An embodiment described herein relates to an auxiliary network that is configured to obtain copies of packets from a traffic production network. Such auxiliary network includes one or more nodes for processing the copies of packets in an out-of-band configuration so that copies of the packets can be forwarded to some end tools. Accordingly, the auxiliary network is not a part of the traffic production network.
In some cases, the auxiliary network may change. For example, one node in the auxiliary network may be a virtual machine implemented on a host, and such virtual machine may be moved to another host. As another example, one node in the auxiliary network may be a physical device, and the physical device may be replaced with another physical device located elsewhere, or may be moved to another geographical location. Also, the configuration of one or more nodes in the auxiliary network may change.
An embodiment described herein provides a device and method for detecting a change in the auxiliary network, and configure one or more network policies governing the behavior of one or more nodes in the auxiliary network based on the detected change.