TECHNIQUES FOR USER-DEFINED TAGGING OF TRAFFIC IN A NETWORK VISIBILITY SYSTEM
First Claim
Patent Images
1. A method comprising:
- receiving, by a data plane component of a network visibility system, a data packet tapped from a source network;
matching, by the data plane component, the data packet with an entry in a rule table, the entry including one or more match parameters;
in response to the matching, tagging, by the data plane component, the data packet with a zone identifier defined in the entry; and
forwarding, by the data plane component, the data packet to an analytic server for analysis.
6 Assignments
0 Petitions
Accused Products
Abstract
Techniques for enabling user-defined tagging of traffic in a network visibility system are provided. In one embodiment, a data plane component of the network visibility system can receive a data packet tapped from a source network. The data plane component can further match the data packet with an entry in a rule table, where the entry includes one or more match parameters, and in response to the matching can tag the data packet with a zone identifier defined in the entry. The data plane component can then forward the tagged data packet to an analytic server for analysis.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, by a data plane component of a network visibility system, a data packet tapped from a source network; matching, by the data plane component, the data packet with an entry in a rule table, the entry including one or more match parameters; in response to the matching, tagging, by the data plane component, the data packet with a zone identifier defined in the entry; and forwarding, by the data plane component, the data packet to an analytic server for analysis. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer readable storage medium having stored thereon program code executable by a data plane component of a network visibility system, the program code causing the data plane component to:
-
receive a data packet tapped from a source network; match the data packet with an entry in a rule table, the entry including one or more match parameters; in response to the matching, tagging the data packet with a zone identifier defined in the entry; and forwarding the data packet to an analytic server for analysis. - View Dependent Claims (14, 15, 16)
-
-
17. A device operable to act as a data plane component in a network visibility system, the device comprising:
-
a processor; and a non-transitory computer readable medium having stored thereon program code that, when executed by the processor, causes the processor to; receive a data packet tapped from a source network; match the data packet with an entry in a rule table, the entry including one or more match parameters; in response to the matching, tagging the data packet with a zone identifier defined in the entry; and forwarding the data packet to an analytic server for analysis. - View Dependent Claims (18, 19, 20)
-
Specification