Does TippingPoint devices inspect PPPoE traffic?

Do TippingPoint devices inspect PPPoE traffic?

- Updated:
- 13 Aug 2019
- Product/Version:
- TippingPoint IPS N-series All
- TippingPoint IPS NX-series All
- TippingPoint IPS S-series All
- TippingPoint NGFW All
- TippingPoint TPS All
- TippingPoint Virtual TPS All
- Platform:

Summary

A: TippingPoint IPS devices inspect traffic as long as said traffic is NOT encrypted. By definition, Point-to-Point Protocol over Ethernet (PPPoE) traffic runs in an encrypted tunnel, so while the IPS cannot inspect the traffic it will attempt to do so thus causing additional load on the system. In a situation where you wish to use an IPS device to inspect traffic, the IPS device must be placed on the other side of the DSL router so as to have un-encrypted traffic.

Details

Note: It is a recommended best practice to utilize inspection bypass rules to bypass encrypted traffic. This is recommended because the IPS cannot inspect encrypted traffic and attempting to do so can impact performance and cause unnecessary CPU processing load.

General Information:
The Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol for encapsulating PPP frames inside Ethernet frames. It appeared shortly after the year 2000, in the context of the boom of the DSL as the solution for tunneling packets over the DSL connection to the ISP's IP network, and from there to the rest of the Internet. PPPoE provides authentication, encryption, and compression. Typical use of PPPoE involves leveraging the PPP facilities for authenticating the user with a username and password, predominately via the PAP protocol and less often via CHAP. PPPoE was developed by UUNET, Redback Networks (now Ericsson) and RouterWare (now Wind River Systems) and is available as an informational RFC 2516.

Rating:

Category:

Configure; Troubleshoot; Deploy

Solution Id:

TP000086708

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

Need More Help?

Do TippingPoint devices inspect PPPoE traffic?