Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.


Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.


The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners


Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.


Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.


Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

The 101 Series: Passive Network TAPs

Companies that are using network monitoring tools – be they for analyzing security threats, packet flow or Key Performance Indicators (KPIs) – all have one thing in common. They need to ensure that those applications have access to 100% of the traffic flowing through the network.

If they can’t see all the data, they just can’t operate as designed. So what’s your best bet?

For out of band monitoring tools, you’ll want a passive network TAP.  Unfortunately, there is no “one size fits all” solution that will work in every environment. For those of you that don’t create network design plans and study best practice connectivity models on a daily basis like we do, here’s a quick refresher to get you started on the right foot.

Passive Network TAPs - An Overview 

Passive TAPs as Garland Technology defines them are TAPs that will not cause the monitored devices to loose link between one another if power is lost. This can be accomplished when monitoring two devices connected with Fiber optics or with two devices running 10 or 100 Mbps copper interfaces. Copper Gigabit interfaces are slightly different and are not completely passive. However our built-in failsafe circuitry detects if the TAP loses power and the relay circuitry will fail-close in less than 8 milliseconds providing a connection between the network elements

A network TAP is a purpose-built appliance that sits between two network points and sends network data to external appliances without interrupting traffic flows. A passive TAP simply makes a copy of the network data and distributes it to third party appliance(s), they don’t take altered traffic back from the device and resend it through to the network.  Only an active network TAP can support those functions (more on that in the next post).

Some passive TAPs do not require power sources. However, if the TAP needs to perform additional services besides simply copying and sending data (as we’ll see below) they will require power. Regardless, passive network TAPs are designed so that even if the environment loses power, the network devices do not lose the link. The network devices will never even know that the network TAP lost power.    

Passive TAPs in Fiber-based Networks

Passive network TAPs can be used in fiber networks of all speed – simply choose the one rated to copy and send traffic at the same rate as your network (1 Gigabit, 10 Gigabit; 40 Gigabit, 100 Gigabit, etc.). If that’s all that the TAP has to do – and there is enough light available in the fiber to split it without degrading network conditions – there is no need to power a passive TAP at all. For companies with crowded wiring closets and limited outlet availability, this network design offers tremendous advantages.

However, if there is not enough light in the fiber or it has to travel too far to reach its final destination, you will need a powered passive TAP.  

Certain installations will require media conversion to bring network traffic to the designated monitoring point. For example, if traffic from a fiber-based network needs to be sent to an appliance with copper input ports, the TAP will convert from Fiber Optic signaling to Electrical signaling since copper is an electrical interface. If the network uses multi-mode fiber for transport and you want to use a single mode fiber to carry the traffic to the monitoring appliance, the TAP will convert the optical signal from multimode to singlemode. While media conversion is easily done within a passive network TAP, it does need to be powered to make that happen.  

It is also important to note that a standard passive network TAP sends two streams of traffic to the monitoring tools. The east to west and west to east traffic. If you only have one port on the monitoring tool you can use one of our aggregation taps to aggregate the west to east and east to west traffic into one stream.    

Passive TAPs in Copper-based Networks 

While a passive network TAP can be used in any fiber-based network, it’s not that straightforward in copper environments. Passive TAPs can be used in copper networks but they must always be powered.


Download Now: Network TAPs 101
The Networking User Guide [Free eBook]

And then there is a speed issue. Passive network TAPs can be deployed in 10/100 Base-T networks but they cannot be deployed in copper gigabit environments. In these networks, companies must use an active network TAP to provide monitoring tools with the visibility they require.

Ensuring the Failsafe Operation of Gigabit Copper TAPS

When choosing a network TAP for copper Gigabit interfaces, it is important to look for one with failsafe circuitry that meets data center standards. For instance, Garland’s fail-safe relay circuitry is built into our Gigabit network TAPs – if power is lost the relay circuitry will fail-close in less than 8 milliseconds providing a connection between the network elements. This ensures that traffic can continuously flow in the event of a power failure.

Of course, the most reliable method is to deploy all your networks TAPs via a rack outfitted with dual Uninterruptible Power Supplies (UPS).

To get around the power requirement, certain vendors will suggest attaching a lithium battery to the passive TAP instead of plugging it into a legitimate power source. Clearly, this method won’t meet data center standards – the failure rate is too high to be trusted.  

Looking to add passive TAPs to your next deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!

Network TAPS 101 Basics for IT Security engineers   

Written by Jerry Dillard

Jerry Dillard leverages two decades in design and engineering to ensure maximum performance within today’s network environments. Dillard, as the inventor of the Bypass Network Test Access Point (TAP), has secured his legacy as he continues to provide network solutions for data centers worldwide.