Tech Tips: What is IPS Sniffer mode and how to configure it?
IPS Sniffer Mode is a variation of Layer 2 Bridged Mode that is used for intrusion detection. IPS Sniffer Mode configuration allows an interface on the firewall to be connected to a mirrored port on a switch to examine network traffic. Typically, this configuration is used with a switch inside the main gateway to monitor traffic on the intranet.
This is only available for NSA and SM devices. It is not available for TZ boxes.
Please refer to the KB below for more details on the topology and configuration.
I hope this is useful!
Thanks and stay safe!!
Technical Support Advisor, Premier Services