Create Application Filtering Intelligence for Physical Environment

GigaVUE‑FM allows you to create Application Filtering Intelligence by selecting the applications available from the Total Applications displayed on the Application Intelligence (AFI) dashboard. To create Application Filtering Intelligence, follow these steps:

1.   On the left navigation pane, click Traffic , select Solutions > App Intelligence.

Note:  If you are creating Application Filtering Intelligence immediately after creating Application Monitoring, then you can proceed from Step 2.

2. Select the required application from the Total Applications in the right pane of the Application Intelligence dashboard. You can also select multiple applications for creating the Application Filtering Intelligence.
3. Click Operations, and select App Filtering from the drop-down list.

You can view the list of applications selected in the Selected Applications section.

4. Select either the Pass or Drop check box for an application to allow it to either pass through or get dropped off in the tool port present in the Destination Traffic Priority. You can also perform a search operation to filter the required application from the list of applications.
5. Use the Destination Traffic Priority section, to either choose the available tool port or add a new port for creating a traffic priority. In the Select ports... field, select the tool ports for sending the filtered applications traffic to the external tool. If you are unable to view the required port in the Port field, perform these steps:
o   Click Port Editor. Select the Type as Tool from the drop-down list for the required Port Id. Select OK.

The selected Port appears in the list.

o   Click Save.

Note:  You can select the Null Port option, when you need to collect only the application metadata without sending the filtered traffic to any physical port.

6. In the Priority section, you can perform the following actions:
o   Enable the Pass All check box to pass all the applications when there are no matching rules.
o   Click Advanced Rules > Add a rule to add new rules to perform advanced filtering on the application. For more details on adding a rule, refer to Adding Rules section.

Note:  Pattern match is not supported in GigaSMART Generation 3 modules.

Note:  To view the statistics of packets that are sent due to no rule match pass, view the Map Rule Counters. Refer Review Map Statistics with Map Rule Counters

7. In the Destination Traffic Priority section, click + Add New to create additional Destination Traffic Priority (second level maps). In Application Filtering Intelligence, you can create a maximum of five Destination Traffic Priorities.

Note:   You can click and drag the icon to reorder the map priority when there are multiple priorities.

8. Click Filter to button for the corresponding Priority in a Destination Traffic Priority section for passing and dropping the applications to the required tool ports.

Note:  You cannot filter the traffic using applications when you select pattern match in the rules configuration.

In the Application Filtering Intelligence Settings, you can edit the following options while creating the Application Filtering Intelligence:

o   Bidirectional (Default option).
o   Buffer/Buffer count - The option is enabled default.
o   Protocol- The default value is TCP-UDP. You can also select any of the following options:
•   TCP only
•   UDP only
•   TCP-UDP
•   TCP, UDP and SCTP
•   SCTP only
o   Packet Count
o   Timeout in seconds - The default value is 15 seconds.
o   Sessions Field
9. Click Save.

You can view the Application Filtering Intelligence Statistics from the Application Intelligence Dashboard page.

Adding Rules

You can use Advanced Rules option to add more rules in Application Filtering. To add rules, do the following:

1.   Click Priority > Advanced Rules> Add a Rule
2. Click the field Select Options in Rule 1. and select any of the following options:
■   DSCP
■   ERSPAN ID
■   EtherType
■   GRE Key
■   GTP-U TEID
■   IP Fragmentation
■   IP Version
■   IPv4 Destination
■   IPv4 Source
■   IPv4 protocol
■   IPv4 TOS
■   IPv4 TTL
■   IPv6 Destination
■   IPv6 Flow Label
■   IPv6 Next Header
■   IPv6 Source
■   MAC Source
■   MAC Destination
■   MPLS Label
■   Pattern Match — You can select the pattern type as either as follows and provide the respective values.
•   String
•   Regex- For example, you can use it if you want to filter HTTP sessions that include JSON and API traffic.

Note:  For Regex examples, refer the Supported Protocols and Attributes section in the User Defined Application topic.

■   Port Destination
■   Port Source
■   TCP Control
■   VLAN
■   VN-Tag Destination VIF ID
■   VN-Tag Source VIF ID
■   VN-Tag VIF List ID
■   VXLAN ID
3. Click Pass or Drop check box to allow it to either pass through or get dropped off in the tool port present in the DestinationTrafficPriority.
4. Click Save.

Application Filtering Intelligence can also be configured for virtual environment, refer to Application Filtering Intelligence for more detailed information.