|
In this article:
- What is a network tap
- Advantages and disadvantages of network taps
What is a network tap?
A network tap is a hardware device that provides a method to access the data that is being transferred across a computer network. Since computer networks are typically comprised of different devices such as computers, routers and switches and so also the Internet, they make use different types of technologies in order to connect to each other (such as Ethernet, ATM, FDDI etc.). However, there may be situations where it is necessary to monitor the traffic being transferred over the network, often by a third party. If there is a physical route for data to travel between two points, say X and Y, a network tap can be utilized to intercept this traffic and record it for use by a third party for monitoring purposes. Thus, the data travels from point X to the network tap and then to point Y.
Network taps often act as a network intrusion detection system or network probes or even as packet sniffers. They are also used by security software as they do not obstruct any traffic flow while monitoring and still remain undetectable at the same time. The traffic that hence goes via the network tap is called pass-through traffic or monitored traffic.
Advantages of Network Taps
Network taps have some important advantages that are discussed below:
- Since the modern networking technologies are switched, that is, they feature point-to-point links alone, a traditional monitoring device that is inserted in between will not be able to monitor the traffic of other links except its own. This is where a network tap can prove to be useful as it helps monitor the data being transferred on all the point-to-point links in a particular range.
- Network taps are capable of monitoring two-way traffic at the same time. This is important as network traffic today is largely full-duplex which means that data can travel in both the directions at a time. Network taps for such networks have two ports that help it to ‘listen’ or monitor the traffic from both the directions.
- A network tap does not interfere with the traffic over the network that it monitors.
- Certain types of network taps are capable of working at the physical layer of the OSI reference model (instead of the conventional data link layer). This enables them to work easily with all the data link technologies that use the physical layer to communicate. This includes ATM and some special types of Ethernet technologies. An example of such taps is optical splitters or passive taps.
- Certain network taps perform the dual function of monitoring network traffic and also, providing SNMP services. This way, the bandwidth usage statistics that are collected by the taps can easily be sent elsewhere with the help of the available SNMP capability of the tap.
- Some network taps make use of inline power. This means that they do not need to be powered from an external source. The power that they use for the pass-through traffic is obtained through the network itself.
- Network taps are also capable of emulating low-level network errors which can help diagnose them more easily.
Disadvantages of Network Taps
Though network taps are very useful, they suffer from some limitations:
- Network taps require spending more money on the additional hardware they need in order to operate.
- Since full-duplex traffic is difficult to monitor using conventional techniques, a method called channel bonding may have to be used by network taps to enable them to handle such traffic.
- A network may come to a standstill when a network tap is being installed.
- Network taps are not very efficient when it comes to monitoring large networks.
|
