<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

Foundation of Visibility: 6 Reasons to Choose TAPs instead of SPAN

December 18, 2018

Designing your network infrastructure, whether it’s for an upgrade or a new data center, is a complex project filled with many challenges. But one that should be easy to overcome is the decision to rely on Network TAPs as the foundation of visibility, rather than using SPAN or Mirror Ports. Today’s networks demand complete visibility by passing all live wire data, guaranteed 100% uptime for active, inline security tools, and no packet loss for out-of-band tools.

It’s been proven time and again that TAPs are the industry best practice when it comes to network access and visibility, but if you need a refresher, here are some key points to remember.

>> Download Now: TAP vs SPAN [Free whitepaper]

  1. Quick and easy to set up. Network TAPs are simple to set up, with no configuration required. SPAN ports on a switch, do require configuration and coding which are subject to human error.  Incorrectly programmed SPAN ports not only fail to make complete copies of your network traffic, but may also hide critical data, such as evidence of a network breach.

  2. No impact on network performance. A network TAP simply makes exact copies of traffic passing over links. There is no uncertainty about the legitimacy of your captured data. It’s complete and undistorted, and shows you exactly what’s happening on your network.

  3. Provide access to any point in a network. If you need visibility in a specific area or layer of your network, simply TAP the link that’s transmitting the information you need.  There’s no limitations on how many areas of your network you can TAP.

  4. No IP Address = More secure. Without an IP or MAC address, network TAPs can’t be hacked.

  5. Network TAPs ensure no packet loss. With TAPs as the foundation of your network visibility fabric, you can be sure that critical packets get to the tools for monitoring, legal regulations, and corporate compliance, and that your expensive investment into aggregation devices and packet brokers is maximized.

  6. Visibility for security tools to see threats. Unlike SPAN ports, Bypass TAPs provide complete network visibility, by passing all live wire data to active, inline security devices, while monitoring the device’s health. If your security tool goes off-line for any reason, the Bypass TAP automatically switches to bypass mode, keeping your network link up while you resolve the issue.

Garland Technology ensures complete network visibility by delivering a full platform of network test access (TAP) products, including Breakout TAPs, Aggregator and Regeneration TAPs, Bypass TAPS, and virtual TAPs. So whatever your network infrastructure needs, we have the physical layer TAPs to suit your needs.

Looking to add a visibility solution to your next deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!

New call-to-action

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES