Currently there are six (6) different Deployment Modes;
Deployment Mode | Comments |
Default | Provides a balance between high quality security and appliance performance, and is suitable for most deployments. |
Core [Deprecated]* | Offers improved performance for IPS devices which are deployed on the interior of a network, with the expectation that perimeter-facing devices have blocked most malicious internet traffic. |
Edge [Deprecated]* | Ideal for WEB farms and DMZs that typically expose services to the Internet. |
Perimeter [Deprecated]* | Offers optimal security for IPS devices deployed on the perimeter of a network, and protects the network from general Internet traffic. |
Security-Optimized | Profiles employing the Security-Optimized Deployment Mode are tuned to favor additional security over network performance or application adherence to protocol standards. This deployment mode will also enable more Zero Day Initiative protection than other deployment modes. |
Performance-Optimized | Profiles employing the Performance-Optimized Deployment Mode are tuned to favor network performance or application adherence to protocol standards over security and policy enforcement. It is recommended for performance testing and product testing lab environments only. |
*Note: These three deployment modes will remain in the DV, marked as "Deprecated". The deprecated deployment modes will continue to contain new filters added to the DV, but the new filters in the deprecated deployment modes will have the same characteristics as the Default deployment mode going forward. |
Note: To use this feature, a v3.2 or later DV must be activated on the SMS. The Deployment Mode setting is available only for Digital Vaccine versions that support this option.
For each Profile, the user can select which Deployment Mode to use and the IPS will use the appropriate "Recommended" filter configuration for that deployment. Users can always override specific filters or categories, but the Deployment Mode will drive the filter use for any filter that remains configured as "Recommended". Depending upon the customer’s network, it may be necessary to tune the Deployment Mode selected.
Remember that all new profiles will default to the "Default" Deployment mode when created. If you wish to change the deployment mode, you will have to select a different deployment mode from the drop-down box. For the most part the different Deployment Modes change the "Action" setting on the filters from Disabled to Block/Notify.
The following table is an example comparison between Deployment Modes. The amount of filters and their posture will be changed with every new DV so this example is only good for this DV;
DV 4.0.0.8943 | Block/-- | Block/Notify | Block/Notify/Trace | Disabled | Permit/Notify |
Default | 37 | 4305 | 177 | 14510 | 1 |
Core[Deprecated] | 37 | 4728 | 177 | 14087 | 1 |
Edge[Deprecated] | 37 | 4731 | 177 | 14084 | 1 |
Perimeter[Deprecated] | 37 | 4321 | 177 | 14494 | 1 |
Security-Optimized | 39 | 9166 | 177 | 9647 | 1 |
Performance-Optimized | 42 | 1705 | 0 | 17282 | 1 |