Analysis of network traffic rules at a network visibility node

What is claimed is: 1 . A method comprising: receiving, at a network visibility node communicatively coupled to a computer network, a plurality of packets associated with network traffic over the computer network, the network traffic associated with communications among a plurality of devices over the computer network; accessing, by the network visibility node, network traffic rules configured to be applied to the network traffic; and processing, by the network visibility node, the received plurality of packets using the accessed network traffic rules to monitor usage of the accessed network traffic rules. 2 . The method of claim 1 , wherein the network visibility node operates out-of-band with the computer network. 3 . The method of claim 1 , wherein the accessed network traffic rules mirror network traffic rules applied to the network traffic by at least one of the plurality of devices on the computer network. 4 . The method of claim 3 , where the at least one of the plurality of devices includes any of a switch, a router, or a firewall device communicatively coupled to the computer network. 5 . The method of claim 1 , wherein the network visibility node is communicatively coupled to the computer network via any of a network tap or a packet mirroring port at any of the plurality of devices. 6 . The method of claim 1 , wherein the network visibility node is part of a visibility fabric, wherein the visibility fabric is communicatively coupled to at least one network tool, and wherein the visibility fabric is operable to enable visibility across the computer network by routing network traffic information to the at least one network tool, the network traffic information including any of: at least some of the received plurality of packets; or metadata extracted from at least some of the received plurality of packets. 7 . The method of claim 1 , wherein accessing the set of network traffic rules includes any of: receiving an input including the network traffic rules; receiving programming instructions defining the network traffic rules; or actively pulling the network traffic rules from any of the plurality of devices applying the network traffic rules. 8 . The method of claim 1 , wherein processing the received plurality of packets using the accessed network traffic rules to monitor usage of the network traffic rules includes any of: identifying a hit indicative of a packet or flow of packets included in the received plurality of packets that satisfy a rule criterion associated with the accessed network traffic rules; or identifying a miss indicative of a packet or flow of packets included in the received plurality of packets that do not satisfy a rule criterion associated with the accessed network traffic rules. 9 . The method of claim 1 , further comprising generating an output based on the monitored usage of the network traffic rules. 10 . The method of claim 9 , wherein the output includes information regarding a packet or flow of packets of the received plurality of packets, the information including any of: a source identifier; a destination identifier; a protocol identifier; or a timestamp. 11 . The method of claim 8 , wherein processing the received plurality of packets using the accessed network traffic rules to monitor usage of the network traffic rules includes: tracking a plurality of hits and/or misses over a period of time. 12 . The method of claim 11 , further comprising: generating an output that includes statistical information based on the tracked plurality of hits and/or misses. 13 . The method of claim 11 , further comprising: automatically generating an output if the tracked plurality of hits and/or misses over the period of time satisfies a specified reporting criterion. 14 . The method of claim 1 , further comprising: receiving a user input selecting a particular network traffic rule of the accessed network traffic rules; and generating an output, in response to the selection, including information regarding usage of the particular network traffic rule. 15 . The method of claim 1 , further comprising: receiving a user input selecting a particular period of time; and generating an output, in response to the selection, including information regarding usage of the network traffic rules within the particular period of time. 16 . The method of claim 1 , wherein processing the received plurality of packets using the accessed network traffic rules to monitor usage of the network traffic rules includes: analyzing identified hits and/or misses associated with the accessed network traffic rules to identify a redundant network traffic rule. 17 . The method of claim 1 , wherein processing the received plurality of packets using the accessed network traffic rules to monitor usage of the network traffic rules includes: analyzing identified hits and/or misses associated with the accessed network traffic rules to identify two or more network traffic rules that conflict with each other. 18 . The method of claim 1 , wherein processing the received plurality of packets using the accessed network traffic rules to monitor usage of the network traffic rules includes: analyzing identified hits and/or associated with the accessed network traffic rules to identify an underutilized network traffic rule. 19 . The method of claim 1 , further comprising: forwarding network traffic information to a network tool communicatively coupled to the network visibility node for processing, the network traffic information including any of: at least some of the received plurality of packets; or metadata extracted from at least some of the received plurality of packets; receiving, in response to the processing, feedback information from the network tool; and modifying a particular network traffic rule based on the feedback information. 20 . The method of claim 1 , further comprising: offloading a particular network traffic rule applied at a particular device on the computer network for application at the network visibility node. 21 . A system comprising: a processing unit; a network interface configured to communicatively couple the processing unit to a computer network; a storage unit communicatively coupled to the processing unity, the storage unit including stored network traffic rules configured to be applied to network traffic over the computer network, the network traffic associated with communications among a plurality of devices over the computer network; and a memory unit communicatively coupled to the processing unit, the memory unit including instructions stored thereon, which when executed by the processing unit, cause the system to: receive, via the network interface, a plurality of packets associated with the network traffic; access, from the storage unit, the stored network traffic rules; and process the received plurality of packets using the stored network traffic rules to monitor usage of the accessed network traffic rules. 22 . A network visibility node comprising: a network port through which to communicate with a computer network; and a rules validation engine communicatively coupled to the network port, the rules validation engine configured to: receive, via the network port, a plurality of packets associated with network traffic over the computer network, the network traffic associated with communications among a plurality of devices over the computer network; acc