Network Access for Tools
Fiber Optic Solutions
Problem: How do I access data for my tools?
Out-of-band monitoring and security tools analyze packet data from the production network to provide insights or alerts for SecOps and NetOps teams to properly respond. What is the best way to access this data for network monitoring?
Solution
There are two basic architectural choices for delivering traffic data to out-of-band tools. Either connecting a tool directly to a mirrored port using the switched-port analyzer (SPAN) or a purpose-built network TAP.
TAPs are considered best practice, as they offer a couple of advantages over SPAN port configurations. As they are more reliable, TAPs don’t impact the performance of the network device, and do not drop packets. Network TAPs can also be combined with NPBs to groom and modify traffic, which in turn reduces the amount of data processing for the out-of-band appliances.
Passive Fiber TAPs support out-of-band “listen-only” monitoring tools, and are simple, reliable and require no power. Passive TAPs are typically 1G to 100G/400G fiber.
Benefits of accessing tools with network TAPs and packet brokers, includes:
• Improved performance of security analytics
• Improved data quality
• Agility to deploy/update new tools quickly
• Reduced administrative overhead
• Improved tool collaboration/data sharing
• Reduced architectural complexity
• Reduced/consolidated hardware costs