliance ports
Any previously configured database associated
with ports 1 through 40 will be deleted when this
mode is applied. Entity inline appliance ports or
entities may be removed as desired. Any entity
inline appliance ports that are removed may be
used as packet broker ports. The network ports
are paired, 1-2, 3-4, 5-6, and 7-8 and are
typically connected to network devices such as a
server or router. The network traffic is chained
through entities A, B, C, and D and
Figure 3 Load Balance Tap Mode
load-balanced to each entity inline appliance
ports. Heartbeat packets are transmitted
bi-directionally from the entity inline appliance
ports on the tap through the IPSs or tools to
monitor the health of the devices.
Figure 4 ATLB2 Chained Tap Mode
Copyright © 2022 Garland Technology, LLC. All rights reserved.
3
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
1U Chassis Specifications
Max. system throughput:
Support for: SFP( SX, LX and TX) and SFP+ (SR, LR, ER)
Operating Temp: 0 to 40° C or 32 to 104° F
Operating Humidity: 5 to 95%
Dimensions: 21.09” L x 1.719” H x 17.32” W (535.686mm L x 43.6626 mm H x 439.928mm W)
Airflow: 100 IF/m
(2) AC Power Supplies Included
Package Contents
(1) INT10G8XX56 Chassis
(1) Rack Mounting kit
(2) Power Cable
(1) Console Cable
Copyright © 2022 Garland Technology, LLC. All rights reserved.
4
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Configuration Basics
1. Log in to the Graphic User Interface (GUI)
2. Select Bypass Taps on the Dashboard Menu bar.
The Bypass Taps panel will be displayed.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
5
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
1 Default Tap Mode
In this mode, the network and inline appliance ports are defined by the system for each tap. Ports 17
through 44 may be configured as packet broker ports or tap monitor ports. All four taps, tap 1 through tap
4 may be configured independently in this mode. The network ports are typically connected to network
devices such as a server or router. The inline appliance ports are typically connected to an inline
appliance or tool to monitor the network traffic. Heartbeat packets are transmitted bi-directionally from the
inline appliance ports on the tap through the inline appliance or tool to monitor the health of the device.
Tap 1
Tap 2
Tap 3
Tap 4
Port 1 (Network)
Port 2 (Network)
Port 3 (Network)
Port 4 (Network)
Port 5 (Network)
Port 6 (Network)
Port 7 (Network)
Port 8 (Network)
Port 9 (Inline Appliance) Port 11 (Inline Appliance) Port 13 (Inline Appliance) Port 15 (Inline Appliance)
Port 10 (Inline Appliance) Port 12 (Inline Appliance) Port 14 (Inline Appliance) Port 16 (Inline Appliance)
1.1 Bypass Tap Name
1. Select the Pencil icon for the desired tap.
The Tap Name panel will be displayed.
2. Enter the name.
3. Remove the name by placing the cursor in the name panel, backspace, or delete the current name.
4. Select the Check to save updates.
5. Select Cancel to return the Bypass Taps panel.
1.2 Heartbeat Settings
The following configuration options may be displayed or modified.
No. Of Lost HB Packets
Heartbeats per Second
1. Select Settings on the Bypass Taps panel.
The Configure Heartbeat Settings panel will be displayed with the current configuration.
2. Enter the No. Of Lost HB Packets. Default is 10.
This is the number of heartbeats that must be lost on the inline appliance ports before any
tap will switch to bypass.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
6
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
3. Enter the Heartbeats per Second. Default is 10.
This is the number of heartbeats per second applied to the inline appliance ports for all taps.
4. Select Save to save updates.
5. Select Cancel to return the Bypass Taps panel.
1.3 Taps Settings
The following configuration options may be displayed, modified, enabled, or disabled.
Tap Modes
Fail Mode
LFP
Reverse Bypass
1. Edit the Tap Settings, by placing the cursor on any tap and double-press the left mouse button.
The Tap panel will be displayed.
2. Select Edit Tap Settings.
The Configure Inline Appliance panel will be displayed.
