About Deployment Modes Parent topic

This section provides an overview of the working modes of Deep Edge, and how to configure Deep Edge for each mode.
Deep Edge runs in two different inline modes, depending on the network infrastructure and requirements. Use Routing mode and Bridge mode for traffic inspection and to take action based on policies. They support the same network security features. Use Monitoring mode to evaluate what effect security policies might have if deployed in Routing mode or Bridge mode.

Deployment Modes

Mode
Purpose
Bridge
The Deep Edge unit is invisible to the network. All of its interfaces are on the same subnet. You only have to configure a management IP address so that you can make configuration changes. You would typically use Bridge mode on a private network behind an existing firewall or behind a router. For details, see Overview of Bridge Mode.
Routing
The Deep Edge unit is visible to the network. All of its interfaces are on different subnets. Each interface connected to a network must be configured with an IP address valid for that network. You would typically use Routing mode when the Deep Edge unit is deployed as a gateway between private and public networks. For details, see Overview of Routing Mode.
Monitoring
Monitoring mode is designed for evaluating Deep Edge on a production network without blocking any traffic or making Deep Edge a point of failure in the network flow. In Monitoring mode, Deep Edge only applies policies to mirrored traffic to produce logs and reports; no blocking actions are enforced on the traffic. For details, see Overview of Monitoring Mode.
Related information