Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Blogheader image

TAP Into Technology

Leading the Way in Network Technology

The 101 Series: Active Network TAPs—Where, When and How

Posted by Jerry Dillard | 9/14/17 8:00 AM

Because network connectivity is critical to any security or network monitoring project, people are always asking us which network TAP is right for them.  In a recent post, we discussed the ins and outs of passive network TAPs which are typically paired with out-of-band monitoring solutions.  

 

Today, we’ll take an in-depth look at active network TAPs and see where, when and how they fit into a complete visibility strategy.

 

 

Active Taps are Necessary When any One of the Following Conditions are Present:

  1. An in band security appliance is being deployed such as an IPS.  In this case the active TAP is classified as a Bypass TAP (this will be covered in a future blog).

  2. A copper Gigabit segment is being monitored. Gigabit copper is a special case that requires the two endpoints being monitored to link to the TAP, regardless of the application.

  3. A monitoring tool will be used that injects packets into the network, such as TCP Reset Packets

Garland’s Definition of an Active Network TAP:

Garland defines an active network TAP as a TAP that is physically linked to the monitored devices. If the power is lost on the TAP Garland has proprietary fail-safe circuitry that connects the two monitored devices together so traffic continues to flow.


The whole point of deploying network TAPs of any kind is to ensure total visibility for any connected appliances.  These purpose-built devices are inserted directly into the network to provide complete access to traffic data at the source.  Unlike switch SPAN ports or other secondary sources that can be overwhelmed during traffic spikes, network TAPs pass 100% of the bits, bytes and packets that they see directly to the connected security appliances or network monitoring tools.


Active network TAPs are frequently designed to support in-line security applications, such as next-gen firewalls, anti-malware devices, intrusion detection systems and more.  These security systems are unique because they take in traffic from the outside world and attempt to block suspicious communications from getting inside the company.  Naturally, these appliances require a TAP that can feed them network traffic without losing packets – but they also need a solution able to accept the authorized traffic as well as messages from the appliance and let them travel to their intended destination.  Only an active network TAP can facilitate this type of communication.

Diagram 1: Active TAP in Bypass Mode

Providing Inband Security Device 100% of the Packets

The biggest reason companies use active TAPs is to ensure that their key front-line security systems don’t miss packets, a risk that most CSOs prefer to avoid.  However, this deployment method offers another key benefit – security appliances can easily be moved to an out-of-band status in the event that the company needs to troubleshoot issues or make updates.  If firewalls and other appliances must remain in-line during the upgrade process, there is a good chance that normal traffic flows will be disrupted and cause issues for other applications.  Taking firewalls out-of-band for a few minutes is the fastest way to see if a persistent issue originates with the network or the security system.


Simply put, active TAPs make life easier for the people tasked with managing today’s complex IT environments.  And, the firewall still sees 100% of the network traffic while it is running out-of-band so the risk to the organization is minimal.   

Providing Network Access in Copper Gigabit Environments

Organizations looking to provide connectivity for security or network monitoring devices in high speed copper environments must use an active network TAP regardless of whether or not the appliance is in-line or out-of-band.  Passive TAPs cannot be deployed in copper gigabit environments because of the way that data is simultaneously transmitted and received over the copper pairs – the endpoints don’t get a clear picture of what is coming and what is going.  

Download your Secrets to Tapping Copper Networks Whitepaper

Ensuring Effectiveness

Unlike certain passive TAPs, all active network TAPs require power to function. That means that you need a failsafe mechanism to ensure that you haven’t introduced a possible failure point into the network.  All Garland active TAPs were designed to recognize power outages and automatically close the relay circuitry in less than 8 milliseconds providing a passive connection between your  two network elements.This ensures network uptime while your network administrators figure out the power loss issue.

 

While all network TAPs serve the same need – ensuring that connected devices receive 100% of the traffic data they require to their job – you need to pick the one that best suits your application and environment.


Need help on selecting the right TAP? Contact Garland Technology’s network design team for expert advice..

 

 

Topics: Network TAPs, The 101 Series

Written by Jerry Dillard

Jerry Dillard leverages two decades in design and engineering to ensure maximum performance within today’s network environments. Dillard, as the inventor of the Bypass Network Test Access Point (TAP), has secured his legacy as he continues to provide network solutions for data centers worldwide.

Sign up for blog updates