Bypass network taps

Bypass Network TAPs

Maintain your network's performance

Without maintaining your network's monitoring and security performance, your speed, cost and efficiency will become compromised. Bypass TAPs are reliable and easy-to-use solutions to ensure your network is performing well, 365 days a year.

 

What is a Bypass TAP?

A bypass TAP, sometimes referred to as a Bypass Switch, has consistent heartbeats that are sent to an Inline security appliance. These heartbeats indicate the functionality of the security appliance: regular beats means the bypass TAP is functioning well. If the beats are not returned to the bypass TAP (see below) the TAP automatically bypasses the appliance to allow the packets to be sent through, no matter how high the traffic is. It is also able to detect the status of the appliance, so when it comes back online, this is detected by the TAP and traffic is once again directed through the appliance.

When an IPS or other Inline Appliance is installed behind a V-Line TAP, the TAP continually checks the status of the appliance and if it is online, will direct traffic through it. If the appliance goes for maintenance or update, or any reason, the TAP will automatically bypass the appliance and direct traffic straight through to the network

How does the TAP detect if the appliance is online?

  1. Heartbeat packets are injected into the traffic stream and are directed to the monitoring device.
     

  2. If the heartbeat packets are not detected, when the traffic is passed back through the V-Line™ TAP on their way back to the network, the TAP enters Bypass mode and bypasses the appliance.
     

  3. Heartbeats are configurable for maximum flexibility and Heartbeat packets are NEVER sent on to the live network.

Network Critical: Bypass TAP

This reliable and easy-to-use technology allows you to have confidence in maintaining your network security and performance because our TAPs have failsafe technology and support inline security tools, such as advanced threat protection (ATP), intrusion prevention systems (IPS) and web application firewall (WAF). Therefore, the Network Critical Inline Bypass is the first layer of defence needed to protect your network against attacks.

The Network Critical Inline bypass TAP solution enables our customers to:
 

  • Keep pace with increasing network traffic volumes by enhancing Inline security tool performance.

  • Remove single points of tool failure by providing multiple layers of resiliency.

  • Packet filter

  • Sharing traffic with passive tools as well as the IPS

V-Line Single Tool Bypass: Active

This mode allows a bidirectional flow of live network traffic to be passed through a single Inline tool. The tool throughput status is monitored via heartbeat packets. While heartbeat flow is present the tool is considered Active and network traffic is sent to it for inspection.
 

V-Line Single Tool Bypass: InActive

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered InActive, and is Bypassed. Live network traffic continues to pass uninterrupted across the TAP, and the tool continues to be monitored by heartbeats. When heartbeat flow is restored the tool is considered Active again and is placed back Inline.

Breakout/Aggregation TAP Mode

If V-Line functionality is not required, the module also offers some basic breakout and aggregation capabilities. 
 

One port pair on the V-Line module can function as a TAP pair to monitor a live network link, and the remaining ports may then be independently used for traffic output to Off-line monitoring tools. This mode supports optional packet slicing between 16-9216 bytes before output to the tools.

V-Line Dual Tools in Parallel

This mode allows a bidirectional flow of live network traffic to be passed through two identical Inline tools, in parallel, in an Active/Standby configuration. The throughput status of each tool is monitored independently via heartbeat packets. While heartbeat flow is present the tool is considered Active and network traffic is sent to it for inspection. Only one tool is required at any one time so the second Active tool is held in Standby.

V-Line Dual Tools in Parallel

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered InActive, and is Bypassed, and the Standby tool takes over. 

V-Line Dual Tools in Parallel

The InActive tool continues to be monitored by heartbeats. When heartbeat flow is restored the tool is considered Active again and is held in Standby.

V-Line Dual Tools in Series

This mode allows a bidirectional flow of live network traffic to be passed through two different Inline tools, in series. The throughput status of each tool is monitored independently via heartbeat packets. While heartbeat flow is present the tool is considered Active and network traffic is sent to it for inspection. 

V-Line Dual Tools in Series

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered InActive, and is Bypassed. Live network traffic continues to pass uninterrupted across the other tool, and both tools continue to be monitored by heartbeats. When heartbeat flow is restored the tool is considered Active again and is placed back Inline. 

Egress Mode

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered InActive, and is Bypassed. Live network traffic continues to pass uninterrupted across the other tool, and both tools continue to be monitored by heartbeats. When heartbeat flow is restored the tool is considered Active again and is placed back Inline. 

Technology Partnerships

Cisco is a global leader in telecommunications, security, network infrastructure and IT applications. As an official Cisco Solution Partner, Network Critical helps provide visibility and access for Cisco security and performance monitoring solutions.

Cisco network security
network critical success stories

Customer Use Cases

Network Critical’s solutions are used in global networks across a wide range of sectors including Telco, Government and Energy

network visibility white paper

4D Visibility: The four pillars of Network Visibility
and how to develop a robust strategy

Compare The Products

Compare the entire Network TAP, Hybrid TAP and Packet Broker Range

ethernet taps

SPEAK TO AN EXPERT

Together, we can find the perfect solution for your network