Understanding Trend Micro™ Network VirusWall™ Enforcer 2500
1
-
21
F
IGURE
1-6.
An Example of When a Bridge IP Address and Static Route is
Necessary
What happens and when the Bridge IP address and Static Route are used:
1.
Network VirusWall Enforcer (NVWE) receives traffic with Endpoint 1’s IP and
Router 1’s MAC addresses. The path of the traffic is: Endpoint 1-> Router 1->
Switch1 -> NVWE.
2.
Network VirusWall Enforcer (NVWE) needs to send packets to Endpoint 1, but
they belong to different network segments. So, we add a Bridge IP address bound
to VLAN 3 that is in the same network segment as Endpoint 2 and Router 1’s
interface 2. This allows Network VirusWall Enforcer to send packets to Endpoint
1using the Bridge IP address. The path of the traffic is: NVWE -> Default
Gateway -> NVWE -> Switch 1-> Router 1-> Endpoint 1.
3.
The Bridge IP address and Router 1’s interface 1 belong to different network
segments, so the traffic sends to the default gateway first. However, traffic
between NVWE and the default gateway is unnecessary. We add a Static Route
and bind it to Bridge.VLAN 3. The path of the traffic is: NVWE -> Switch 1->
Router 1-> Endpoint 1.