"Teamed NICs" or "link aggregation" describes forming a network link on a computer
by using multiple network interface cards (NICs) together. This is useful to increase
the total network bandwidth, or to provide link redundancy.
You can configure teamed NICs on Windows or Solaris so that they are compatible with
Deep Security Agent.
Windows
On Windows, when you team NICs, it creates a new virtual interface. This virtual interface
adopts the MAC address of its first teamed physical interface.
By default, during installation or upgrade, the Windows Agent will bind to all virtual
and physical interfaces. This includes the virtual interface created by NIC teaming.
However, Deep Security Agent doesn't function properly if multiple interfaces have
the same MAC address, which happens with NIC teaming on Windows
To avoid that, bind the agent only to the teamed virtual interface - not the physical
interfaces.
![]() |
NoteNIC teaming with Deep Security Agent requires Windows 2003 requires SP 2 or later.
|
![]() |
WARNINGDon't add or remove network interfaces from a teamed NIC except immediately before
running the installer. Otherwise network connectivity may fail or the computer may
not be correctly detected with Deep Security Manager. The agent's network driver is
bound to network interfaces when you install or upgrade; the agent does not continuously
monitor for changes after.
|
Solaris
IPMP failover (active-standby) mode in Solaris allows two NICs to have the same hardware
(MAC) address. Since the Deep Security Agent identifies network adapters by their
MAC address, such duplication prevents the agent from functioning properly.
To avoid that, manually assign a unique MAC address to each network adapter.
For example, you could use ifconfig to view the current MAC addresses:
# ifconfig -a
ether 8:0:20:f7:c3:f
hme1: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 8
ether 8:0:20:f7:c3:f
The "ether" line displays the adapter's MAC address. If any interfaces have the same
MAC addresses, and are connected to the same subnet, you must manually set new unique
MAC addresses:
# ifconfig <interface> ether <new MAC address>
Although the chance of a MAC address conflict is extremely small, you should verify
that there isn't one by using the snoop command to search for the MAC address, then
use the ping command to test connectivity to the subnet's broadcast address.
![]() |
NoteOn Solaris, if multiple interfaces are on the same subnet, the operating system may
route packets through any of the interfaces. Because of this, Deep Security's firewall
stateful configuration options and IPS rules should be applied to all interfaces equally.
|