With ever-increasing amounts of data traffic on modern computer networks, network monitoring and security measures play an increasingly important role in reducing the vulnerability of a network to intrusion, unauthorized access and other security or performance issues. Tools can be deployed in a computer network that process the network traffic and provide monitoring and security services. Examples of network monitoring tools include an intrusion detection system (IDS), an intrusion prevention system (IPS), a sniffer, a network monitoring system, an application monitoring system, an intrusion detection system, a forensic storage system, an application security system, among others. However, tools are only as effective as the network traffic that they can see. Existing approaches involve deploying multiple editions of the same tool across a computer network to increase visibility to the network traffic. This can be expensive and difficult to scale and manage.
A network switch communicatively coupled between communicating nodes on a computer network can route packets to centralized tools for processing. To be more responsive to emerging security threats, many out-of-band tools which used to passively monitor traffic are moving to in-line deployments. In an in-line deployment, packets originating from one node on a computer network are routed through the in-line tool before continuing on to another node on a computer network.