3. Select the Tap Mode.
Active
Allows the tap to automatically switch from inline to bypass if an issue occurs
with the inline appliance port(s), loss of link, or heartbeats. When the issue with
the inline appliance port(s) is resolved, link and heartbeats restored, the tap will
automatically switch back to inline.
Figure 2 Default Tap Mode (Inline)
Figure 3 Default Tap Mode (Bypass)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
7
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Force Bypass
Force Inline
If selected, the tap will switch the traffic between
the network ports with no regard for the inline
appliance port(s), link, or heartbeats. Typically
used during maintenance activities.
If selected, the tap bypass option is disabled. If
an issue occurs with the inline appliance port(s),
loss of link, or heartbeats, the traffic will go
down.
Figure 5 Default Tap Mode (Force Inline)
Figure 4 Default Tap Mode (Force Bypass)
4. Select the Fail Mode.
Open
If selected and power is lost to the unit. The traffic will switch between the
network ports.
Closed
If selected and power is lost to the unit. The traffic will go down.
5. LFP
on
If enabled and a link is lost on one of the network ports. The TX will be disabled
the other network port. The RX for both network ports remains on.
Figure 6 Default Tap Mode (LFP)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
8
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
6. Reverse Bypass
If enabled and the inline appliance port(s) fail, loss of link or heartbeats. The TX
will be disabled on both of the network ports. The RX for both network ports
remains on.
Figure 7 Default Tap Mode (Reverse Bypass)
7. Select Accept to save updates. Save must additionally be selected on the Bypass Taps panel.
8. Select Cancel to return the Bypass Taps panel.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
9
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
1.4 Monitor Ports
Monitor ports may be added to any tap. Each tap may have up to two monitor ports per network port, total
of four monitor ports per tap. The monitor ports may be added to monitor the ingress traffic or egress
traffic.
1. Create a monitor port by placing the cursor on the desired port, shaded gray above the tap. Press the
left mouse button and hold to select the port. Drag the port to the desired network port. The default of
any monitor port is ingress. Change the monitor port traffic by placing the cursor on the ingress panel
and pressing the left mouse button. Additional monitor ports may be added using the same procedure.
2. Select Save to save updates.
3. Select Cancel to return the Bypass Taps panel
Figure 8 Default Tap Mode (Monitor Port)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
10
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
2 Primary-Secondary Tap Mode
In this mode, the network and primary inline appliance ports are defined by the system for each tap. The
secondary inline appliance ports will be automatically configured by the system in the order assigned to
each tap. The ports availability are considered in vertical pairs, 17/18, 19/20, etc. Any port that is not
assigned as a secondary inline appliance port may be configured as a packet broker port or tap monitor
port. All four taps, Tap 1 through Tap 4 may be configured independently in this mode. The network ports
are typically connected to network devices such as a server or router. The primary inline appliance ports
are typically connected to a primary inline appliance or tool to monitor the network traffic. The secondary
inline appliance ports are typically connected to a secondary inline appliance or tool to monitor the
network traffic. The network traffic is sent to the primary inline appliance or the secondary inline
appliance. Heartbeat packets are transmitted bi-directionally from the primary inline appliance ports on
the tap through the primary inline appliance or tool to monitor the health of the device. Likewise, heartbeat
packets are transmitted bi-directionally from the secondary inline appliance ports on the tap through the
secondary inline appliance or tool to monitor the health of the device.
Tap 1
Tap 2
Tap 3
Tap 4
Port 1 (Network)
Port 2 (Network)
Port 9 (Primary)
Port 10 (Primary)
Port XX (Secondary)
Port XX (Secondary)
Port 3 (Network)
Port 4 (Network)
Port 11 (Primary)
Port 12 (Primary)
Port XX (Secondary)
Port XX (Secondary)
Port 5 (Network)
Port 6 (Network)
Port 13 (Primary)
Port 14 (Primary)
Port XX (Secondary)
Port XX (Secondary)
Port 7 (Network)
Port 8 (Network)
Port 15 (Primary)
Port 16 (Primary)
Port XX (Secondary)
Port XX (Secondary)
2.1 Bypass Tap Name
1. Select the Pencil icon for the desired tap.
The Tap Name panel will be displayed.
2. Enter the name.
3. Remove the name by placing the cursor in the name panel, backspace, or delete the current name.
4. Select the Check to save updates.
5. Select Cancel to return the Bypass Taps panel.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
11
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
2.2 Heartbeat Settings
The following configuration options may be displayed or modified.
No. Of Lost HB Packets
Heartbeats per Second
1. Select Settings on the Bypass Taps panel.
The Configure Heartbeat Settings panel will be displayed with the current configuration.
2. Enter the No. Of Lost HB Packets. Default is 10.
This is the number of heartbeats that must be lost on any inline appliance port before any
tap will switch from the primary inline appliance to the secondary inline appliance to bypass.
3. Enter the Heartbeats per Second. Default is 10.
This is the number of heartbeats per second applied to the primary inline appliance and
secondary inline appliance ports for all taps.
4. Select Save to save updates.
5. Select Cancel to return the Bypass Taps panel.
2.3 Configure Primary-Secondary Tap Mode
1. Edit the tap mode by placing the cursor on any tap and double-press the left mouse button.
The Tap panel will be displayed.
2. Place the cursor on the Primary-Secondary Mode Select option. Select with the left mouse button.
Drag the Primary-Secondary option to the blue box and release.
3. Select the red X to remove.
4. Place the cursor on the Inline Appliance option. Select with the left mouse button. Drag the Inline
Appliance option to the blue box and release.
5. Select the red X to remove.
6. Select Save to save updates.
The Bypass Taps panel will be displayed. Inline (Primary) will be displayed.
7. Place the cursor on the tap and double-press the left mouse button.
The Tap panel will be displayed. Green indicates Active, Yellow indicates Standby.
8. Select Cancel to return the Bypass Taps panel.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
12
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
2.4 Taps Settings
The following configuration options may be displayed, modified, enabled, or disabled.
Tap Modes
Fail Mode
LFP
Reverse Bypass
1. Edit the Tap Settings, by placing the cursor on any tap and double-press the left mouse button.
The Tap panel will be displayed.
2. Select Edit Tap Settings.
The Configure Inline Appliance panel will be displayed.
3. Select the Tap Mode.
Active
Allows the tap to automatically switch from inline to bypass if an issue occurs
with the primary inline appliance port(s) and secondary inline appliance port(s),
loss of link, or heartbeats. The default switching action from inline to bypass
is defined by the system as, from the primary inline appliance, to the secondary
inline appliance, to bypass. The default switching action from bypass to inline
is defined by the system as, from bypass, to the secondary inline appliance.
Switching from the secondary inline appliance to the primary inline appliance
may be accomplished via two methods. Select the Switch to Primary option
or enable Revertive. If revertive is enabled, then the system will switch from
bypass to the primary inline appliance if it is recovered first.
Figure 11 Primary-Secondary Tap Mode (Secondary Inline)
Figure 10 Primary-Secondary Tap Mode (Primary Inline)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
13
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Figure 12 Primary-Secondary Tap Mode (Bypass)
Figure 13 Primary-Secondary Tap Mode (Force Bypass)
Force Bypass If selected, the tap will switch the traffic between the network ports with no
regard for the primary inline appliance or the secondary inline appliance port(s),
link or heartbeats. Typically used during maintenance activities.
4. Select the Fail Mode.
Open
If selected and power is lost to the unit. The traffic will switch between the
network ports.
Closed
If selected and power is lost to the unit. The traffic will go down.
5. LFP
on
If enabled and a link is lost on one of the network ports. The TX will be disabled
the other network port. The RX for both network ports remains on.
