I love talking with engineers and CISOs and listening to how they describe situations, devices and challenges within networking. The IT world loves acronyms, tech terms and jargon, but what surprises me is that manufacturers, resellers, technology partners and end users all define terms a little differently.
For example, the use of "Bypass Switch" and "Bypass TAP," as we come across this a lot being one of the leading manufactures of bypass TAPs.
The terms bypass switch vs. bypass TAP are interchangeable; however the products manufactured by switch and TAP vendors are not interchangeable. Each manufacturer has different features, regardless of bypass TAP vs. switch that need to be considered when deciding how to protect your inline appliance, while making the most use of your budget.
The technology behind Garland's EdgeSafeTM bypass TAPs, was invented in 2001 by Jerry Dillard, CTO/Co-Founder of Garland Technology, who invented bypass technology for an early intrusion prevention systems (IPS), later applying it as an external device, foreseeing the added resiliency to the solution.
"Knowing the loss of time and money was unacceptable, I designed the network bypass TAP. This solution continuously checked the health of the device and ensured the integrity of traffic flows regardless of their condition."
The term "Bypass switch" is used by Ixia, Apcon, and some other manufactures, but here are a few clear differences in Garland's Bypass TAPs.
| Features | Bypass Switch | Garland EdgeSafe Bypass TAP |
|
Copy/sends full duplex traffic |
||
|
Designed to support active, inline tools |
||
|
During failsafe inline appliance still receives packets in 'breakout' TAP mode |
X | |
|
Failsafe for tool failure |
||
|
Failsafe for TAP/switch failure |
||
|
Failsafe for power failure |
||
|
Heartbeat inline tool health check |
||
|
Supports inline bypass (normal mode): traffic flows through attached monitoring device |
||
|
Supports out-of-band bypass (bypass mode): The monitoring device is bypassed and traffic flows directly between the network ports |
||
|
Supports breakout TAP mode: Operates as a full-duplex breakout TAP |
||
|
Supports aggregation mode: Operates as an aggregator TAP and captures 100% full duplex network traffic |
X | |
|
Supports regeneration/ SPAN mode: Operates in regeneration/SPAN mode to distribute the link’s traffic to up to three network tools |
X | |
| Built and supported in USA | X |
We find people are not aware that Garland's EdgeSafeTM bypass TAP in failsafe mode still delivers the packets to the inline appliance. The competitors bypass switches do not do this, leaving the appliance blind to any network threats when in failsafe mode. Still receiving these packets, allows quicker MTTR to troubleshoot, optimize and get the tool back inline.
EdgeSafeTM bypass TAPs support the entire lifecycle of your appliance by being able to immediately switch modes for evaluation & optimization, validation and trouble-shooting & updates.
An EdgeSafeTM bypass TAPs can also be repurposed in your network for use as a 'breakout' TAP, aggregation or regeneration/SPAN TAP, saving you money on as a multi-functional TAP.
You can call it whatever term you prefer - or we could make up a CamelCase for it and call it "switchTAP" or a "failsafe doohickie" But that seems just a bit contrived. However, as you're conducting your research, just be sure the features are what you need for 100% network uptime, visibility and access.
Looking to add a bypass solution to your security deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!