What is a Network TAP?

The data center ecosystem includes a myriad of hardware components and firmware/software programs that run behind the scenes. One hardware component that performs consistently with little IT supervision is the network TAP (Test Access Point).

TAPs have become integral to network monitoring architecture by providing an uncensored view of all network traffic. The primary objective of a TAP is to act as a standalone copy-and-deliver mechanism between two network points and provide that data to one appliance—or an array of appliances—to perform specific processes. These destinations are most often surveillance tools that can detect suspicious code or other possible attack vectors within traffic flows.

Passive TAPs

By design, a “passive” TAP runs in the background without disrupting a network’s performance. Network TAPs channel duplicated network information to a designated monitor port and, as a result, are not burdened with analyzing data. Third-party tools—like ExtraHop, NetScout, Riverbed, and others—can then be used to analyze the data. Interestingly, TAPs do not rely on the connected network’s resources to operate. Even if a network functions poorly, TAPs can continue running in the background.

When using fiber-optic cables throughout a network, optical network TAPs capture network traffic under all conditions to simplify network monitoring and security. TAPs often support common optical fiber standards with split ratio options of 50/50, 60/40, and 70/30. As a percentage, the network portion of the stream is represented by the first number, and the TAP is allotted the second number.

In a 70/30 ratio, the TAP siphons off just 30% of the signal strength to send a copy of the traffic stream to monitoring or security tools. Passive fiber 40G and 100G TAPs offer short-range, long-range, and bidirectional models to accommodate requirements for modern, high-density, next-generation data center deployments.

Bypass TAPs

Advanced external bypass switch technologies allow users to extend the lives of 10G and 40G tools with 100G network traffic. A Bypass TAP blade is a failsafe solution that ensures your network remains operational by “bypassing” a point on the network that is offline for any reason. The goal is to reduce security risks and performance issues by maintaining a continuous, unbroken traffic flow, even while a specific inline appliance is offline for troubleshooting, updates, or sandboxing.

In summary, network TAPs allow you to:

• Achieve complete network visibility via duplication of traffic flows.
• Provide tool redundancy by automatically bypassing traffic around offline tools, thus avoiding downtime.
• Extend the life span of 10G tools and older, lower-rate appliances with multiple failover functionality.
• Detect inline appliance failure in milliseconds.
• Load balance to inline tools, mirror ports on the bypass tap blade, or mirror ports on other blades in the chassis.

APCON TAPs: Part of our Network Visibility Solution

APCON's TAP, aggregation, and filtering solutions provide 100% network visibility, collecting and sending data to monitoring, performance, and security tools for faster insights.

Our all-in-one solution combines network visibility technology and third-party solutions for data centers, virtual machines, and cloud networks on one platform. Our technologies are purpose-built to help identify blind spots, bottlenecks, and potential performance issues to help prevent security threats.

If your network monitoring or security infrastructure needs attention, improvement, or a complete overhaul, please review APCON’s spectrum of “set it and forget it” network visibility solutions, as well as our offering of network TAPs. You can also contact an APCON team member for a product demonstration.