Traffic Processing

Application Filtering Intelligence allows you to filter traffic based on the application (such as YouTube, Netflix, Sophos, or Facebook) or application family (such as antivirus, web, erp, or instant-messaging). Application Filtering Intelligence enables advanced traffic filtering based on Layer 7 applications, providing the ability to fine-tune your network visibility. With this capability, you can optimize tool performance by excluding high-volume, low-risk traffic from being sent to your monitoring tools. At the same time, you can prioritize and route high-risk or critical traffic of interest to the appropriate tools for detailed analysis, ensuring efficient resource utilization and timely response to potential threats or incidents.

Adaptive Packet Filtering (APF) delivers advanced capabilities to analyze and manage traffic flows with precision. APF enables you to inspect any part of a packet, including its payload, and take intelligent actions such as forwarding, dropping, or masking the flow.

This feature supports filtering across complex encapsulation headers, such as VXLAN, ERSPAN, GRE, Nested VLANs, MPLS, VN-Tag, and more. Additionally, it allows traffic to be filtered based on inner packet contents within these encapsulated flows, offering unparalleled granularity in traffic control.

APF is also session-aware, allowing you to define search patterns using regular expressions (RegEx) or strings. Once a match is detected, APF can apply actions to the entire session, such as forwarding it to specific tools or completely dropping it from the monitoring pipeline.

Application Session Filtering (ASF) provides advanced capabilities to identify and filter network flows based on flexible user-defined criteria. By leveraging powerful regular expressions (RegEx), ASF allows you to define precise patterns to match specific flow characteristics.

ASF examines one or more packets within a flow session to determine if the flow aligns with your defined criteria. Once a match is identified, all packets within that session are forwarded for analysis, ensuring that only relevant traffic reaches your tools.

Application Metadata Intelligence allows you to export metadata from applications that are detected in the network traffic. The records can be exported to a collector either in IPFIX or CEF format

Application Metadata Exporter (AMX) application converts the output from the Application Metadata Intelligence (AMI) in CEF format into JSON format and sends it to the cloud tools and Kafka.

Application Visualization identifies and monitors all applications contributing to the network traffic and reports on the total applications and the total bandwidth they consume over a select period. Application Visualization allows you to identify more than 3,500 applications.

De-duplication application targets, identifies, and eliminates duplicate packets, blocking unnecessary duplication and sending optimized flows to your security and network monitoring tools. De-duplication lets you detect and choose the duplicate packets to count or drop in a network analysis environment.

ERSPAN Tunnel Decapsulation application removes the protocol header added by ERSPAN tunnel to extract the original user data packet.

A map is used to filter the traffic flowing through the GigaVUE V Series Nodes. It is a collection of one or more rules (R). The traffic passing through a map can match one or more rules defined in the map.

The GENEVE Decapsulation application removes the protocol header added by the GENEVE tunnel to extract the original user data packet.

Header Stripping application efficiently examines packets for specified headers, such as MPLS, VLAN, VXLAN, VN-TAG, and GRE, and removes them before sending the packets to the appropriate security and analysis tools.

The L2GRE Tunnel Decapsulation application removes the protocol header added by the L2GRE tunnel to extract the original user data packet.

The L2GRE Tunnel Encapsulation application wraps a user packet within an L2GRE protocol-compliant packet for transport to the next hop for processing or analysis.

A Load-Balancing application allows you to distribute traffic to multiple tools for analysis. The application not only load-balances the traffic among the tools; it can also handle the distribution in a stateful manner to ensure packets of the same flow are always distributed to the same tool.

Masking application allows you to overwrite specific packet fields with a specified pattern so that sensitive information is protected during network analysis.

Packet Slicing allows you to truncate packets after a specified header and slice length, preserving the portion of the packet required for monitoring purposes. Slicing operations are typically configured to preserve specific packet header information, allowing effective network analysis without the overhead of storing full packet data.

SSL/TLS decryption application delivers decrypted traffic to out-of-band tools that can then detect threats entering the network.

UDPGRE Tunnel Decapsulation application removes the protocol header added by the UDPGRE tunnel to extract the original user data packet.

VXLAN Tunnel Decapsulation application removes the protocol header added by the VxLAN tunnel to extract the original user data packet.