Figure 14 Primary-Secondary Tap Mode (LFP)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
14
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
6. Reverse Bypass
If enabled and the primary inline appliance and the secondary inline appliance
port(s) fail, loss of link or heartbeats. The TX will be disabled on both of the
network ports. The RX for both network ports remains on.
Figure 15 Primary-Secondary Tap Mode (Reverse Bypass)
7. Revertive
If enabled and the primary inline appliance port(s) fail, loss of link or
heartbeats, the system will switch to the secondary inline appliance.
When the issue with the primary inline appliance is resolved, has links and
heartbeats. The traffic will automatically revert to the primary inline
appliance. This option also affects the switching from bypass to inline. If
disabled, the system is designed to switch from bypass to the secondary inline
appliance. If the primary inline appliance restores first, has a link, and
heartbeats, a manual switch to the primary inline appliance is required. If enabled
and the primary inline appliance restores first, the system will switch from bypass
to the primary inline appliance.
8. Select Accept to save updates. Save must additionally be selected on the Bypass Taps panel.
9. Select Cancel to return the Bypass Taps panel.
2.5 Switch To Primary
1. Select to manually switch the traffic from the secondary inline appliance to the primary inline appliance.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
15
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
2.6 Monitor Ports
Monitor ports may be added to any tap. Each tap may have up to two monitor ports per network port,
a total of four monitor ports per tap. The monitor ports may be added to monitor the ingress traffic or
egress traffic.
1. Create a monitor port by placing the cursor on the desired port, shaded gray above the tap. Press the
left mouse button and hold to select the port. Drag the port to the desired network port. The default of
any monitor port is ingress. Change the monitor port traffic by placing the cursor on the ingress panel
and pressing the left mouse button. Additional monitor ports may be added using the same procedure.
2. Select Save to save updates.
3. Select Cancel to return the Bypass Taps panel.
Figure 16 Primary-Secondary Tap Mode (Monitor Port)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
16
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
3 Load Balance Tap Mode
In this mode, the network and initial inline appliance ports are defined by the system for each tap. Each
tap may have up to three additional inline appliance ports applied, a total of 4. The ports will be
automatically configured by the system in the order assigned to each tap. The ports availability are
considered in vertical pairs, 17/18, 19/20, etc. Any port that is not assigned as an inline appliance port
may be configured as a packet broker port. The network ports are typically connected to network devices
such as a server or router. The inline appliance ports are typically connected to IPSs or tools to monitor
the network traffic. The network traffic is load-balanced to the inline appliance ports. However, heartbeat
packets are transmitted bidirectionally from inline appliance ports on the tap through the IPSs or tools to
monitor the health of the devices.
Tap 1
Tap 2
Tap 3
Tap 4
Port 1 (Network)
Port 2 (Network)
Port 3 (Network)
Port 4 (Network)
Port 5 (Network)
Port 6 (Network)
Port 7 (Network)
Port 8 (Network)
Port 9 (Inline Appliance) Port 11 (Inline Appliance) Port 13 (Inline Appliance) Port 15 (Inline Appliance)
Port 10 (Inline Appliance) Port 12 (Inline Appliance) Port 14 (Inline Appliance) Port 16 (Inline Appliance)
Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance)
Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance)
Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance)
Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance)
Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance)
Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance) Port XX (Inline Appliance)
3.1 Bypass Tap Name
1. Select the Pencil icon for the desired tap.
The Tap Name panel will be displayed.
2. Enter the name.
3. Remove the name by placing the cursor in the name panel, backspace, or delete the current name.
4. Select the Check to save updates.
5. Select Cancel to return the Bypass Taps panel.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
17
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
3.2 Heartbeat Settings
The following configuration options may be displayed or modified.
No. Of Lost HB Packets
Heartbeats per Second
1. Select Settings on the Bypass Taps panel.
The Configure Heartbeat Settings panel will be displayed with the current configuration.
2. Enter the No. Of Lost HB Packets. Default is 10.
This is the number of heartbeats that must be lost on an inline appliance port before any
tap will remove the inline appliance from the load balance group.
3. Enter the Heartbeats per Second. Default is 10.
This is the number of heartbeats per second applied to the inline appliance ports for all taps.
4. Select Save to save updates.
5. Select Cancel to return the Bypass Taps panel.
3.3 Configure Load Balance Tap Mode
1. Edit the tap mode by placing the cursor on any tap and double-press the left mouse button.
The Tap panel will be displayed.
2. Place the cursor on the Load Balance Mode Select option. Select with the left mouse button.
Drag the Load Balance option to the blue box and release.
3. Select the red X to remove.
4. Place the cursor on the Inline Appliance option. Select with the left mouse button. Drag the Inline
Appliance option to the blue box and release. The next available vertical port pair will be added.
Repeat this step to apply up to four inline appliance ports per tap.
5. Select the red X to remove.
6. Select Save to save updates.
The Bypass Taps panel will be displayed. Inline will be displayed.
7. Place the cursor on the tap and double-press the left mouse button.
The Tap panel will be displayed. Green indicates Active.
8. Select Cancel to return the Bypass Taps panel.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
18
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
3.4 Taps Settings
The following configuration options may be displayed, modified, enabled, or disabled.
Tap Modes
Fail Mode
LFP
Reverse Bypass
Bypass Threshold
1. Edit the Tap Settings, by placing the cursor on any tap and double-press the left mouse button.
The Tap panel will be displayed.
2. Select Edit Tap Settings.
The Configure Inline Appliance panel will be displayed.
3. Select the Tap Mode.
Active
Allows the tap to automatically switch from inline to bypass if an issue occurs
with the inline appliance port(s), loss of link, or heartbeats, defined by the
bypass threshold value, 1-4. When the issue with the inline appliance port(s) is
resolved, have link and heartbeats, the tap will automatically switch back to
inline.
Figure 18 Load Balance Tap Mode (Inline)
Figure 19 Load Balance Tap Mode (Bypass, Bypass Threshold=2)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
19
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Force Bypass If selected, the tap will switch the traffic between the network ports with no
regard for the inline appliance ports, links, or heartbeats. Typically used during
maintenance activities.
Figure 20 Load Balance Tap Mode (Force Bypass)
4. Select the Fail Mode.
Open
If selected and power is lost to the unit. The traffic will switch between the
network ports.
Closed
If selected and power is lost to the unit. The traffic will go down.
5. LFP
If enabled and a link is lost on one of the network ports. The TX will be disabled
on the other network port. The RX for both network ports remain on.
Figure 21 Load Balance Tap Mode (LFP)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
20
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
6. Reverse Bypass
If enabled and the inline appliance port(s) fail, loss of link or heartbeats, defined
by the bypass threshold value, 1-4. The TX will be disabled on both of the
network ports. The RX for both network ports remains on.
Figure 22 Load Balance Tap Mode (Reverse Bypass, Bypass Threshold=2)
7. Bypass Threshold
The bypass threshold determines how many inline appliance port(s) may fail,
loss of link or heartbeats, before the tap switches to bypass.
8. Select Accept to save updates. Save must additionally be selected on the Bypass Taps panel.
9. Select Cancel to return the Bypass Taps panel.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
21
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4 ATLB2 Chained Tap Mode
When the taps are placed in this mode the system automatically defines:
- Ports 1-2, 3-4, 5-6, and 7-8 as network ports
- Ports 9 through 16 as entity A inline appliance ports
- Ports 17 through 24 as entity B inline appliance ports
- Ports 25 through 33 as entity C inline appliance ports
- Ports 33 through 40 as entity D inline appliance ports
Any previously configured database associated with ports 1 through 40 will be deleted when this mode is
applied. Entity inline appliance ports or entities may be removed as desired. Any entity inline
appliance ports that are removed may be used as packet broker ports. The network ports are paired,
1-2, 3-4, 5-6, and 7-8 and are typically connected to network devices such as a server or router. The
network traffic is chained through entities A, B, C, and D and load-balanced to each entity inline
appliance ports. Heartbeat packets are transmitted bi-directionally from the entity inline appliance ports
on the tap through the IPSs or tools to monitor the health of the devices.
