This connection is fully passive; if the bypass switch itself loses power, traffic continues to flow unimpeded through the link.
During normal operation, the bypass switch passes all network traffic through the appliance as if it were directly in-line itself.
In this mode, an attached IPS appliance can be used as an intrusion detection system (IDS) to passively monitor the traffic without affecting it.
Using an external bypass switch to connect an in-line appliance such as a NGFW, IPS, or DDoS has several benefits.
This should be a net gain in reliability, because the bypass switch is a simpler device than the monitoring appliance, and because it is designed for fault-tolerance.
Bypass switches increase network reliability through several mechanisms including passive in-line connections, link detection, and heartbeat packets.
The two network ports in a bypass switch create a fully passive in-line connection that maintains traffic flow even in the absence of power.
For fiber links, a normally closed optical switch creates a path for light to flow unimpeded through the device when power is absent.