Understanding the FlowTap Service
Dynamic flow capture enables you to capture packet flows on the basis of dynamic filtering criteria, using Dynamic Tasking Control Protocol (DTCP) requests. The flow-tap service is a Junos OS application that performs lawful intercept of packet flows, using Dynamic Tasking Control Protocol (DTCP). The application extends the use of DTCP to intercept IPv4 and IPv6 packets in an active monitoring router and send a copy of packets that match filter criteria to one or more content destinations.
Flow-tap data can be used in the following applications:
Flexible trend analysis for detection of new security threats
Lawful intercept
The flow-tap service is supported on MX Series routers. Flow-tap filters are applied on all IPv4 traffic and do not add any perceptible delay in the forwarding path. Flow-tap filters can also be applied on IPv6 traffic. For security, filters installed by one client are not visible to others and the CLI configuration does not reveal the identity of the monitored target. A lighter version of the application (FlowTapLite) is also supported on MX Series routers.