In Bridge mode, Deep Edge is invisible on the network and acts as a layer 2 bridge between network devices (switch, router, or firewall), transparently scanning network traffic in both directions. Bridge mode is the simplest way to deploy Deep Edge into an existing network topology and does not require client, router, or switch modifications. Deep Edge acts as a “bump in the wire” and scans for malware. Deep Edge in Bridge mode illustrates Deep Edge in Bridge mode:

Similar to using a network bridge, all Deep Edge interfaces must be on the same subnet. To configure Bridge mode, two network cards are required; one for internal use, and one for external use. You can also configure an IP address on the bridge to manage Deep Edge for scheduled pattern updates and to leverage the real-time security information power of the Trend Micro Smart Protection Network™ in the Cloud.

Bridge mode is typically used when Deep Edge is operating on a private network behind an existing firewall or router so that Deep Edge can perform all scanning functions transparently.

For details about configuring Bridge mode, see Bridge Mode Configuration.