Network Taps: The ABCs of Network Visibility
Originally published by Jeff Harris
It takes 20/20 vision to keep networks up and running. From data packets to devices, you need to be able to see everything on the network clearly. It’s simply what it takes to protect your network, and ensure peak performance. Anything less than 100% visibility can leave you exposed to network failure.
But how can a true view of the network be achieved? Network taps offer a low-cost, complexity-free solution.
What is a Network Tap?
A network tap is a way of monitoring the data flowing across a network.
Picture a network where information flows between devices A and B:
A network tap can be placed between the devices. The tap lets traffic through unhindered – but it also creates a copy of the data that passes through:
When a monitoring device is connected to the tap, it is able to view this duplicated network traffic:
What’s So Great About Network Taps?
With other monitoring methods, network visibility comes at the expense of network performance. Seeing your network clearly can mean sacrificing speed, or interrupting traffic flow.
But network taps give maximum visibility with minimal disruption, and can be much less expensive in the long run than their SPAN port (switch port analyzer) alternatives.
Once taps are in place, it’s easy to connect monitoring devices to the network without impacting performance. Devices that help keep networks safe (e.g. intrusion detection / prevention systems) and smooth running (e.g. protocol analyzers, RMON probes), can be deployed quickly and painlessly.
And network taps "fail open" too. Even if a tap loses power, or stops working, network traffic will continue to pass through it unaffected.
Don’t SPAN Ports do the Job Too?
SPAN ports, also known as port mirroring, is another method of monitoring network data. But SPAN ports aren’t nearly as effective as network taps:
- When SPAN ports reach capacity they stop capturing full data
- SPAN ports can introduce delays to the network
- SPAN ports miss or corrupt data packets, and may not capture errors
- SPAN ports are vulnerable to attack
In contrast:
- Taps receive all network traffic – including errors
- Taps don’t cause network delays
- Taps don’t change the content or structure of network data
- Taps don’t have a network address and cannot be hacked
Watch our Taps vs. SPAN video.
Tap Into Peace of Mind
So taps are mission-critical for network security and performance. And they outperform SPAN ports in a number of ways. But not all network taps are created equal. With Ixia taps, you capture all network traffic without introducing bottlenecks or points of failure. Our copper taps come with back up power sources that kick in if the primary source fails. And our Gig Zero Delay™ Tap is the industry’s only 10/100/1000BaseT Tap with true zero-delay operation – meaning optimum network reliability.
As communications evolve, the need to monitor traffic on networks carrying VoIP, videoconferencing, and security applications is growing. Ixia’s Flex Tap gives total visibility over these kinds of high-performance fiber networks.
Visit our Network Taps page for more information on Ixia’s comprehensive tap portfolio.
Ixia’s entire series of blogs on visibility are available now in the e-book Visibility Architectures: The ABCs of Network Visibility.