Create Precryption Template for UCT-V
GigaVUE-FM allows you to filter packets during Precryption in the Data Acquisition at the UCT-V level. This filtering is based on L3/L4 5 tuple information (5-tuple filtering) and the applications running on the workload virtual machines.
Rules and Notes:
- If you wish to use Selective Precryption, your GigaVUE-FM and the fabric components version must be 6.8.00 or above.
- When a single UCT-V is associated with two different Monitoring Sessions with contrasting pass and drop rules, then instead of prioritizing a single rule, GigaVUE-FM will pass all the traffic.
- Once the templates are associated with a Monitoring Session, any changes made in the template will not be reflected in the Monitoring Session.
Refer to the section the following sections for more detailed information:
- Create Precryption Template for Filtering based on Applications
- Create Precryption Template for Filtering based on L3-L4 details
Create Precryption Template for Filtering based on Applications
The application filter allows you to select the applications for which the Precryption should be applied in the Monitoring Session Options page.
- Go to Traffic > Resources > Precryption. The Precryption Policies page appears.
- Click the APPLICATION tab.
- Click Add. The New Precryption Template page appears.
- Select csv as the Type, if you wish to add applications using a .csv file.
- You can download the sample .csv file and edit it.
- Save your .csv file.
- Click Choose File and upload the file.
- Select Manual as the Type, if you wish to add the applications manually. Enter the Application Name and click + icon to add more applications.
- Click Save.
The added applications are displayed in the APPLICATION tab.
You can delete a selected application or you can delete all the application using the Actions button.
Create Precryption Template for Filtering based on L3-L4 details
- Go to Traffic > Resources > Precryption. The Precryption Policies page appears.
- Click the L3-L4 tab.
- Enter or select the following details as mentioned in the below table:
Fields |
Description |
|||||||||||||||
Template |
Enter a name for the template. |
|||||||||||||||
Rule Name |
Enter a name for the rule. |
|||||||||||||||
Action |
Choose any one of the following options:
Note: In the absence of a Precryption rule, traffic is implicitly allowed. However, once rules are defined, they include an implicit pass all rule. Should the traffic not conform to any of the specified rules, it will be passed. |
|||||||||||||||
Direction |
Choose any one of the following options:
|
|||||||||||||||
Priority |
Select the value of the priority based on which the rules must be prioritized for filtering. Select the value as 1 to pass or drop a rule in top priority. Similarly, you can select the value as 2, 3, 4 upto 8, where 8 can be used for setting a rule with the least priority. Drop rules are added based on the priority and, then pass rules are added. |
|||||||||||||||
Filters |
||||||||||||||||
Filter Type |
Select the Filter Type from the following options:
Note: L4 Filter Type can only be used with L3. |
|||||||||||||||
L3: |
||||||||||||||||
Filter Name |
Select the Filter Name from the following options:
|
|||||||||||||||
Filter Relation |
Select the Filter Relation from any one of the following options:
|
|||||||||||||||
Value |
Enter or Select the Value based on the selected Filter Name. Note: When using Protocol as the Filter Name, select TCP from the drop-down menu. |
|||||||||||||||
L4: |
||||||||||||||||
Filter Name |
Select the Filter Name from the following options:
|
|||||||||||||||
Filter Relation |
Select the Filter Relation from any one of the following options:
|
|||||||||||||||
Value |
Enter the source or destination port value. |
- Click Save.
Note: Click + to add more rules or filters. Click - to remove a rule or a filter.
The template is successfully created. To enable Precryption, refer to Configure Monitoring Session Options (AWS) section.
You can delete a selected template or you can delete all the templates using the Actions button.
You can also edit a selected template using Actions > Edit.