What are TAPS?
What are network TAPs?
At Network Critical, we define a network TAP as a test access point – a hardware device inserted at a specific point in the network where data can be accessed for testing purposes. This is mainly used to monitor the network traffic between two points in the network infrastructure.
A network TAP typically consists of four ports: an A port, a B port and two monitoring ports. The A and B ports collect traffic from the network and the monitoring ports provide a copy of this traffic to an attached monitoring device.
Typically, a network TAP is placed between two points in the network. The network cable between points A and B is replaced with a pair of cables, which are then connected to the TAP. Traffic is passively routed through the TAP, without the network’s knowledge. This allows the TAP to make a copy of the traffic, which is sent out of the monitoring port to be used by another tool without changing the network traffic flow.
Why do I need a network TAP?
There are many different methods for gaining access to your network. Some of the traditional methods include using a switched portanalyser (SPAN) port on your switch or connecting a monitoring device inline on the network. There are challenges with both of these scenarios.
Using a SPAN port can often be the cheapest solution, but this method has many hazards. Often, when SPAN ports are over-subscribed, packets are dropped before data reaches the monitoring tool. There is also the risk of the losing some of the error packets that may be causing problems. If this data is never sent to the monitoring tool because it is being dropped, it is impossible to troubleshoot, no matter how advanced a tool you may be using.
There are different problems when a tool is installed inline. Especially when dealing with a critical network, it’s essential that the network is available at all times because down time can be very costly. When a device is installed inline, the network must be brought down every time updates are required or the tool needs to be re-booted. Similarly, if the monitoring tool fails, the network will go down as well.
All these problems can be solved by using a TAP as you will be guaranteed that every packet is being sent from the network to the monitoring tool. Because these devices are never over-subscribed, they always pass every packet, even essential error packets that a SPAN port may drop. When a V-Line TAP is installed inline instead of the monitoring device, you can avoid problems associated with bringing down the network.
Types of network TAP
There are several types of TAPs to choose from in order to achieve different functionality according to the structure and needs of your network.
Breakout TAPs are the simplest form of TAP. They consist of four ports: two input ports and two output ports. The two input ports each collect traffic from the network: one collecting traffic travelling from point A to point B on the network, the other collecting traffic from point B to point A. The breakout TAP then sends a copy of this traffic out of the monitoring ports – the A to B traffic is passed out of one port and the B to A traffic out of the other port. Both these monitoring ports are then connected to some form of monitoring device. This allows a copy of the traffic from a single network segment to be monitored and/or analysed without disturbing the network.
Aggregating and/or regenerating TAPs
Aggregating TAPs allow you to take the network traffic from multiple network segments and aggregate all the information to a single monitoring port. This will allow you to use just one monitoring tool to see all your network traffic.
Regenerating TAPs allow you to take traffic from one network segment and send it to multiple monitoring tools. This enables you to send a single traffic stream to a range of different monitoring tools, each serving a different purpose, whilst taking traffic from the network only once.
V-Line™ (inline or bypass) TAPs
V-Line TAPs (also known as inline or bypass TAPs) allow you to place a network tool ‘virtually, inline’. These TAPs are used where monitoring devices need to be placed inline on the network to be effective, but when putting these devices inline will compromise the integrity of a critical network. By placing a V-Line TAP in its place and connecting the monitoring tool to the V-Line TAP, you can guarantee that the network will continue to flow and the device will not create a failure point in the network.