Professional Documents
Culture Documents
Arbor APS STT Unit 01 Design Basics 25 Jan2018
Arbor APS STT Unit 01 Design Basics 25 Jan2018
DATA
ISP 1 CENTER
ISP
ISP 2
IPS
Firewall
Load
Balancer
Target
Applications
ISP ‘n’ Attack Traffic & Services
Good Traffic
ISP
ISP
7 5 4 2
• 4 x 10G SR LC Connectors
• 4 x 10G LR LC Connectors
• 4x 1G Copper
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 13
Throughput License Options
Appliance License
APS-2800-10G: 10 Gbps
APS-2800-20G: 20 Gbps
APS 2800
APS-2800-30G: 30 Gbps
APS-2800-40G: 40 Gbps
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 14
APS Appliance License: Box Sticker
• License keys for Demo and Spare devices should be requested from ATAC
• You will need to provide the device’s Serial Number
• In the web UI, monitor mode appears as “Monitor”. Active / Inactive are
not supported
Monitor Mode
• In the web UI, the inline deployment modes appear as “Inline Bridged”
(Inline) and “Inline Routed” (L3)
• Both modes will support Active/Inactive sub modes
• Typically, monitor mode is used for trial implementation. Monitor mode can also be
used if your organization forbids the inline deployment. For example, you can use
APS to detect the traffic on-premises but no mitigation will occur
• Typically, the Inline Bridged and Inline Routed mode (L3) are used in an active
implementation. In an active implementation, APS mitigates attacks in addition to
monitoring traffic and detecting attacks.
• Arbor APS can also be used in Inline Inactive mode. In this mode APS will analyze
traffic and detects attacks without performing mitigations.
• The inactive protection mode is similar to the monitor mode. Like the monitor mode,
the inactive protection mode typically is used for trial implementations.
Link Tap /
Port Span
ISP
ISP
ISP