Prefiltering
Prefiltering allows you to filter the traffic at UCT-Vs before sending it to the GigaVUE V Series Nodes. For prefiltering the traffic, GigaVUE-FM allows you to create a prefiltering policy template, and the policy template can be applied to a monitoring session.
You can define a policy template with rules and filter values. A policy template once created can be applied to multiple monitoring sessions. However, a monitoring session can use only one template.
Each monitoring session can have a maximum of 16 rules.
You can also edit a specific policy template with required rules and filter values for a particular monitoring session while editing a monitoring session. However, the customized changes are not saved in the template.
Some of the points that must be remembered for prefiltering in Next Generation UCT-Vs are:
Prefiltering is supported only in Next Generation UCT-Vs. It is not supported for classic mirroring mechanism. |
Prefiltering is supported for both Linux and Windows UCT-Vs. |
For a single monitoring session, only one prefiltering policy can be applied. All the agents in that monitoring session are configured with respective prefiltering policy. |
For multiple monitoring sessions, if the same agent is selected by two or more monitoring sessions, then prefiltering policy cannot be applied. It is default to PassAll. |
Create Prefiltering Policy Template
GigaVUE-FM allows you to create a prefiltering policy template with a single rule or multiple rules. You can configure a rule with a single filter or multiple filters. Each monitoring session can have a maximum of 16 rules.
To create a prefiltering policy template, do the following steps:
1. Go to Resources > Prefiltering, and then click UCT-V.
2. Click New.
3. Enter the name of the template in the Template Name field.
4. Enter the name of a rule in the Rule Name field.
5. Click any one of the following options:
Pass — Passes the traffic. |
Drop — Drops the traffic. |
6. Click any one of the following options as per the requirement:
Bi-Directional —- Allows the traffic in both directions of the flow. A single Bi-direction rule should consist of 1 Ingress and 1 Egress rule. |
Ingress — Filters the traffic that flows in. |
Egress — Filters the traffic that flows out. |
7. Select the value of the priority based on which the rules must be prioritized for filtering. Select the value as 1 to pass or drop a rule in top priority. Similarly, you can select the value as 2, 3, 4 to 8, where 8 can be used for setting a rule with the least priority. Drop rules are added based on the priority and, then pass rules are added.
8. Select the Filter Type from the following options:
L3 |
L4 |
9. Select the Filter Name from the following options:
ip4Src |
ip4Dst |
ip6Src |
ip6Dst |
Proto - It is common for both ipv4 and ipv6. |
10. Select the Filter Relation from any one of the following options:
Not Equal to |
Equal to |
11. Enter the value for the given filter.
12. Click Save.
Note: Click + to add more rules or filters. Click - to remove a rule or a filter.
To enable prefiltering, refer to Monitoring Session Options.