Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

TAP vs SPAN

Industry Best Practices on Network Access and Visibility

Contact Us

Network Test Access Point (TAP) and Port Mirroring (SPAN)

What's the difference between TAPs and SPAN?

Network test access points (TAP) and port mirroring (SPAN) are the two most common access methods of packet capture for the use of analysis in data monitoring. Is there a difference? Yes, there are significant differences which affect the integrity of the traffic that is being analyzed, as well as the performance of the network traffic. This page discusses the differences in regards to monitoring the network.

"SPANs can add overhead on a network device, and that SPAN port will often drop mirrored packets if the device gets too busy. Therefore, TAPs are a better option.” -EMA [Enterprise Management Associates]

Network TAP [Test Access Point]

Network TAPs are a purpose-built hardware device that allows you to access and monitor your network traffic. TAPs transmit both the send and receive data streams simultaneously on separate dedicated channels, ensuring all data arrives at the monitoring or security device in real time.

Network TAPs:

TAP-v-SPAN-Diagram-TAP
  • Make a 100% full duplex copy of network traffic without altering the data.

  •  Designed to support 10M/100M/1G/10G/40G/100G/400G.

  • Are scalable and can either provide a single copy, multiple copies (regeneration), or consolidate traffic (aggregation) to maximize the production of your monitoring tools.

  • Court approved. A TAP provides forensically sound data/evidence that data captured is 100% accurate with time reference.

  • Do not alter the time relationships of frames. Spacing and response times are especially important with VoIP and Triple Play analysis including FDX analysis.

  • Fiber TAPS are 100% passive and have no power.

  • Have no IP address, no MAC address and cannot be hacked.

 


 

SPAN [Switch Port Analyzer]

Port Mirroring also known as SPAN (Switch Port Analyzer), sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packets can be analyzed.

SPAN Ports:

SPAN
  • Provide access to packets for monitoring.

  • Designed for spot checking only low-throughput.
  • SPAN sessions do not interfere with the normal operation of the switch.

  • Low priority - switch will drop SPAN packets if heavily utilized or oversubscribed.

  • Can duplicate packets if multiple VLANs are used.

  • Using SPAN/Mirror ports can change the timing of the frame interactions, altering response times.

What does Cisco say about data capture and SPAN ports?
"The switch treats SPAN data with a lower priority than to-port data...the best strategy is to make decisions based on the traffic levels of the configuration and when in doubt to use the SPAN port only for relatively low-throughput situations." - Cisco

Garland Tech Network TAP

Access Best Practices

Ready to solve a problem? Let's explore TAP vs SPAN Scenarios:

Creating a foundation of visibility is key for network management. Once deployed, network TAPs allow you to access that point in your network at any time. Many organizations have adopted the stance of tapping all critical links for easy access during troubleshooting or inevitable security breaches.

Spanning (mirroring) technology is still viable for some limited situations but as one migrates from 10Mb to Gigabit to 40 Gigabit networks, and with the demands of seeing all frames for data security and policy compliance, deep packet capture, and Lawful Intercept, one must use purpose-built TAP technology to fulfill the demands of today’s complex analysis and monitoring technologies.

Best Practices to Improve Your Network Visibility

Looking for ways to reduce network complexity and improve effectiveness of your tool performance?

This whitepaper is an in-depth look into network visualization access, and what visibility security, monitoring, management, compliance, capture and auditing of our today’s networks require..

Learn More

 

TAP vs SPAN

TAP Toons

Putting them to the test

TAP into Technology | TAP vs SPAN

Leading the way in Network Technology
7 Common Visibility Challenges in Industrial Environments

7 Common Visibility Challenges in Industrial Environments

The convergence of Operational Technology (OT) with Information Technology (IT), has exposed many challenges for the industrial space, including increased vulnerability to cyber attacks and network

What is Network Visibility and How to Guarantee 100% Data Capture

What is Network Visibility and How to Guarantee 100% Data Capture

Network visibility has never been more important to the success of a business, regardless of industry. Addressing increasingly demanding business requirements has led to highly complex IT

Making a Case for Network TAPs to Provide Digital Legal Evidence

Making a Case for Network TAPs to Provide Digital Legal Evidence

Sometimes we come across interesting requests from customers that are outside the normal security and monitoring applications within data centers or branch office locations. Recently, a law