How to activate inspection on internal traffic on Quantum Spark appliances

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk102296
Technical Level
Product	Quantum Spark Appliances
Version	R77.20 (EOL), R80.20.x, R81.10.x
OS	Gaia Embedded
Platform / Model	1100, 600, 700, 1200R, 1400, 1500, 1600, 1800
Date Created	02-Sep-2014
Last Modified	27-Nov-2022

Solution

By default, LAN traffic is not inspected by deep inspection blades.

To turn on deep inspection:

For Locally Managed appliances:

In the WebUI, go to Device > Advanced Settings.
Search for these Stateful Inspection attributes:
- Perform deep packet inspection on LAN to LAN traffic
- Perform deep packet inspection on traffic between LAN and DMZ networks
For each one, double click the attribute name.
In the window that opens, select the checkbox and click Apply.

For Centrally Managed appliances:

Connect to the Security Management Server with the GuiDBedit Tool.
Go to Global Properties > properties > firewall_properties and locate a property called dpi_lan_lan or dpi_lan_dmz.
Set the relevant property to true.
Save the changes: go to the File menu and click Save All.
Close the GuiDBedit Tool.
Install the policy on your device.

Note:

The LAN interfaces should be set to separate network and unassigned from the internal switch.
Traffic between two LAN interfaces which are assigned to the switch will not be inspected even when the above settings are applied.

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating