Network TAPs

Providing 100% visibility, in real time, all the time

Contact Us

Network Test Access Point (TAP)

Guaranteed 100% data capture

Test Access Points (TAPs) are a simple concept. A TAP is a hardware device that allows network traffic to flow from ports A to B, and B to A without interruption, and creates an exact copy of both sides of the traffic flow, continuously, 24/7 without compromising network integrity. The duplicate copy can be used for monitoring, security or analysis.

Network TAPs

Network visibility is more critical than ever. Networks are getting more complex with higher speeds carrying an increasingly unprecedented amount of data, in addition to the increased threat of sophisticated cyber security risks. With the growing number of analysis and security tools needed to process this data, a granular visibility approach into the actual packets running on the wire is a must.

Let’s go over the basics and industry best practices.

How do Network TAPs work?

Instead of a router and switch connected directly to each other, a TAP is placed in between them connecting both devices.

As we mentioned, TAPs provide complete unfiltered access to bi-directional traffic streams. The data is transmitted between the two network devices (ie. routers and switches) in both directions, east and west traffic. TAPs copy the transmit signals from each device and sends them to separate monitoring ports. This ensures every packet is copied and eliminates any chance of oversubscription.

East-West Traffic

Figure 1. East / West traffic flow.

TAP Breakout mode

Figure 2. East / West traffic flow with tap in TAP "Breakout" mode.


Different Types of TAPs

Network TAPs come in variety of different functions and features. Each type of network TAP operates differently based on the requirements it needs to perform.

  • Passive TAPs: Support out-of-band “listen-only” devices used for monitoring tools, and are simple, reliable and require no power.
  • Active TAPs: Support inline devices used for security applications and should include bypass or failsafe technology.
  • TAPs are available in various media types: copper or fiber (LC, MTP/MPO, BiDi), and can perform Media Conversion.
  • TAPs are available in various speeds: from 10/100/1000M all the way to 100G.
  • TAPs form factors including: portable, 1U and 2U chassis.


Even Cisco agrees, if you're still using SPAN / Mirror ports you do not have 100% network access or visibility.

"The switch treats SPAN data with a lower priority than to-port data...the best strategy is to make decisions based on the traffic levels of the configuration and when in doubt to use the SPAN port only for relatively low throughput situations." -Cisco

TAP Modes

Breakout Mode
Tap "Breakout" Mode
Aggregation Mode
Aggregation Mode
Bypass Mode
Regeneration/SPAN Mode
Regeneration/SPAN Mode
Filter + Aggregation

TAP Modes Overview

Network TAPs can perform multiple functions and modes within the same device, including:

  • Tap 'Breakout': Sends each side of traffic to separate monitoring ports. Ensuring that no packet is lost to high-priority monitoring tools.
  • Aggregation: Merge traffic streams into one monitoring port to reduce appliance costs, often used in combination with filtering taps, ie: filter, aggregate data streams. 
  • Bypass: Prevent inline devices from causing network downtime by “bypassing” that device, in the event it fails or needs to be updated.
  • Regeneration/SPAN: Create multiple copies of network data to support multiple devices from a single connectivity point.
  • Filtering: Allow you to set rules on what data is filtered and sent to monitoring or security tools. Filtering prevents ports from becoming oversubscribed.

Network TAPs 101

The Networking User Guide

Providing unfettered access to all of the bits, bytes and packets flowing through a network is a critical piece of network design. Without it, security appliances, monitoring devices and analytical solutions cannot function optimally – a critical issue in a world where downtime or a security breach could cost millions. Want to dig deeper on the basics? Start here.

Learn More

Network TAPs 101

Industry Best Practice

  • Creating a foundation of visibility is key for network management. Once deployed, a TAP allows you to access that point in your network at any time. Many organizations have adopted the stance of tapping all critical links for easy access during troubleshooting or security breaches now or in the future.
  • The two most common ways to access and replicate data within your network are TAP and SPAN technology. A Test Access Point (TAP) is a hardware device that copies all of your network data. SPAN or Switch Port Analyzer are mirroring ports within a switch that copies specific data. Read more about TAP vs SPAN here.
  • The recommended deployment of Network TAPs are during the infrastructure build-out or scheduled around maintenance windows.
  • Do a little research, as not all TAPs are equal. Before making a decision on which TAP to go with, look into the quality, testing, where they are manufactured, hardware warranties, optical transceivers, Mean Time Between Failure (MTBF) rates and first time pass rate (FTPR).
  • A common TAP misconception is that it’s an unnecessary point of failure. Most TAP failures can be traced to improper cabling, unclean connectors or user error. With a zero failure rate, Garland Technology tests and verifies all TAPs with live network data ensuring your network has full access and visibility.
  • Some Active TAPs offer battery backup to extend usage during power failures. We do not recommend this due to the dangers associated with having lithium ion batteries in your network. Most high quality TAPs have power failsafe and do not need any power source, or they have a backup AC source.

Network TAP Form Factors

Portable TAP
Modular TAP - 2U Chassis
High Density - Chassis System
Portable TAP
Modular TAP - 1U/2U Chassis
High Density - Chassis System

TAP into Technology | The 101 Series

Leading the way in Network Technology
The 101 Series: Filtering TAPs

The 101 Series: Filtering TAPs

In our 101 network TAP series, we have explained the functionality of the various network TAPs that are available to gain access to the traffic that is typically found in a network. We have reviewed

The 101 Series: Passive Network TAPs

The 101 Series: Passive Network TAPs

Companies that are using network monitoring tools – be they for analyzing security threats, packet flow or Key Performance Indicators (KPIs) – all have one thing in common. They need to ensure that

The 101 Series: Active Network TAPs—Where, When and How

The 101 Series: Active Network TAPs—Where, When and How

Because network connectivity is critical to any security or network monitoring project, people are always asking us which network TAP is right for them.  In a recent post, we discussed the ins and