What Are TAPs?
What are Network TAPs?
When you think of a network TAP, what comes to mind? A faucet in a hand basin for getting water? A military bugle call?
At Network Critical, we define a network TAP as a Test Access Point, or a hardware device inserted at a specific point in the network where data can be accessed for testing purposes. This is mainly used to monitor the network traffic between two points in the network infrastructure.
A network TAP typically consists of four ports: an A port, a B port and two monitoring ports. The A and B ports collect traffic from the network and the monitoring ports provide a copy of this traffic to an attached monitoring device.
Typically, a network TAP is placed between two points in the network. The network cable between points A and B is replaced with a pair of cables, which are then connected to the TAP. Traffic is passively routed through the TAP, without the network’s knowledge. This allows the TAP to make a copy of the traffic, which is sent out of the monitoring port to be used by another tool without changing the network traffic flow.
Why do I need a Network TAP?
There are many different methods for gaining access to your network. Some of the traditional methods used for gaining access to network traffic include using a SPAN port on your switch or connecting a monitoring device in-line on the network. There are challenges with both of these scenarios.
Using a SPAN port can often be the cheapest solution, but using this method has many hazards. Often, when SPAN ports are over-subscribed, packets are dropped before data reaches the monitoring tool. There is also the risk of the losing some of the error packets that may be causing problems. If this data is never sent to the monitoring tool because it is being dropped, it is impossible to troubleshoot, no matter how advanced a tool you may be using.
There are different problems when a tool is installed in-line. Especially when dealing with a critical network, it is essential that the network is available at all times because down time can be very costly. When a device is installed in-line, the network must be brought down every time updates are required or the tool needs to be re-booted. Similarly, if the monitoring tool fails, the network will go down as well.
All of these problems can be solved by using a TAP. When using a TAP, you will be guaranteed that every packet is being sent from the network to the monitoring tool. Because these devices are never over-subscribed, they always pass every packet, even essential error packets that a SPAN port may drop. When a V-Line TAP is installed in-line instead of the monitoring device, you can avoid problems associated with bringing down the network.
Types of Network TAPs
There are several types of TAPs to choose from in order to achieve different functionality according to the structure and needs of your network.
Breakout TAPs are the simplest form of TAP. A Breakout TAP consists of four ports: two input ports and two output ports. The two input ports each collect traffic from the network; one collecting traffic traveling from point A to point B on the network, the other collecting traffic from point B to point A on the network. The Breakout TAP then sends a copy of this traffic out of the monitoring ports - the A to B traffic is passed out of one port and the B to A traffic out the other port. Both of these monitoring ports are then connected to some form of monitoring device. This allows a copy of the traffic from a single network segment to be monitored and/or analyzed without disturbing the network.
Aggregating TAPs allow you to take the network traffic from multiple network segments and aggregate all of the information to a single monitoring port. This will allow you to use just one monitoring tool to see all of your network traffic.
Regeneration TAPs will permit you to take traffic from one network segment and send it to multiple monitoring tools. This allows you to send a single traffic stream to a range of different monitoring tools, each serving a different purpose, whilst taking traffic from the network only once.
V-Line TAPs (also known as Inline or Bypass TAPs) allow you to place a network tool "Virtually Inline". These TAPs are used where monitoring devices need to be placed in-line on the network to be effective, but when putting these devices inline will compromise the integrity of a critical network. By placing a V-Line TAP in its place and connecting the monitoring tool to the V-Line TAP, you can guarantee that the network will continue to flow and the device will not create a failure point in the network.