Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Network taps enable passive monitoring

By Amy Fisher, Network World
October 28, 2002 12:02 AM ET
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
  • Share/Email
  • Tweet This
  • Comment
  • Print

Network taps are used to create permanent access ports for passive monitoring. A tap, or test access port, can be set up between any two network devices, such as switches, routers and firewalls.

It can function as an access port for any monitoring device used to collect in-line data, including intrusion detection, protocol analysis, denial of service and remote monitoring tools.

A monitoring device connected to a tap receives the same traffic as it would if it were located directly on the wire.

The tap can send traffic data to the monitoring device by splitting or regenerating the network signal. Neither splitting nor regeneration introduce delay, or change the content or structure of information packets.

Network taps modify the strength of the transmitted network signal, so that it can be received by the other network device and the monitoring device attached to the tap.

Taps are called passive devices because they don't act on network traffic. If a tap fails, traffic continues to run, and the network is not affected.

In the case of fiber taps, the key internal components - fiber-optic splitters - do not require power. So they're not vulnerable to a power outage. Two key aspects of fiber taps are split ratio and light source.

The splitter divides the light signal into two streams, and the tap needs to make sure the network signal has enough strength to make it to its destination.

Fiber taps

The split ratio for fiber taps is determined by factors such as the devices' transmitter strength and receiver sensitivity, net losses from cable connections and length.

Because the goal is to maximize the signal retained in the network, the optimal split ratio is the highest. So if 70-to-30, 60-to-40 and 50-to-50 split ratios are viable, then splitters with a 70-to-30 split ratio are optimal.

Splitters also need to support the light source used on the links. For example, Gigabit SX devices transmit data using 850-nm lasers, so Gigabit SX taps should have compatible splitters.

This ensures accuracy in the insertion losses dictated by the chosen split ratio. Performance will not degrade from the laser light intensity, which could occur if splitters supporting lower-intensity LED transmission were used on these links.

Copper taps

Copper taps regenerate the transmitted network signal, instead of splitting it. Regeneration amplifies the signal to a level where it can be received by the other network device and the monitoring device.

Regenerating the electrical signal takes place on a powered board. When power is available to the tap, the electrical signal passes through an open bypass circuit to the area of the board where regenerating and directing the signal takes place. Copper taps are beginning to feature fail-safe reserve power within the tap to maintain this availability.

If power is not available, the bypass circuit closes, so the transmitted signal passes directly to the receiving network device. The bypass circuit requires no external input, so copper taps remain passive.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Partner Content

VOIP OPTIMIZATION

Optimize and assure the delivery of Voice over IP services with a superior packet based management platform that delivers unified views and analysis of voice, video and data traffic.

Download Technical Note

VIRTUALIZATION SIMPLIFIED

Industry analyst Jim Metzler helps identify how to overcome the challenges of managing virtualized server environments in this in-depth whitepaper.

Download the Whitepaper

Managing Modern IP Networks

Industry expert Nate Kalowski discusses the best practice approach of a Performance Assurance Layer (PAL), built in an ITIL framework, as a means to speed problem resolution and enable high quality QoS.

Download the Whitepaper

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed