<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.


Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.


The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners


Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.


Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.


Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Understanding the Basics of Packet Data Acquisition

Packets are an essential source of data for network performance management (NPM) tools. They are the foundation of data truth that all network monitoring and security tools rely upon for analytics, forensics, threat detection, and performance monitoring. In order to be able to fully trust the reporting and results of your tools, you have to have full confidence in their data source; the packets.


EMA (Enterprise Management Associates) research has found that enterprises have greater success in applying NPM tools to performance monitoring and cloud application migration assessments when they use packets for those use cases. Packets are an essential component to forensic security analysis and real-time incident detection. In essence, without full and complete packets, it’s very hard to gain a full understanding as to what’s happening in the network. 


The Basics of Packet Acquisition

Once you’ve determined that packets are the source of data you’re looking to get from a network link to send to tools for analysis, your next question to answer is, ‘How am I going to get those packets?’

Well your answer is simple. Either you use Network TAPs or SPAN (mirror) Ports. 

Network TAPs, or test access points, are the most popular approach and best to mirroring traffic and sending it to NPM tools, with 50% of respondents in a recent EMA survey using TAPs as their packet acquisition method. TAPs are purpose-built, hardware devices that are physically connected to a network port via a fiber or copper cable. TAPs can take the workload of mirroring traffic off of your switch or router, alleviating the burden and ensuring performance isn’t degraded.

Download: TAP vs SPAN [Free whitepaper]

Using SPAN ports as your data acquisition method may seem simple at first, since you are configuring ports on a switch or router to act as a Switched Port Analyzer (SPAN). But that one choice can lead to problems later on. Many switches and routers can produce bad data when mirroring traffic from the SPAN port.  This is in addition to dealing with oversubscription and a reduction in overall performance of the switch when traffic levels increase. These problems all occur because the switch was not originally designed for this use. 

Not convinced yet?

Check out these other reasons why you don’t want to rely on SPAN ports:

  • Duplicate data packets can reduce the efficiency of your NPM tools
  • Missing data is not forwarded to NPM tools, which makes real-time monitoring and analysis difficult
  • They can lead to network blind spots depending on how the SPAN ports were initially set up.
  • User error - they require manual configuration, rather than a plug and play design.
  • Legal regulations - Timestamps are modified, leading to data being challenged in court when used for lawful intercept.

If you’re looking for true visibility and accuracy of your data packets, then Network TAPs are the clear choice to use as the foundation of your network visibility strategy. Starting with TAPs instead of SPAN ports ensures that your NPM tools will work efficiently and effectively.

Looking to add a visibility solution to your next deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!

New call-to-action

Written by Ross Green

Ross is the European Sales Director for Garland Technology with over 30 years experience in the networking & security industry. Ross's experience spans computer/network engineering, consultancy, sales and senior EMEA business management roles.



Sign Up for Blog Updates