Create Precryption Template for UCT-V
GigaVUE-FM allows you to filter packets during Precryption in the Data Acquisition at the UCT-V level. This filtering is based on L3/L4 5 tuple information (5-tuple filtering) and the applications running on the workload virtual machines.
Rules and Notes:
- Selective Precryption works with GigaVUE‑FM and the fabric components version 6.8.00 or above.
- When a single UCT-V is associated with two different Monitoring Sessions with contrasting pass and drop rules, then instead of prioritizing a single rule, GigaVUE-FM passes all the traffic.
- Once the templates are associated with a Monitoring Session, the changes made in the template are not reflected in the Monitoring Session.
Refer to the section the following sections for more detailed information:
Create Precryption Template for Filtering based on Applications
The application filter allows you to select the applications for which you apply Precryption in the Monitoring Session Options page.
To create,
-
Step Go to Traffic > Resources > Precryption.
The Precryption Policies page appear
-
Step Select the APPLICATION tab.
-
Select Add.
The New Precryption Template page appears.
-
Select csv as the Type, if you wish to add applications using a .csv file.
-
Download the sample .csv file and edit it.
-
Save your .csv file.
-
Select Choose File and upload the file.
-
-
Select Manual as the Type if you wish to add the applications manually.
-
Enter the Application Name select + icon to add more applications.
-
Select Save.
You can view the added applications in the APPLICATION tab.
You can delete a selected application or you can delete all the application using the Actions button.
Create Precryption Template for Filtering based on L3-L4 details
To create,
-
Go to Traffic > Resources > Precryption. The Precryption Policies page appears.
-
Select the L3-L4 tab.
-
Perform the following steps:
-
In the Template field, enter a name for the template.
-
In the Rule Name field, enter a name for the rule.
-
For Action, select one of the following options:
-
Pass: Passes the traffic.
-
Drop: Drops the traffic.
Note: In the absence of a Precryption rule, traffic is implicitly allowed. However, the defined rules include an implicit pass all rule. Should the traffic not conform to any of the specified rules, it is passed.
-
-
For Direction, select one of the following options:
-
Bi-Directional: Allows the traffic in both directions of the flow. A single Bi-direction rule should consist of 1 Ingress and 1 Egress rule.
-
Ingress: Filters the traffic that flows in.
-
Egress: Filters the traffic that flows out.
-
-
In the Priority field, select one of the following values:
-
1: Select to pass or drop a rule in top priority.
-
2 to 8: Select to decide priority where 8 is used for setting a rule with the least priority.
Note: Drop rules are added based on the priority, and then pass rules are added.
-
-
Select Filter Type from the following options:
-
L3:
-
L4
Note: You can use L4 Filter Type only with L3.
For L3, perform the following:
-
Select Filter Name from the following options:
-
IPv4 Source
-
IPv4 Destination
-
IPv6 Source
-
IPv6 Destination
-
Protocol: It is common for both IPv4 and IPv6.
-
-
Select Filter Relation from any one of the following options:
-
Not Equal to
-
Equal to
-
-
Enter or Select the Value based on the selected Filter Name.
Note: When using Protocol as Filter Name, select TCP from the drop-down menu.
For L4, perform the following:
-
Select the Filter Name from the following options:
-
Source Port
-
Destination Port
-
-
Select the Filter Relation from any one of the following options:
-
Not Equal to
-
Equal to
-
-
Enter the source or destination port value.
-
-
-
Select Save.
Note: Select + to add more rules or filters. Select - to remove a rule or a filter.
The template is successfully created. To enable Precryption, refer to Configure Monitoring Session Options (OpenStack) section.
You can delete a selected template or you can delete all the templates using the Actions button.
You can also edit a selected template using Actions > Edit.
