What are Network TAPs?

What are Network TAPs?

When you think of a network TAP, what comes to mind? A faucet in a hand basin for
getting water? A military bugle call?

At Network Critical, we define a network TAP as a Test Access Point, or a hardware device
inserted at a specific point in the network where data can be accessed for testing
purposes. This is mainly used to monitor the network traffic between two points in the
network infrastructure.

A network TAP typically consists of four ports: an A port, a B port and two monitoring
ports. The A and B ports collect traffic from the network and the monitoring ports provide
a copy of this traffic to an attached monitoring device.

Typically, a network TAP is placed between two points in the network. The network cable
between points A and B is replaced with a pair of cables, which are then connected to the
TAP. Traffic is passively routed through the TAP, without the network’s knowledge. This
allows the TAP to make a copy of the traffic, which is sent out of the monitoring port to be
used by another tool without changing the network traffic flow.

Why do I need a Network TAP?

There are many different methods for gaining access to your network. Some of the
traditional methods used for gaining access to network traffic include using a SPAN port on
your switch or connecting a monitoring device in-line on the network. There are challenges
with both of these scenarios.

Using a SPAN port can often be the cheapest solution, but using this method has many
hazards. Often, when SPAN ports are over-subscribed, packets are dropped before data
reaches the monitoring tool. There is also the risk of the losing some of the error packets
that may be causing problems. If this data is never sent to the monitoring tool because it
is being dropped, it is impossible to troubleshoot, no matter how advanced a tool you may
be using.

There are different problems when a tool is installed in-line. Especially when dealing with a
critical network, it is essential that the network is available at all times because down time
can be very costly. When a device is installed in-line, the network must be brought down
every time updates are required or the tool needs to be re-booted. Similarly, if the
monitoring tool fails, the network will go down as well.

All of these problems can be solved by using a TAP. When using a TAP, you will be
guaranteed that every packet is being sent from the network to the monitoring tool.
Because these devices are never over-subscribed, they always pass every packet, even
essential error packets that a SPAN port may drop. When a V-Line TAP is installed in-line
instead of the monitoring device, you can avoid problems associated with bringing down
the network.

Types of Network TAPs

There are several types of TAPs to choose from in order to achieve different functionality
according to the structure and needs of your network.
Breakout TAPs

Breakout TAPs are the simplest form of TAP. A Breakout TAP consists of four ports: two
input ports and two output ports. The two input ports each collect traffic from the network;
one collecting traffic traveling from point A to point B on the network, the other collecting
traffic from point B to point A on the network. The Breakout TAP then sends a copy of this
traffic out of the monitoring ports - the A to B traffic is passed out of one port and the B to
A traffic out the other port. Both of these monitoring ports are then connected to
some form of monitoring device. This allows a copy of the traffic from a single network
segment to be monitored and/or analyzed without disturbing the network.

Aggregating and/or Regenerating TAPs

Aggregating TAPs allow you to take the network traffic from multiple network segments
and aggregate all of the information to a single monitoring port. This will allow you to use
just one monitoring tool to see all of your network traffic.

Regeneration TAPs will permit you to take traffic from one network segment and send it to
multiple monitoring tools. This allows you to send a single traffic stream to a range of
different monitoring tools, each serving a different purpose, whilst taking traffic from the
network only once.

V-Line (Inline or Bypass) TAPs

V-Line TAPs (also known as Inline or Bypass TAPs) allow you to place a network tool
"Virtually Inline". These TAPs are used where monitoring devices need to be placed in-line
on the network to be effective, but when putting these devices inline will compromise the
integrity of a critical network. By placing a V-Line TAP in its place and connecting the
monitoring tool to the V-Line TAP, you can guarantee that the network will continue to flow
and the device will not create a failure point in the network.

Solution Finder

Are you having trouble accessing the data in your network? Network Critical can provide
you with EXACTLY the right Access Technology Solution to fit into your network
infrastructure.

What network tools are you currently using or are looking to use in the future?

• Network Analyzers

Network analyzers (also known as sniffers) are hardware or software applications

that can intercept, inspect and collect data traffic passing along a network for
further analysis. These types of devices are used to analyze network problems,
detect intrusion attempts, monitor network usage, gather and report network
statistics and many other applications.

• Intrusion Detection Systems/Intrusion Prevention Systems

An intrusion detection system is a tool that detects unwanted attempts at

accessing, manipulating or disabling a computer system through the network
infrastructure. In addition, Intrusion Prevention Systems allow for the device to
 send packets back to the live network in an attempt to stop threats on the
network.

• Bandwidth Management

Bandwidth management is the process of measuring and controlling traffic

traveling across a network link in order to avoid filling the link to over-capacity,
which typically results in problems such as network congestion, slow response time
and overall poor network performance.

• Computer Forensics / Data Capture

Computer forensics is a branch of forensic science pertaining to legal evidence

found on computers and computer networks. Computer forensics are used in many
applications, such as analyzing computer systems belonging to a defendant in a
legal case, to recover data after a hardware or software failure or to analyze a
computer system after a break-in to determine how the attack occurred.

• Content Filtering

Content filtering is the process where content is allowed or blocked based on the
analysis of the content, rather than the source or other criteria. This is particularly
popular for filtering email and internet access.

• Data Leakage Prevention

Data leakage protection refers to tools designed to detect and prevent the
unauthorized transmission of data to outside sources. These tools are used by
organizations that process highly classified or sensitive information, such as
government agencies or banking and insurance companies.

• Lawful Interception

Lawful interception is the official legal access to private communications, such as

email messages or telephone calls. It is a security process which allows companies
to make their communications available to law enforcement officials when
requested. Countries are inacting laws to regulate lawful interception procedures.
Breakout Network TAPs

Breakout network TAPs provide a safe and simple way to access live network traffic and
provide copies to separate monitoring ports. In a full-duplex network link, a Breakout
network TAP will passively copy the live traffic, separate it into RX and TX streams, and
send a copy to two monitoring ports, one for each direction of traffic. This ensures a
complete copy of network traffic for your monitoring tools without the risk of packet loss.

The integrity of your live network is paramount. That’s why Network Critical Breakout TAPs
feature fail-safe technologies to preserve the flow of live traffic. LinkLock is featured on all
10/100 Copper TAPs and all Fiber Optic TAPs in our Breakout TAP range. LinkLock ensures
that the live network link will never fail, even if the TAP suffers a power outage.

Breakout TAPs are available in a full range of network media and port densities to suit your
deployment requirements. From portable units for strategic deployment into a single
network to high density units for infrastructure deployment in the wiring cabinet, Network
Critical has a solution that will fit seamlessly into your data center.

Aggregation/ Regeneration Ethernet TAPs

Aggregation and Regeneration Ethernet TAPs provide a safe and simple way to collect live
network traffic from several parts of the network and aggregate it all to a single
monitoring port or take traffic and regenerate it to multiple tools. These tools will help
direct traffic whether your network has a one-to-many, many-to-one or many-to-many
configuration.

The integrity of your live network is paramount. That’s why Network Critical Breakout
Network TAPs feature fail-safe technologies to preserve the flow of live traffic. LinkLock is
featured on all 10/100 Copper TAPs and all Fiber Optic TAPs in our Aggregation and
Regeneration Ethernet TAP range. LinkLock ensures that the live network link will never
fail, even if the TAP suffers a power outage.

Aggregation Ethernet TAPs are available in a full range of network media and densities to
suit your deployment requirement. There are portable portable units for strategic
deployment into a single network or high density units for integration into your network
infrastructure.

V-Line (Bypass) TAPs

Network Critical’s V-Line TAPs provide a safe and easy way for you to deploy your
monitoring tools Virtually Inline. When the risks of deploying a device in-line outweigh the
benefits, this product will give you back the functionality you need. By installing a Network
Critical V-Line TAP inline on your network, you do not risk your critical network going
down. If you employ the Link-Failure Propagation feature, the device will monitor your
links. If a connected device fails, the TAP will immediate drop the other live network port
and the network will not go down.
Our V-Line TAPs also give you the ability to pass packets back onto the live network. When
packet injection mode is on, the monitoring port becomes bi-directional. This allows the
connected network tool to inject packets back out to the live network transparently. The
received packets are then given high priority and are seamlessly switch with the live
network traffic.

V-Line TAPs are available in a full range of network media and port densities to suit your
deployment requirements. From portable units for strategic deployment into a single
network to high density units for infrastructure deployment in the wiring cabinet, Network
Critical has a solution that will fit seamlessly into your data center.