4.1 Configure ATLB2 Chained Tap Mode
1. Select the Settings option on the Bypass Taps panel.
The Configure Tap Settings panel will be displayed.
2. Select the ATLB2 Chained Mode option.
3. Select the Save option.
A “Packetbroker data will be cleared. Go to ATLB2 Mode?” message will be displayed.
3.1. Select OK.
The ATLB2 Chained tap mode will be displayed.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
22
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Figure 24 ATLB2 Chained Tap Mode (GUI Display)
4.2 Remove Entity Inline Appliance Member
Entity inline appliance port members are removed as member pairs. If an entity inline appliance port
member is removed, the ports may be configured as packet broker ports.
1. Select the red X for the desired inline appliance port member(s).
2. Select the Save option.
4.3 Add Entity Inline Appliance Member
Entity inline appliance port members are added as member pairs. If the ports for an entity inline appliance
port member are configured as packet broker ports they may not be added back to the entity until they
are deleted as packet broker ports.
1. Place the cursor on the Member option. Select with the left mouse button. Drag the Member
option to the entity box and release.
2. Select the Save option.
4.4 Remove Entity
An entity is removed from the chain by removing all of the inline appliance port members. Entity inline
appliance port members are removed as member pairs. If the entity inline appliance port
members are removed, the ports may be configured as packet broker ports.
1. Select the red X for all of the inline appliance port members.
2. Select the Save option.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
23
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4.5 Add Entity
An entity must have at least one inline appliance port member to be considered part of the chain. Entity
inline appliance port members are added as member pairs. If the ports for an entity inline appliance
member are configured as packet broker ports they may not be added back to the entity until they are
deleted as packet broker ports.
1. Place the cursor on the Member option. Select with the left mouse button. Drag the Member
option to the entity box and release.
2. Select the Save option.
4.6 Taps Settings
The following configuration options may be displayed, modified, enabled, or disabled.
No. Of Lost HB Packets
Heartbeats per Second
Tap Modes
LFP
Reverse Bypass
Bypass Threshold
Fail Mode
1. Select Settings.
The Configure Tap Settings panel will be displayed.
2. Enter the No. Of Lost HB Packets. Default is 10.
This is the number of heartbeats that must be lost on any inline appliance port member before
any entity will remove the inline appliance from the load balance group.
3. Enter the Heartbeats per Second. Default is 10.
This is the number of heartbeats per second sent on the inline appliance ports for all entities.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
24
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4. Select the Tap Mode.
Active
Allows the tap to automatically switch from inline to bypass if an issue occurs
with all entities A, B, C, and D inline appliance port(s), loss of link, or heartbeats
based on the bypass threshold value for each entity. Each entity A, B, C, and D
are in bypass. The network port pairs 1-2, 3-4, 5-6, and 7-8 will be connected.
When the issue with any entity A, B, C, or D inline appliance port(s) is
resolved, have link and heartbeats, the tap will automatically switch back to
inline.
Figure 25 ATLB2 Chained Tap Mode (Inline)
Figure 26 ATLB2 Chained Tap Mode (Bypass)
Copyright © 2022 Garland Technology, LLC. All rights reserved.
25
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Force Bypass If selected, the tap will switch the traffic between the network port pairs
1-2, 3-4, 5-6, and 7-8 with no regard for the entity inline appliance port(s),
link or heartbeats. Typically used during maintenance activities.
Figure 27 ATLB2 Chained Tap Mode (Force Bypass)
5. Select the Fail Mode.
Open
If selected and power is lost to the unit. The traffic will switch between the
network ports 1-2, 3-4, 5-6, and 7-8.
Closed
If selected and power is lost to the unit. The traffic will go down.
6. LFP
If enabled and a link is lost on one of the network ports 1-2, 3-4, 5-6, or 7-8.
The TX will be disabled on the other network port. The RX for both network
ports remain on.
