With ever-increasing amounts of data traffic on modern computer networks, network monitoring tools play an increasingly important role in reducing the vulnerability of a network to intrusion, unauthorized access and other security or performance issues. Examples of network monitoring tools include an intrusion detection system (IDS), an intrusion prevention system (IPS), a sniffer, a network monitoring system, an application monitoring system, an intrusion detection system, a forensic storage system, an application security system, among others. An “inline” network monitoring tool (or “inline tool”) is a tool that is part of the data flow, or path, between two other devices that are part of the network and communicate with each other on the network.
A network device may receive data packets from a source node on a network and utilize packet switching to forward the packets on the network for transmission to a destination node. Such a network device may also first pass the packets it receives to an inline tool such as described above, before forwarding them to the destination network node. The network device includes multiple network ports for transmitting packets to and from various network nodes, and further includes one or more tool ports for routing those packets to an inline tool for analysis. Such inline connectivity provided by the network device enables uninterrupted traffic flow between computing devices connected together on the network. However, existing techniques that use a network device to route packets through an inline tool have various limitations.