Configure Monitoring Session for Inline V Series

When the Traffic Acquisition Method is Inline, the IVTAP application is available on the canvas by default. You can configure up to three tiers in a Monitoring Session and define multiple Sub Policies. Each Sub Policy can have its own ingress and egress tunnels, along with applications for traffic processing.

Rules and Notes:

  1. You can configure a maximum of three tiers in a Monitoring Session.
  2. You can configure a maximum of 8 Sub Policies in a Monitoring Session.
  3. Each Sub Policy can have its own Ingress Tunnels, Egress Tunnels, and Applications.
  4. Tier 1 supports only Maps—Inline traffic is disabled and reserved for future use.
  5. Traffic from an out-of-band endpoint can either:
    • Pass through a Map and be sent to a tool using an Egress Tunnel.
    • Be sent to the GigaVUE V Series Node of the next tier for further processing.

To configure the Monitoring Session for Inline V Series Solution:

  1. After creating a new Monitoring Session or on an existing Monitoring Session, navigate to the TRAFFIC PROCESSING tab. The GigaVUE-FM Monitoring Session canvas page appears.
  2. When the Traffic Acquisition Method is Inline, the IVTAP application is available on the canvas by default.
  3. Drag and drop the following items to the canvas as required for Tier 1 or Sub Policy 1:
    1. Maps from the Map Library section.
    2. Inclusion and Exclusion maps from the Map Library to their respective section at the bottom of the workspace.
    3. Egress tunnels from the Tunnels section.
  4. Drag and drop the following items to the canvas as required for Tier 2 or Sub Policy 2:
    1. Ingress tunnel (as a source) from the New section.
    2. Maps from the Map Library section.
    3. Inclusion and Exclusion maps from the Map Library to their respective section at the bottom of the workspace.
    4. GigaSMART apps from the Applications section.
    5. Egress tunnels from the Tunnels section.
  5. Repeat Step 4 to configure a third tier, if required.
  6. After placing the required items in the canvas, hover your mouse over each element, click the dot, and drag the arrow over to another item (map, application, or tunnel).
  7. To create a connection between the sub-policy, hover your mouse over the egress tunnel, click the dot, and drag the arrow to the Ingress Tunnel of another Sub Policy.
  8. The Blue Dot serves as an identifier to differentiate between tiers.
  9. From the Actions drop-down list, select Deploy. The Deploy Monitoring Session pop-up appears.
  10. For each Policy (Tier) configured in the Monitoring Session, enter the following details:
  11. In the Policy Name field, verify the auto-generated policy name or enter a custom name.
  12. From the Node Group drop-down list, select the appropriate node group associated with this policy.
  13. Under Interface Mapping, configure the interfaces:
    • From the Ingress - <Tunnel> drop-down list, select the input interface.
    • From the Egress - <Tunnel> drop-down list, select the output interface.
  14. Click Deploy the Monitoring Session.

To view the GigaVUE V Series Node associated with each Sub Policy, navigate to the V SERIES NODES tab and select a policy from the Select a Sub policy drop-down menu.

What to do Next:

Note:  To ensure traffic is routed to the GigaVUE V Series Node, you must create routing tables in AWS.

After deploying the Monitoring Session in GigaVUE-FM, you must create routing tables in AWS with the configurations specified in the Architecture patterns for inline inspection section in AWS Documentation. For more details on how to configure routing table refer to Configure routing.