Figure 28 ATLB2 Chained Tap Mode (LFP)
7. Reverse Bypass
If enabled and all entities A, B, C, and D are in bypass, inline appliance port(s)
fail, loss of link or heartbeats based on the bypass threshold value for each
entity. The TX will be disabled on all network ports 1-2, 3-4, 5-6, and 7-8. The
RX on all network ports 1-2, 3-4, 5-6, and 7-8 remain on.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
26
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
Figure 29 ATLB2 Chained Tap Mode (Reverse Bypass)
8. Bypass Threshold A
9. Bypass Threshold B
10. Bypass Threshold C
11. Bypass Threshold D
The bypass threshold determines how many inline appliance port
members may fail, loss of link, or loss of heartbeats, before entity A
switches to bypass.
The bypass threshold determines how many inline appliance port
members may fail, loss of link, or loss of heartbeats, before entity B
switches to bypass.
The bypass threshold determines how many inline appliance port
members may fail, loss of link, or loss of heartbeats, before entity C
switches to bypass.
The bypass threshold determines how many inline appliance port
members may fail, loss of link, or loss of heartbeats, before entity D
switches to bypass.
12. Select Accept to save updates. Save must additionally be selected on the Bypass Taps panel.
13. Select Cancel to return the Bypass Taps panel.
14. Select Add All to restore all entity inline appliance port members.
15. Select Remove Add to remove all entity inline appliance port members.
16. Select Default Mode to exit the ATLB2 Chained mode and restore the system to the Default mode.
A “Go back to default mode?” message will be displayed.
16.1. Select OK.
4.7 ATLB2 Chained Tap Mode GUI Indications
When the taps are placed in this mode the GUI will display various messages and colors to reflect
the current conditions.
Copyright © 2022 Garland Technology, LLC. All rights reserved.
27
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4.7.1 Normal
In this example the following may be determined:
1. The ATLB2 chained tap is inline.
2. Entity A’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
3. Entity B’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
4. Entity C’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
5. Entity D’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
6. The traffic per this display indicates:
Port 1 – Entity A – Entity B – Entity C – Entity D – Port 2
Port 2 – Entity D – Entity C – Entity B – Entity A – Port 1
Port 3 – Entity A – Entity B – Entity C – Entity D – Port 4
Port 4 – Entity D – Entity C – Entity B – Entity A – Port 3
Port 5 – Entity A – Entity B – Entity C – Entity D – Port 6
Port 6 – Entity D – Entity C – Entity B – Entity A – Port 5
Port 7 – Entity A – Entity B – Entity C – Entity D – Port 8
Port 8 – Entity D – Entity C – Entity B – Entity A – Port 7
4.7.2 Entity Member Abnormal
In this example the following may be determined:
Copyright © 2022 Garland Technology, LLC. All rights reserved.
28
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
1. The ATLB2 chained tap is inline.
2. Entity A’s inline appliance member 9-10 is abnormal, loss of link or loss of heartbeats. The remaining
members are normal, have links and heartbeats. The traffic is load-balanced across the remaining
members.
3. Entity B’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
4. Entity C’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
5. Entity D’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
6. The traffic per this display indicates:
Port 1 – Entity A – Entity B – Entity C – Entity D – Port 2
Port 2 – Entity D – Entity C – Entity B – Entity A – Port 1
Port 3 – Entity A – Entity B – Entity C – Entity D – Port 4
Port 4 – Entity D – Entity C – Entity B – Entity A – Port 3
Port 5 – Entity A – Entity B – Entity C – Entity D – Port 6
Port 6 – Entity D – Entity C – Entity B – Entity A – Port 5
Port 7 – Entity A – Entity B – Entity C – Entity D – Port 8
Port 8 – Entity D – Entity C – Entity B – Entity A – Port 7
Copyright © 2022 Garland Technology, LLC. All rights reserved.
29
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4.7.3 Entity Bypass
In this example the following may be determined:
1. The ATLB2 chained tap is inline.
2. Entity A’s inline appliance members 9-10 and 11-12 are abnormal, loss of link or loss of heartbeats.
Entity A is bypassed. Entity A’s bypass threshold is 2.
3. Entity B’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
4. Entity C’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
5. Entity D’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
6. The traffic per this display indicates:
Port 1 – Entity B – Entity C – Entity D – Port 2
Port 2 – Entity D – Entity C – Entity B – Port 1
Port 3 – Entity B – Entity C – Entity D – Port 4
Port 4 – Entity D – Entity C – Entity B – Port 3
Port 5 – Entity B – Entity C – Entity D – Port 6
Port 6 – Entity D – Entity C – Entity B – Port 5
Port 7 – Entity B – Entity C – Entity D – Port 8
Port 8 – Entity D – Entity C – Entity B – Port 7
Copyright © 2022 Garland Technology, LLC. All rights reserved.
30
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4.7.4 Entity Removed From Chain
In this example, the following may be determined:
1. The ATLB2 chained tap is inline.
2. Entity A’s inline appliance members have been removed. Entity A is not in the chain.
3. Entity B’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
4. Entity C’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
5. Entity D’s inline appliance members are normal, have links and heartbeats. The traffic is load-balanced
across all four members.
6. The traffic per this display indicates:
Port 1 – Entity B – Entity C – Entity D – Port 2
Port 2 – Entity D – Entity C – Entity B – Port 1
Port 3 – Entity B – Entity C – Entity D – Port 4
Port 4 – Entity D – Entity C – Entity B – Port 3
Port 5 – Entity B – Entity C – Entity D – Port 6
Port 6 – Entity D – Entity C – Entity B – Port 5
Port 7 – Entity B – Entity C – Entity D – Port 8
Port 8 – Entity D – Entity C – Entity B – Port 7
Copyright © 2022 Garland Technology, LLC. All rights reserved.
31
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4.7.5 ATLB2 Chained Tap Forced Bypass
In this example the following may be determined:
1. The ATLB2 chained tap is Forced Bypass.
2. Entity A’s inline appliance members are normal, have links and heartbeats.
3. Entity B’s inline appliance members are normal, have links and heartbeats.
4. Entity C’s inline appliance members are normal, have links and heartbeats.
5. Entity D’s inline appliance members are normal, have links and heartbeats.
6. The traffic per this display indicates:
Port 1 – Port 2
Port 2 – Port 1
Port 3 – Port 4
Port 4 – Port 3
Port 5 – Port 6
Port 6 – Port 5
Port 7 – Port 8
Port 8 – Port 7
Copyright © 2022 Garland Technology, LLC. All rights reserved.
32
Packet Broker
EdgeLens Inline Security Packet Broker | INT10G8XX56 | 1.18.5
4.7.6 ATLB2 Chained Tap Bypass
In this example the following may be determined:
1. The ATLB2 chained tap is bypass.
2. Entity A’s inline appliance members 9-10 are abnormal, loss of link or loss of heartbeats. Entity A is
bypassed. Entity A’s bypass threshold is 1.
3. Entity B’s inline appliance members 17-18 and 19-20 are abnormal, loss of link or loss of heartbeats.
Entity B is bypassed. Entity B’s bypass threshold is 2.
4. Entity C’s inline appliance members 25-26 and 27-28 are abnormal, loss of link, or loss of heartbeats.
Entity C is bypassed. Entity C’s bypass threshold is 2.
5. Entity D’s inline appliance members 33-34, 35-36, and 37-38 are abnormal, loss of link or loss of
heartbeats. Entity D is bypassed. Entity D’s bypass threshold is 3.
6. The traffic per this display indicates:
Port 1 – Port 2
Port 2 – Port 1
Port 3 – Port 4
Port 4 – Port 3
Port 5 – Port 6
Port 6 – Port 5
Port 7 – Port 8
Port 8 – Port 7
Copyright © 2022 Garland Technology, LLC. All rights reserved.
33
|