<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
Skip to content

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Industry Best Practices on Network Access and Visibility

TAP vs SPAN

What's the difference between a TAP and SPAN?

Network TAP (test access point) and SPAN (port mirroring) are the two most common methods for network traffic access used for data monitoring and security analysis. Is there a difference? Yes, there are significant differences which affect the integrity of the traffic that is being analyzed, as well as the performance of network tools. This page discusses the differences in both options in regards to monitoring the network.

"SPANs can add overhead on a network device, and that SPAN port will often drop mirrored packets if the device gets too busy. Therefore, TAPs are a better option.” -EMA [Enterprise Management Associates]

 

Network TAP [Test Access Point]

Network TAPs are a purpose-built hardware device that sits in a network segment, between two appliances (router, switch or firewall), and allows you to access and monitor the network traffic. TAPs transmit both the send and receive data streams simultaneously on separate dedicated channels, ensuring all data arrives at the monitoring or security device in real time.

TAP-v-SPAN-Diagram-TAP

Network TAPs:

Make a 100% full duplex copy of network traffic without altering the data.

Designed to support 10M/100M/1G/10G/40G/100G/400G.

Are scalable and can either provide a single copy, multiple copies (regeneration), or consolidate traffic (aggregation) to maximize the production of your monitoring tools.

• Court approved. A TAP provides forensically sound data/evidence that data captured is 100% accurate with time reference.

Do not alter the time relationships of frames. Spacing and response times are especially important with VoIP and Triple Play analysis including FDX analysis.

Fiber TAPS are 100% passive and have no power.

Have no IP address, no MAC address and cannot be hacked.

SPAN [Switch Port Analyzer]

Port Mirroring also known as SPAN (Switch Port Analyzer), are designated ports on a network appliance (switch), that are programmed to send a copy of network packets seen on one port (or an entire VLAN) to another port, where the packets can be analyzed.

TAP-v-SPAN-Diagram-SPAN

SPAN Ports:

Provide access to packets for monitoring.

•  Designed for low-throughput spot checking.

•  SPAN sessions do not interfere with the normal operation of the switch.

•  Low priority processing -- the switch will drop SPAN packets if heavily utilized or oversubscribed.

•  Can duplicate packets if multiple VLANs are used.

•  Using SPAN/Mirror ports can change the timing of the frame interactions, altering response times.

"The switch treats SPAN data with a lower priority than to-port data...the best strategy is to make decisions based on the traffic levels of the configuration and when in doubt to use the SPAN port only for relatively low-throughput situations."

Even Cisco agrees, if you're still using SPAN / Mirror ports you do not have 100% network access or visibility.
Cisco

network TAPs

Network Access Best Practices

TAP vs SPAN is the question. Let's explore network TAP and SPAN use cases:

Creating a foundation of visibility is key for network management. Spanning (mirroring) technology is still viable for some limited situations but as one migrates from 10Mb to Gigabit to 40 Gigabit networks, and with the demands of seeing all frames for data security and policy compliance, deep packet capture, and Lawful Intercept, one must use purpose-built TAP technology to fulfill the demands of today’s complex analysis and monitoring technologies.

960x540-HeroFeature-healthcare1

Case Study

Healthcare IT Security
How to Gain Full Visibility During an Instant Response Data Breach

Learn More
960x540-HeroFeature-FCSPhishing

Case Study

Preventing Phishing Attacks
How to Identify and Prevent Phishing Attacks

Learn More
960x540-HeroFeature-military

Case Study

Federal Full Packet Capture
Custom Solutions for Mission Critical Data

Learn More

TAP vs SPAN Resources

TAP vsS PAN

TAP vs SPAN

An in-depth look into network visualization access, differences between TAP and SPAN, and what security, monitoring, management, compliance, and capture today’s networks require.

Download Now

Best Practices For Visibility Fabric

Visibility Fabric Best Practices

This white paper provides a step-by-step guide to planning and implementing a network visibility fabric of TAPs and network packet brokers.

Download Now

Putting TAP vs SPAN to the Test

TAP into Technology

Leading the way in Network Technology

OT Network Solution

Combining the Power of the Purdue Model with Network TAPs

| January 19, 2023

Years back, companies within our critical infrastructure sectors realized that if they wanted to improve their strategic planning and scale their..

Read More

5 reasons to TAP your network Garland Technology network monitoring

5 Reasons to TAP your Network

| October 12, 2022

Why do I need TAPs? That’s a question I hear a lot from people in the field. Either they aren’t familiar with TAPs, or even if they are, with a low..

Read More

3 benefits of network tap in ot networks

3 Benefits of a TAP Fabric in OT Networks

| May 19, 2022

Every week, I hear from industrial companies about their cybersecurity tools needing access to the data flowing through their OT networks. In a..

Read More