The term TAP is an abbreviation and stands for Test Access Port. A Network TAP, also known as an Ethernet TAP, provides a passive access point to an optical or copper-based network connection, enabling the data signals transmitted over the cable to be read and evaluated securely and reliably for analysis purposes.
These TAPs are looped into the network line to be monitored and forward all data traffic while maintaining data integrity, without interruption and without packet loss.
Once installed, a TAP can be used to transparently deliver all traffic to various monitoring applications quickly, easily, and without affecting the active network line.
In contrast to data tapping via a SPAN port, you get a much more accurate measurement result when using a TAP and can thus identify network and application errors even faster and more precisely. This saves you valuable time when troubleshooting network errors and problems.
Instead of the time-consuming configuration of SPAN ports, Network TAPs can be installed and commissioned plug-n-play, without any prior technical knowledge, in a very short time. For good reason, Cisco, the world’s leading network equipment manufacturer, therefore deliberately advises against the use of such SPAN ports for network analysis.
Network TAPs have another decisive advantage due to the way they work: they fully route bi-directional data traffic. This means that you receive the send and receive directions of a full duplex line separately and can therefore, for example, analyze a 1G line loss-free even with a maximum load of 2Gbps. As a result, you need two network interfaces on the analyzer to record the network data.
Using this method, the sending and receiving directions can be easily differentiated from one another, which eliminates another source of error. SPAN ports, on the other hand, must aggregate this data in memory before it is passed on to the SPAN port, but this is not one of the primary tasks of a switch and thus has a significant negative impact on the quality of the analysis result.
Furthermore, due to the use of mirror ports, the switch processor is more highly utilized, which can cause data loss on the SPAN port.
What makes our Secure Modular Fiber TAPs so special?
Secure Fiber TAPs have both an additional optical isolator (Data Diode functionality) and an optical filter to ensure that unwanted incoming light signals are blocked at the monitoring port to protect the network from compromise. It thus provides another security layer that offers increased protection against attackers and faulty configurations.
Our optical TAPs do not require power, they are purely passive components and therefore cannot be detected in the network without expensive measuring equipment. Hackers and other attackers thus have no chance, and since the integrity of the outgoing data remains unaltered due to this tapping method, Network TAPs are increasingly used in the areas of network forensics, security and monitoring.
PacketRaven Fiber TAPs are designed for data centres and allow you to fit up to 30 network segments with TAPs using our innovative, modular 1U chassis. They support network speeds from 100Mbps up to 400Gbps. Without risk you get permanent network access and provide your monitoring and security tools with 100% reliable network data without introducing a single point of failure.
This makes our Secure TAPs especially suitable for business-critical applications and high-security areas and CRITIS infrastructures with high requirements for securing sensitive data.
They are 100% compatible with our standard modular TAPs without Data Diode Function and can be installed together in the same chassis. On top of that, they are protocol-agnostic and compatible with all monitoring systems from leading suppliers.
Secure TAPs - because CRITIS should be secure
PacketRaven Network TAPs are therefore already in the standard version among the network components via which an attack vector is excluded.
For high-security areas or critical infrastructures (CRITIS), however, even this is sometimes not enough, which is why NEOX NETWORKS now also offers a specially secured version of its Modular Fiber TAPs.
These Secure Modular TAPs have an optical filter and an optical isolator that add a Data Diode Function to the TAP. These prevent accidental or deliberate injections of unwanted data or light signals into the active network.
Due to a very high insertion loss of up to 35dB on the return channel from the monitoring port into the productive network to be protected, an additional two-tier security layer is activated. The insertion loss of the single-mode models is ~35 dB and for our multimode models ~25 dB.
Data Diode Functionality of the modular NEOXPacketRaven Secure Fiber Network TAPs
In addition, these TAPs are secured against unwanted or unnoticed opening by a security seal.
Use cases for Fiber TAPs with optical isolators
Prevent accidental connection of a passive TAP to an output port of the monitoring tool so that data is injected back into the monitored network.
Avoid misconfiguration of monitoring tools. These can, for example, send data back to the network in the case of legal surveillance measures by an authority,
which may lead to the discovery of the surveillance measure.
Preventing people with access to unsecured parts of a data centre from using conventional Fiber TAPs to cripple the network or inject malicious code.
