With ever-increasing amounts of data traffic on modern computer networks, network monitoring and security measures play an increasingly important role in reducing the vulnerability of a network to intrusion, unauthorized access and other security or performance issues. Tools can be deployed in a computer network to process the network traffic and provide monitoring and security services. Examples of network monitoring tools include an intrusion detection system (IDS), an intrusion prevention system (IPS), a packet sniffer, a network monitoring system, an application monitoring system, a forensic storage system, and an application security system, among others. However, such tools are only effective to the extent of the network traffic that they actually see, and any given tool will not necessarily see all of the relevant traffic on a network. Existing approaches, therefore, involve deploying multiple tools of the same type across a computer network to increase visibility to the network traffic. This approach can be expensive and difficult to scale and manage.
A network switch appliance can be coupled between nodes on a computer network to route packets to centralized tools for processing. To be more responsive to emerging security threats, many businesses and other organizations that employ computer networks are transitioning from using out-of-band tool deployments that passively monitor traffic to using in-line tool deployments. In an in-line deployment, packets originating from one node on a computer network are routed through the tool before continuing on to the intended destination node on a computer network. Systems of two or more in-line network switch appliances and associated tools can be used to improve monitoring reliability and avoid network interruptions.