Service function chains (also referred to as service chains) define a set of service functions (e.g., network address translation (NAT), intrusion prevention, intrusion detection, deep packet inspection (DPI), firewall, switching, load-balancing, and network acceleration functions, among others), and their order (e.g., in a list such as service1->service 2) to be applied to selective packets as they are forwarded through network devices to create a composite of network service (e.g., L4-L7 services). The order in which each individual service is applied is predetermined through an orchestration function and that order is mapped into each network node that is involved in the forwarding of packets through a given service function chain. The mapping of forwarded state within the service chain structure is referred to as a service path.
In certain circumstances, packets in a traffic flow may be captured by network administrators for analysis—such as to identify applications operating on a given network; identify points of intrusions to identify security flaws and breaches; identify data leakages; troubleshoot occurrences of undesired network events; identify and/or recover lost or stolen data and packets; determine extent of network elements comprised by virus and malware; assess impact of changes within a network; and ensure long-term compliance issues.