To non-disruptively monitor traffic coming from a port operating in promiscuous mode, the appropriate firewall interface type is:
D.TAP
A TAP (Test Access Point) interface allows the firewall to passively monitor network traffic without interfering with the actual flow of traffic. It is used to capture and analyze traffic for inspection, logging, and threat detection.
References:
Palo Alto Networks - TAP Mode: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/networking/network-interface-configurations/tap-mode
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit