When the Symantec Advanced Threat Protection (ATP) appliance is in Inline mode, the appliance enters bypass mode if it cannot function or is turned off. In bypass mode, Internet traffic is routed through the LAN port and the WAN port, but no monitoring or blocking occurs. For bypass mode to function properly, ensure that you use the proper type of Ethernet cables to connect to the LAN. LEDs on the back of the appliances indicate bypass mode if the appliance is not turned off.
In the bypass mode, the Ethernet cables on the LAN port and the WAN port are interconnected. You must ensure that the total length of the interconnected cables does not exceed the maximum Ethernet cable length. The Ethernet cable length per ANSI/TIA/EIA cabling standards is 100m for Cat5e and Cat6. For more information on the Ethernet cable length, refer the ANSI/TIA/EIA cabling standards.
To test the physical appliance bypass mode
In ATP Manager, click Settings > Appliances, and then double-click an appliance from the list.
In the Network Interface Settings panel, click the toggle switch in the Scanning field to set scanning to the Off position. Click Ok if a warning dialog appears asking if you are sure that you want to disable scanning.
With scanning disabled, the physical appliance should now operate in bypass mode.
Try to access the Internet from a computer in the LAN that the device monitors or protects.
You should be able to access the Internet. The bypass LEDs on the back of the ATP appliance should be on, but not blinking.
In ATP Manager, click Settings > Appliances, select the device from the list. Then click the toggle switch in the Scanning field to set scanning to the On position. Click Ok if a warning dialog appears asking if you want to proceed.