Service Chain

A service chain is a logical grouping of services in a defined order through which SSL Orchestrator processes traffic. Security policies match traffic flow conditions, which then assign flows to service chains. The service chain then orchestrates the traffic through the defined set of services in the defined order.

SSL Orchestrator service chains process specific connections based on rules which look at protocol, source and destination addresses, and so on. These service chains can include five types of services (HTTP services, Layer 2 inline services, Layer 3 inline services, receive-only/TAP services, and ICAP services) you define, as well as any decrypt zone between separate ingress and egress devices.

When configuring the Service Chain screen, you can process specific connections based on security policy rules which look at protocol, source, and destination addresses to define an ordered list of services. These service chains can include an ordered list of services you define, as well as any decrypt zone between separate ingress and egress devices. Select services that have already been created from the available list, filter as necessary, and add them to the

Selected Service Chain Order

list.

This service chain list can also be reordered by using the direction arrow buttons.

To use a previously created service chain, select the check box next to the name of the desired service chain type and click

Save & Next

. You can edit any previously created service chain by clicking directly on the name. To create a new service chain, click

Add

.