<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

The 101 Series: Passive Network TAPs

Companies that are using network monitoring tools, either for analyzing security threats, packet flow or Key Performance Indicators (KPIs) – all have one thing in common. They need to ensure that those applications have access to 100% of the traffic flowing through the network.

If they can’t see all the data, they just can’t operate as designed.


For out-of-band monitoring tools, you’ll want a passive network TAP. With different network environments, there are a few different considerations to choose. For those of you that don’t create network design plans and study best practice connectivity models on a daily basis like we do, here’s a quick refresher to get you started on the right foot

An Overview on Passive Network TAPs

A network TAP is a purpose-built appliance that sits between two network points and sends network data to external appliances without interrupting traffic flows. A passive TAP simply makes a copy of the network data and distributes it to third party appliance(s), they don’t take altered traffic back from the device and resend it through to the network.

Passive TAPs as Garland defines them are TAPs that will not cause the monitored devices to loose link between one another if power is lost. This can be accomplished when monitoring two devices connected with fiber optics or with two devices running 10 or 100 Mbps copper interfaces. 

Some passive TAPs do not require power sources. However, if the TAP needs to perform additional services besides simply copying and sending data (as we’ll see below) they will require power. Regardless, passive network TAPs are designed so that even if the environment loses power, the network devices do not lose the link. The network devices will never even know that the network TAP lost power.    

Download Now: TAP vs SPAN [Whitepaper]

Passive TAPs in Fiber-based Networks

Passive network TAPs can be used in fiber networks of all speed – simply choose the one rated to copy and send traffic at the same rate as your network (1 Gigabit, 10 Gigabit; 40 Gigabit, 100 Gigabit, etc.). If that’s all that the TAP has to do – and there is enough light available in the fiber to split it without degrading network conditions – there is no need to power a passive TAP at all. For companies with crowded wiring closets and limited outlet availability, this network design offers tremendous advantages.

However, if there is not enough light in the fiber or it has to travel too far to reach its final destination, you will need a powered passive TAP.  

Certain installations will require media conversion to bring network traffic to the designated monitoring point. For example, if traffic from a fiber-based network needs to be sent to an appliance with copper input ports, the TAP will convert from Fiber Optic signaling to Electrical signaling since copper is an electrical interface. If the network uses multi-mode fiber for transport and you want to use a single mode fiber to carry the traffic to the monitoring appliance, the TAP will convert the optical signal from multimode to single-mode. While media conversion is easily done within a passive network TAP, it does need to be powered to make that happen.  

It is also important to note that a standard passive network TAP sends two streams of traffic to the monitoring tools. The east to west and west to east traffic. If you only have one port on the monitoring tool you can use one of our aggregation taps to aggregate the west to east and east to west traffic into one stream.    

Passive TAPs in Copper-based Networks 

While a passive network TAP can be used in any fiber-based network, it’s not that straightforward in copper environments. Passive TAPs can be used in copper networks but they must always be powered.

And then there is a speed issue. Passive network TAPs can be deployed in 10/100 Base-T networks but they cannot be deployed in copper gigabit environments. In these networks, companies must use an active network TAP to provide monitoring tools with the visibility they require.

Ensuring the Failsafe Operation of Gigabit Copper TAPS

When choosing a network TAP for copper Gigabit interfaces, it is important to look for one with failsafe circuitry that meets data center standards. For instance, Garland’s fail-safe relay circuitry is built into our Gigabit network TAPs – if power is lost the relay circuitry will fail-close in less than 8 milliseconds providing a connection between the network elements. This ensures that traffic can continuously flow in the event of a power failure.

Of course, the most reliable method is to deploy all your networks TAPs via a rack outfitted with dual Uninterruptible Power Supplies (UPS).

To get around the power requirement, certain vendors will suggest attaching a lithium battery to the passive TAP instead of plugging it into a legitimate power source. Clearly, this method won’t meet data center standards – the failure rate is too high to be trusted.

Passive network TAPs are essential to providing complete packet visibility to network monitoring and security tools, without effecting the network.

Looking to add TAP visibility to your next deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!

TAP versus SPAN, ways to improve your tool performance and data quality  

Written by Jerry Dillard

Jerry Dillard, CTO and Co-founder of Garland Technology, leverages over two decades in design and engineering to ensure maximum performance within today’s network environments. Dillard, the inventor of the Bypass TAP, continues to innovate network visibility solutions worldwide.

Authors

Topics

Sign Up for Blog Updates