<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
Skip to content

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

The 101 Series: Quick Connect Tips for Out-of-Band Monitoring Appliances

Active inline appliances are on the front-lines of your network's critical links, but out-of-band monitoring devices are just as important to your overall network visibility and security. Your out-of-band monitoring devices might include application performance monitoring (APM), Wireshark, network analyzers, lawful intercept and deep packet inspection.

In this post, we’ll discuss the keys to ensuring 100% network access for your out-of-band monitoring appliances that analyze your network traffic.

The Keys to Tapping Out-of-Band Monitoring Appliance

Your out-of-band monitoring devices aren’t effective if they can’t see 100% of network traffic and compare it to your normal baseline. Placing analyzers and network TAPs in different locations throughout the network will allow you to compare traffic to help spot suspicious activity and ensure the devices are deployed effectively.

Follow these tips for proper deployment:

1. Use Network TAPs for Out-of-Band Monitoring Devices

Unlike active network TAPs that pass traffic through an inline device, network TAPs simply copy traffic from the network and pass it to the monitoring appliances. Whether you have a fiber optic network or a 10/100M network, network TAPs ensure total network uptime even in the case of power failure.

Not all network TAPs are created equal, though. Determining which mode you need is essential to ensuring visibility.

2. Breakout vs. Aggregation

The type of network TAP you choose is based on the type of device you’re tapping and its environment. A breakout TAP can be used for high utilization situations. The following figure depicts how breakout mode works:

Out-of-Band Monitoring Appliances Figure 1: Copper TAP

 

Out-of-Band Monitoring Appliances

Figure 2: Fiber TAP

Network elements (a router and a switch) are connected to Network Ports A and B. The router on Port A sends traffic to Port B and Monitor Port C while the switch on Port B sends traffic to Port A and Monitor Port D. A network monitoring device is linked to Ports C and D, analyzing 100% of the traffic from the router and switch. Because the traffic is separated into two different ports, breakout mode can handle your heaviest traffic situations.

For example:

TAP 1G full duplex for 2G traffic

TAP 10G full duplex for 20G traffic

TAP 40G full duplex for 80G traffic

TAP 100G full duplex for 200G traffic

Aggregating mode, on the other hand, combines the traffic from Port A and Port B, delivering two separate copies to Port C and Port D. This gives you the ability to connect two different monitoring devices (Wireshark and deep packet inspection, for example), but limits you to low utilization scenarios because of potential over-subscription.

 

garlandpicture234
Figure 3: Aggregating TAP

Aggregating TAPs can support devices with just one NIC card and combine monitoring traffic into a single monitoring port. For example, if Wireshark is on your laptop that only has one NIC you can now see both sides of the traffic. When you understand the technical requirements of your appliance and network, you can choose the right TAP for the job.

Download Now: Network TAPs 101 - The Networking User Guide [Free eBook]

Packet Brokers with Load Balancing Are Very Useful for Out-of-Band Monitoring 

Packet brokers can be placed between your network TAP and network monitoring devices to allow you to manipulate your traffic in many ways so your monitoring appliances receive just the traffic they are interested in to perform the proper analysis that you require. Packet brokers are also useful when you have many network links and fewer appliances or a new high speed link going to existing low speed appliances.

The packet broker can filter, aggregate and load balance the traffic presented to it and send the traffic off to out-of-band appliances. They can also change the media from fiber to copper, single-mode fiber to multi-mode. A packet broker with hybrid bypass TAPs can also send information to your security tools, while providing  failsafe security for your active, inline appliances.

Load balancing with packet brokers allows your network tools to see every bit, byte and packet® necessary to analyze the health of your network. Packet brokers also support “any to any” configuration (1G to 10G, 10G to 1G, to 40G, 1G to 40G, 40G to 10G and 1G) so you can grow your network and ensure 100% visibility without purchasing new appliances with every upgrade.

100% Traffic Analysis All of the Time

Implementing passive network TAPs is guaranteed to ensure 100% visibility for your monitoring devices.Combined with the packet broker you add a great deal of flexibility to view what is going on in your network to keep it properly maintained. Remember, you can’t fix what you can’t see.

Looking to add visibility solutions to your next deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!

Network TAPS 101 Basics for IT Security engineers

Written by George Bouchard

George has many years of experience working with both hardware and software in the OEM and Commercial marketplace. George’s expertise is in the engineering of Network TAPs.

Authors

Topics

Sign Up for Blog Updates