Selective modification of data packets for network tool verification

What is claimed is: 1. A method comprising: identifying, by a network appliance, a data packet included in a first incoming traffic flow received from a source node, wherein the data packet originates from a source external to the network appliance; modifying, by the network appliance, the data packet to produce a modified data packet that mimics abnormal traffic; injecting, by the network appliance, the modified data packet into an outgoing traffic flow destined for a network tool, wherein the outgoing traffic flow includes the modified data packet and at least one unmodified data packet from the first incoming traffic flow; determining, by the network appliance, whether the modified data packet was blocked by the network tool in accordance with a security protocol by examining a second incoming traffic flow received from the network tool; and generating, by the network appliance, an indication of health of the network tool based on a determination of whether the modified data packet was blocked by the network tool. 2. The method of claim 1 , further comprising: identifying, by the network appliance, a flow map associated with the data packet. 3. The method of claim 2 , further comprising: determining that a simulated error mode has been enabled for the flow map. 4. The method of claim 2 , wherein the flow map represents a policy that governs how the data packet is to be handled by the network appliance. 5. The method of claim 2 , wherein said identifying the flow map comprises: recognizing a network port of the network appliance at which the data packet was received, the source node from which the data packet was received, or a characteristic of the data packet; and selecting the flow map from a plurality of flow maps based on the network port, the source node, or the characteristic of the data packet. 6. The method of claim 1 , further comprising: forwarding, by the network appliance, at least a portion of the second incoming traffic flow to a network port for transmission to a destination node. 7. The method of claim 1 , further comprising: in response to a determination that the modified data packet was not blocked by the network tool, generating, by the network appliance, a notification that indicates a security risk exists; and causing, by the network appliance, display of the notification on an interface accessible to an administrator. 8. The method of claim 1 , further comprising: in response to a determination that the modified data packet was blocked by the network tool, generating, by the network appliance, a notification that indicates the network tool is operating properly; and causing, by the network appliance, display of the notification on an interface accessible to an administrator. 9. The method of claim 1 , wherein the indication of health of the network tool is based on a percentage of modified data packets that are dropped by the network tool. 10. The method of claim 9 , wherein the indication of health specifies that the network tool is operating properly if the network tool blocks a predetermined percentage of all modified data packets in the outgoing traffic flow. 11. The method of claim 1 , wherein said modifying comprises: altering a bit that resides in a header or a trailer of the data packet. 12. A network appliance comprising: a first network port at which to receive a first incoming traffic flow from a source node that is external to the network appliance; a first tool port through which to forward a first outgoing traffic flow to a network tool; a second tool port at which to receive a second incoming traffic flow from the network tool; a processor; and a memory configured to store instructions that, when executed by the processor, cause the processor to: identify a data packet from the first incoming traffic flow, wherein the data packet originates from a source external to the network appliance; modify the data packet to produce a modified data packet that mimics abnormal traffic; inject the modified data packet into the first outgoing traffic flow, the first outgoing traffic flow including the modified data packet and at least one unmodified data packet from the first incoming traffic flow; determine whether the modified data packet was blocked by the network tool by examining the second incoming traffic flow; and provide an indication of heath of the network tool based on whether the modified data packet was blocked by the network tool. 13. The network appliance of claim 12 , further comprising: a second network port through which to forward a second outgoing traffic flow to a destination node. 14. The network appliance of claim 13 , wherein the instructions further cause the processor to: forward at least a portion of the second incoming traffic flow to the second network port for transmission to the destination node as the second outgoing traffic flow. 15. The network appliance of claim 12 , wherein the instructions further cause the processor to: identify a flow map associated with the data packet; and determine that a simulated error mode is enabled for the flow map. 16. The network appliance of claim 15 , wherein the instructions further cause the processor to: generate an interface that is accessible to an administrator; and enable the administrator to specify whether the simulated error mode is enabled for the flow map via the interface. 17. The network appliance of claim 12 , wherein said providing comprises: transmitting an email message to an email address associated with an administrator, transmitting a test message to a phone number associated with the administrator, or posting a notification to an interface accessible to the administrator. 18. A method comprising: receiving, by a network appliance, a data packet produced by an originating node that is communicatively coupled to the network appliance and that is external to the network appliance; modifying, by the network appliance, the data packet to produce a modified data packet that mimics abnormal traffic; transmitting, by the network appliance, the modified data packet to a network tool that is communicatively coupled to the network appliance; determining, by the network appliance, whether the modified data packet was blocked by the network tool by determining whether the modified data packet is included in incoming traffic received from the network tool; and generating, by the network appliance, an indication of health of the network tool based on a determination of whether the modified data packet was blocked by the network tool. 19. The method of claim 18 , wherein the modified data packet is transmitted to the network tool as part of an outgoing traffic flow that includes at least one unmodified data packet produced by the originating node. 20. The method of claim 18 , wherein said modifying includes altering a bit that resides within a payload of the data packet. 21. The method of claim 18 , wherein the originating node is communicatively coupled to the network appliance via at least one intermediary node.