Tuesday, March 27, 2012

ACL Capture feature

Hi Guys, I found this very interesting  as a feature and I thought I would share it quickly on my blog, No details for you on how to configure it yet or how well it works but still :)


ACL Capture

You can configure ACL capture in order to selectively monitor traffic on an interface or VLAN.
When you enable the capture option for an ACL rule, packets that match this rule are either forwarded or dropped based on the specified permit or deny action and may also be copied to an alternate destination port for further analysis.
An ACL rule with the capture option can be applied as follows:
  • On a VLAN
  • In the ingress direction on all interfaces
  • In the egress direction on all Layer 3 interfaces
ACL capture can be used in a variety of scenarios. For example, ACL capture can use ACL rules to identify packets belonging to a tunnel and to send a copy (or capture) of the tunnel packets to a specific destination. ACL capture can also be used to monitor all HTTP traffic on a particular VLAN.
Finally, you can also configure the capture session for the whole ACL rather than configuring it per ACL rule. This configuration applies the capture session to all of the ACL rules.

No comments:

Post a Comment