Description of problem:

We have a customer requesting the status / ETA of TaaS on RHOSP.

They provided me with the following description of their desired use case.

Please let me know if you need any questions answered or any more detail from the customer.

"""
For the NFV infrastructure  we are requiring tapping for a number of use-cases:

Permanent capturing use-cases:
- Some Legal Intercept solutions being used on the legacy environment are relying on capture traffic on specific points permanently to a closed LI platform which allows law enforcement to do the necessary tracking (which under local law requires the ISP to be unaware on who or what is being tracked). Migrating towards a NFV platform the same functionality should be maintained including potentially for the traffic between to VM's on the same host.
- A number of Customer Services tools have been procured/developed that based on (mostly signalling) traffic analysis to provide easy troubleshooting up to the CS agent in the call center. These tools are using traffic captures with physical taps on the legacy environment. The goal is to preserve such feature parity and tooling continuity between the NFV environment and the legacy during the lengthy migration path towards  NFV. 
- For certain traffic flows the Security Operations Center (SOC) is using traffic base-lining tools in an attempt to identify anomalous traffic patterns. These flows can reside on the different parts of the NFV infrastructure. 

Ad-hoc capturing use-cases:
- The internal Security Operations Center (SOC) is desiring to be able to very selectively subject certain traffic flows to deep inspection based on Indicators of Compromise (IOC) on either systems, application or traffic behaviours.
- For troubleshooting purposes many application teams require the capability to capture traffic from the NFV infrastructure.

"""