Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Design-IT Solutions: How to TAP a Wireless Access Point

The addition of wireless connections or “Wi-Fi” to networks has provided a cost-effective way to allow endpoints to communicate with both back-end resources and each other. Traditionally, copper cabling would need to be run throughout a building and an RJ45 ethernet port would need to be available at any location where there could potentially be a computer. On the backend, this causes a significant increase in networking equipment: patch panels to support each run and switch ports to support each network link. With wireless, an access point (AP) can be placed in an open location and provide connectivity to multiple endpoints while only utilizing a single port on a switch.

Setting Up a Wireless Network

When setting up a wireless network, the physical location of the access points will play a major role in how the access point will be deployed. In many installations, the access point will be placed in a location that does not have a power outlet available. In these situations, a switch or power injector that is compliant with the 802.3 AT Power over Ethernet (PoE+) standard would be used. PoE+ pushes up to 30W of power over cat5e or cat6 copper cabling, allowing access points to be powered with the same copper cable that provides network connectivity to it.

When monitoring a network link that is also providing Power over Ethernet, it is important to select a Network TAP that will pass PoE through the appliance. If Poe is not supported on the TAP, the network switch will see the TAP as a device that doesn’t require power and will not push out power on that interface. Without power, the access point will not work.

Wireless TAP

In locations where a power outlet will be available near the access point, a power adapter can be used instead of PoE. Situations like these have a bit more flexibility in how the access point can be connected to the network. Since power doesn’t have to be pushed over the cabling, multi-mode and single-mode fiber cables can be used to provide longer distance connections.

Fiber Wireless TAPs

Today, wireless 802.11 AC wave 1 access points will support bandwidth up to 1.3 Gbps but will generally see slightly less than 1Gbps due to interference and overhead. With multiple endpoints acting as clients on a wireless AC access point, it’s very possible that large amounts of bandwidth will be passed from the AP to the switch. When placing a Network TAP on the link between the AP and the switch, oversubscription can easily become an issue.

>> Download Now: Network TAPs 101 [Free eBook]

Using a Network TAP to Avoid Oversubscription

To accommodate for the traffic, the TAP can be placed in breakout mode to get 100% of the traffic in each direction: negating the risk of oversubscription at the cost of producing 2 monitoring links. If the monitoring tools being used cannot support more than one monitor port, a filtering TAP can isolate only relevant traffic the monitoring tool needs and reduce the bandwidth going to the aggregated monitor port.

Wireless Tap with filter

Something to consider when tapping the network link to a wireless access point is how traffic flows over a wireless network. Wireless is usually deployed to provide access to the internet or to back end resources on mobile devices. When a wireless client connects out to the internet, the network data passes through the access point and becomes ethernet traffic as it is forwarded through the network to the gateway router. Once the traffic is converted to ethernet and placed onto a copper or fiber cable it can then be captured with a network TAP.

Access Internet & resources with TAP


In contrast, any network communication that occurs between devices on the same access point will not be visible to the TAP and unable to be captured.

intra-AP communication with TAP


The Network TAP will provide a copy of the traffic that flows through it. Wireless access points will only convert wireless traffic to ethernet when the traffic is being sent to the wired network. This means that a tapped network link to an access point will provide visibility into what mobile users are accessing on the network, but will not be the correct tool to provide visibility into what is going on in the wireless network. Wireless access points generate management and control traffic that provide useful information about the health of the wireless network. To capture this information, Wi-Fi Analyzers are purpose-built devices that can see 802.11 wireless traffic and provide the needed visibility.

New call-to-action

Written by Jerry Dillard

Jerry Dillard leverages two decades in design and engineering to ensure maximum performance within today’s network environments. Dillard, as the inventor of the Bypass Network Test Access Point (TAP), has secured his legacy as he continues to provide network solutions for data centers worldwide.