Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Network taps enable passive monitoring

By Amy Fisher , Network World , 10/28/2002
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
  • Share/Email
  • Tweet This
  • Comment
  • Print

Network taps are used to create permanent access ports for passive monitoring. A tap, or test access port, can be set up between any two network devices, such as switches, routers and firewalls.

It can function as an access port for any monitoring device used to collect in-line data, including intrusion detection, protocol analysis, denial of service and remote monitoring tools.

A monitoring device connected to a tap receives the same traffic as it would if it were located directly on the wire.

The tap can send traffic data to the monitoring device by splitting or regenerating the network signal. Neither splitting nor regeneration introduce delay, or change the content or structure of information packets.

Network taps modify the strength of the transmitted network signal, so that it can be received by the other network device and the monitoring device attached to the tap.

Taps are called passive devices because they don't act on network traffic. If a tap fails, traffic continues to run, and the network is not affected.

In the case of fiber taps, the key internal components - fiber-optic splitters - do not require power. So they're not vulnerable to a power outage. Two key aspects of fiber taps are split ratio and light source.

The splitter divides the light signal into two streams, and the tap needs to make sure the network signal has enough strength to make it to its destination.

Fiber taps

The split ratio for fiber taps is determined by factors such as the devices' transmitter strength and receiver sensitivity, net losses from cable connections and length.

Because the goal is to maximize the signal retained in the network, the optimal split ratio is the highest. So if 70-to-30, 60-to-40 and 50-to-50 split ratios are viable, then splitters with a 70-to-30 split ratio are optimal.

Splitters also need to support the light source used on the links. For example, Gigabit SX devices transmit data using 850-nm lasers, so Gigabit SX taps should have compatible splitters.

This ensures accuracy in the insertion losses dictated by the chosen split ratio. Performance will not degrade from the laser light intensity, which could occur if splitters supporting lower-intensity LED transmission were used on these links.

Copper taps

Copper taps regenerate the transmitted network signal, instead of splitting it. Regeneration amplifies the signal to a level where it can be received by the other network device and the monitoring device.

Regenerating the electrical signal takes place on a powered board. When power is available to the tap, the electrical signal passes through an open bypass circuit to the area of the board where regenerating and directing the signal takes place. Copper taps are beginning to feature fail-safe reserve power within the tap to maintain this availability.

If power is not available, the bypass circuit closes, so the transmitted signal passes directly to the receiving network device. The bypass circuit requires no external input, so copper taps remain passive.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Partner Content

Blue Stripe Software

www.bluestripe.com/

Improving Application Performance Troubleshooting

Diagnosing why an application is slow is hard, at times taking days or weeks to isolate and resolve. This paper explains the challenges involved using current management tools, provides a 'wish list' for application management and analysis, and explains the need for an application system-wide approach that monitors entire applications, not components.

Download Whitepaper

Virtual Vigilance: Managing Application Performance in Virtual Environments

This paper highlights the impact of virtualization on application performance.  "Managing Application Performance in Virtual Environments" states: "Best-in-Class organizations are predominately taking actions around improving visibility across both physical and virtual systems, assessing the business impact of application performance and understanding interdependencies of applications in virtualized environments."

Download Whitepaper

Application Service Requests: The Missing Link for Pragmatic ITSM

Forrester Research analyst Glenn O'Donnell and BlueStripe co-founder Vic Nyman discuss a breakthrough approach to application problem management. Learn the new approach for ITSM problem management, which provides: Rapid isolation of application slow-downs to specific components for quick problem resolution, 24/7 monitoring for proactive notification of potential issues before end users are impacted and much more.

Register for Webcast

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed