Choosing how to get data from your network and into your monitoring & security tools is just as important as the tools themselves. Implementing Network TAPs is one of today’s best methods for creating permanent, in-line monitoring ports for your packet analyzers, intrusion detection systems (IDS), data retention compliance devices, and other analytic network tools like Wireshark and Snort.
In order to accomplish this, Network TAPs are inserted between network devices where they passively copy data continuously 24/7 without compromising network integrity. Network TAPs are available with a variety of features for both copper and fiber networks. In addition, TAPs maintain network connectivity even after a power loss to the TAP (Fail Open).
Network TAPs vs. SPAN Comparison
SPAN (Switched Port Analyzer), also known as Port Mirroring, is a another method of monitoring network traffic. With port mirroring enabled, the switch sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packet can be analyzed.
There are distinct advantages of Network TAPs over SPAN mirroring.
- A TAP captures everything on the wire including MAC and media errors; a SPAN port will drop those packets.
- A TAP is unaffected by bandwidth saturation; a SPAN port cannot handle heavily used full-duplex links without dropping packets.
- A TAP is simple to install whereas a SPAN port requires an engineer to configure the switch(es).
- A TAP is not an addressable network device and therefore cannot be hacked. A SPAN port is vulnerable.
- A TAP doesn’t require a dedicated switch port for monitoring; it frees up the monitoring port for switching traffic.
It’s for these reasons that network architects and administrators choose to implement Network TAPs over port mirroring alone to improve monitoring and security functions. It’s also why TAPs are a proven, critical part of the highest performing and most secure networks today.
Who can benefit from Network TAP implementation?
• Companies who require 24×7 monitoring capability e.g. IDS , VoIP Recording, etc.
• Service organizations who may need to “plug in” to conduct troubleshooting in support of an SLA agreement, avoiding
SPAN or Port Mirror configuration of a switch or router which may be tied to a configuration change policy at the customer site
• Compliance Requirements where all data needs to be captured and analyzed – combination of tapping and SPAN/Port Mirrors
• Companies looking to reduce operational expenses and mitigate risk
Gain the visibility you need to make your network efficient, secure, and compliant. Get a Network TAP today.