Configure Precryption in UCT-V

GigaVUE-FM allows you to enable or disable the Precryption feature for a monitoring session.

To enable or disable the Precryption feature in UCT-V, refer to Create monitoring session.

To create a new monitoring session with Precryption, follow these steps:

  1. In GigaVUE‑FM, on the left navigation pane, select Traffic > Virtual > Orchestrated Flows and select your cloud platform. The Monitoring Sessions page appears.
  2. Click New to open the Create a New Monitoring Session page.
  3. Enter the appropriate information for the monitoring session as described in the following table:

    Field

    Description

    Alias

    The name of the monitoring session.

    Monitoring Domain

    The name of the monitoring domain that you want to select.

    Connection

    The connection(s) that are to be included as part of the monitoring domain. You can select the required connections that need to be part of the monitoring domain.

    Traffic Distribute

    Enabling the "Traffic Distribute" option identifies duplicate packets across different GigaVUE V Series Nodes when traffic from various targets is routed to these instances for monitoring.

  4. Click Next. The Edit Monitoring Session page appears with the new canvas.
  5. Click Options button. The Monitoring Session Options appears.
  6. Click Precryption tab.
  7. Enable Precryption.
  8. Click Save. The Edit Monitoring Session page appears. You can proceed to create map, tunnels, and adding applications.

Note:  It is recommended to enable the secure tunnel feature whenever the Precryption feature is enabled. Secure tunnel helps to securely transfer the cloud captured packets or precrypted data to a GigaVUE V Series Node. For more information, refer to Secure Tunnel .

Validate Precryption connection

To validate the Precryption connection, follow the steps:

■   To confirm it is active, navigate to the Monitoring Session dashboard and check the Precryption option, which should show yes.
■   Click Status, to view the rules configured.

Rules and Notes

  • To avoid packet fragmentation, you should change the option precryption-path-mtu in UCT-V configuration file (/etc/uctv/uctv.conf) within the range 1400-9000 based on the platform path MTU.