Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Providing 100% visibility, in real-time, all the time

Network TAPs

Network Test Access Point (TAP)

Guarantee 100% data capture in real time, all the time

Test Access Points (TAPs) are a simple, yet important concept. A network TAP is a purpose-built hardware device that allows you to access and monitor your network traffic by copying packets without impacting or compromising network integrity. The TAP allows network traffic to flow between its network ports without interruption, creating an exact copy of both sides of the traffic flow, continuously, 24/7, 365. The duplicate copies are then used for monitoring and security analysis.

TAP to tools high level

Network visibility is more critical than ever. Networks are getting more complex with higher speeds carrying an increasingly unprecedented amount of data, in addition to the ever evolving threat of sophisticated cyber security risks. With the growing number of analysis and security tools needed to process this data, a granular visibility approach into the packet data running on the wire is a must.

“EMA recommends that enterprises use TAPs as much as possible in the access layer to avoid network performance impacts and assure packet fidelity.”
-EMA [Enterprise Management Associates]

How do network TAPs work?

Instead of two network segments, say a router and switch, connected directly to each other, a network TAP is placed in between them, connecting both devices.

The data is still transmitted between the two network devices (e.g. routers and switches) in both directions, east and west traffic. TAPs then copy the transmit signals from each device and sends them to separate monitoring ports. This ensures every packet is copied and eliminates any chance of oversubscription, without additional impact or burden to the network.

RouterSwitch Traffic

Figure 2. East/West traffic flow

network tap traffic flow

Figure 2. East/West traffic flow with network TAP

Different Types of TAPs

Network TAPs are purpose-built for a variety of different environments and specifications, as they accommodate different requirements needed to perform - all providing the same full duplex visibility.

Passive TAPs support out-of-band “listen-only” monitoring tools, and are simple, reliable and require no power. Passive TAPs are typically 1G to 100G fiber or 100M copper.

Active TAPs support additional functionality like aggregation and regeneration as well as advanced functions like filtering and bypass. Active TAPs include failsafe technology to protect against device or power failure.

Cloud TAPs or virtual TAPs, support virtualized environments, mirroring traffic out of containers, VMs, and Kubernete workloads to your trusted monitoring tools. Some traffic mirror cloud TAPs include TLS decryption, advanced filtering and processing, and replicate [1:N] to multiple destinations.

For each of these different types:
TAPs are available in various media types, including copper or fiber (LC, MTP/MPO, BiDi), SFP, SFP+ and can perform Media Conversion.
TAPs are available in various speeds from 10/100/1000M all the way to 100G.
TAPs form factors including pocket-size portable, rack mount portable, 1U and 2U modular and high density chassis.

TAP Modes

Network TAP Breakout

TAP 'Breakout' mode

TAP Aggregation Mode

Aggregation mode

Bypass Mode

Bypass mode

Regeneration SPAN mode

Regeneration mode

Portable-Filter+Aggregation2

Filter mode

Not all TAPs are created equal Some Network TAPs can perform multiple functions and modes within the same device, which allows you the flexibility to optimize your tools and network. These functions reflected in the above diagrams include:

TAP 'Breakout' (often referred to as just TAP or TAP mode) is the most common function TAPs provide. 'Breakout' sends each side of traffic to separate monitoring ports. Ensuring that no packet is lost to high-priority monitoring tools.

Aggregation merges both sides of the traffic streams into one monitoring port to reduce appliance costs or consolidate packet broker ports, often used in combination with filtering TAPs, (e.g. filter and aggregate data streams). 

Bypass manages the availability of inline tools, preventing a single point of failure in the network by “bypassing” the device in the event it fails or needs to be updated. Reducing network downtime. Bypass is unique to the other TAP modes, as it is an inline use case not out-of-band.

Regeneration/SPAN creates multiple copies of network data to support multiple devices from a single tapped link. This allows you to send the same data to multiple destinations.

Filtering, usually associated with network packet brokers, allows you filter specific data streams you want tapped and monitored. Filtering also prevents ports from becoming oversubscribed during aggregation. Another feature to help optimize the function of your tools and network.

Network TAPs

Why use a Network TAP?

Network TAPs solve many issues. Let's explore network TAP use cases to see why:

Creating a foundation of visibility is key for network management. Once deployed, network TAPs allow you to access that point in your network at any time. Many organizations have adopted the stance of tapping all critical links for easy access during troubleshooting or inevitable security breaches.

Industry Best Practice

"SPANs can add overhead on a network device, and that SPAN port will often drop mirrored packets if the device gets too busy. Therefore, TAPs are a better option.”
-EMA [Enterprise Management Associates]
The two most common ways to access and replicate data within your network are 1. network TAP and 2. SPAN technology. A Test Access Point (TAP) is a hardware device that copies all of your network data. SPAN or Switch Port Analyzer are mirroring ports within a switch that copies specific data. Read more about TAP vs SPAN here.
The recommended deployment of Network TAPs are during the infrastructure build-out or scheduled around maintenance windows.
Do a little research, as not all TAPs are equal. Before making a decision on which TAP to go with, look into the quality, testing, where they are manufactured, hardware warranties, optical transceivers, Mean Time Between Failure (MTBF) rates and first time pass rate (FTPR).

A common TAP misconception is that it’s an unnecessary single point of failure (SPOF). Most TAP failures can be traced to improper cabling, unclean connectors or user error. With a zero failure rate in the field, Garland Technology tests and verifies all TAPs with live network data ensuring your network has full access and visibility.

• Some Active TAPs offer battery backup to extend usage during power failures. We do not recommend this due to the dangers associated with having lithium ion batteries in your network. Most high quality TAPs have power failsafe, do not need any power source, or they have a backup AC source.
Healthcare

Case Study

Healthcare IT Security 
How to Gain Full Visibility During an Instant Response Data Breach

Learn More
Phishing

Case Study

Preventing Phishing Attacks
You Can't Secure What You Cannot See

Learn More
Military

Case Study

Full Packet Capture
Custom Solutions for Extreme Environment Data Capture

Learn More

Network TAPs Resources

WP-eBook-NetworkTAPs101-2017Cover1

Network TAPs 101

This eBook provides fundamental information on network connectivity for a variety of monitoring, security and analytical deployment scenarios.

Download Now

GTWP-TAPvSPAN18

TAP vs SPAN

An in-depth look into network visualization access, and what security, monitoring, management, compliance, and capture today’s networks require.

Download Now

TAP into Technology

Leading the way in Network Technology

The 101 Series: Out-of-Band vs Inline Network Security

| July 23, 2020

Designing a modern cybersecurity strategy is no easy feat, as it must protect all components of a complex network, while having a limited effect on..

Read More

The 101 Series: Quick Connect Tips for Inline Security Appliances

| April 11, 2019

You just bought a brand new inline security appliance—a next-gen firewall, intrusion prevention system (IPS), data leakage prevention (DLP) system or..

Read More

The 101 Series: Breakout Network TAPs

| October 11, 2018

I recently wrote a blog about the six different types of network TAPs with a brief overview of each TAPs functionality. In this blog, I’m going to..

Read More