Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Blogheader image.png

TAP Into Technology

Leading the Way in Network Technology

Network Visibility Fabric Design: Starts with the Access Layer

Posted by Jeff Warner | 11/15/18 8:00 AM

Network visibility fabrics, a combination of network TAPs, network packet brokers, aggregation devices, and bypass devices, play a critical role for network performance management and security operations.

Network requirements are becoming more complicated with each passing year, as more data is flowing across networks, across a wider area, and at higher speeds. This has led to an increased need by enterprises, service providers, and government agencies to require greater visibility into the network to understand what is going on. Enter in the rise of the network visibility fabric to provide a complete view into your network.  

Let’s explore the network visibility fabric in more detail, starting with the foundation: the Access Layer.

Access Layer2

 

A Reliable Access Layer is Critical

The access layer of a network visibility fabric is where traffic is pulled from the production network. The access layer usually consists of 100M or 1G copper network links, where switches directly connect to end point devices and allow these devices to communicate with each other, and may also provide "Power over Ethernet" to power small devices.

“EMA recommends that enterprises use TAPs as much as possible in the access layer to avoid network performance impacts and assure packet fidelity.” It seems as though the well-documented use cases for Network TAPs are making grounds, as 83% of current network visibility fabrics make use of TAPs for at least half of the fabric access layer.

Read EMA's Best Practices for Building A Network Visibility Fabric!

What's Monitored at the Access Layer?

  • User Access Control
  • Workstation Monitoring
  • VoIP Monitoring

Network TAPs will provide 100% visibility for out-of-band monitoring tools, as the fabric will mirror the traffic from various segments of the network.  This traffic can be sent to monitoring tools like Wireshark, network analyzers, DPIs, and lawful intercept applications.

 

Access Layer Taps1


For inline security use cases, like firewalls and intrusion protection, the fabric will redirect production network traffic to analysis tools and then return the inspected traffic back to the production network. By using bypass TAPs for these inline applications, the network remains protected, and the inline tool does not create a point of failure for the network.

Access Layer TAPs 

  • Tapping at the Access Layer Switch will allow for visibility into End Points talking to other End Points on the same switch
  • Every link on the Access Layer Switch will need a TAP in order to get full visibility
  • PoE Links will require a TAP that can pass PoE on through to the End Point Device
  • TAPs are often used by a technician to look at a single End Point Device at time
  • SPAN ports are common on Access Layer Switches as ports are often under-utilized, allowing multiple ports to be mirrored out a single port at a time


Traffic doesn’t lie, so to get to the bottom of an investigation of a threat or an anomaly, you need to have a complete copy of the network traffic, and using a reliable Network TAP is the way to ensure that.

[If you’re interested in learning more about the principles behind a well-designed network visibility fabric, download Garland’s latest whitepaper from the analysts at EMA: Best Practices for Building a Network Visibility Fabric.]

Topics: Network TAPs, Network Design, Network Visibility/Monitoring, Network Packet Brokers/Advanced Aggregators

Written by Jeff Warner

With over 20 years experience selling IT and Security Solutions, Jeff has a strong understanding of the needs of enterprise networks, and works to support customers in developing a complete network visibility fabric.