2016 Symantec Corporation This document may be freely reproduced & distributed whole & intact including this copyright
notice.
11
Figure 2
–2
Passive-Inline Configuration
In Passive-Tap mode (Figure 2-3), network traffic does not flow through the
SV3800/SV3800B/SV3800B-20 or the attached security appliance. The
SV3800/SV3800B/SV3800B-20 receives a copy of traffic in the network from a
TAP device and this traffic (possibly decrypted) is sent to the attached security
appliance. A typical example of this type of deployment would be an IDS or
Forensic appliance attached to the SV3800/SV3800B/SV3800B-20, which is in
turn attached to a TAP or SPAN port. This mode of operation supports SSL
Inspection only and cannot act as an SSL policy control point.