Mark the page
Contact form
If you are interested in our offer, use the form and ask a question to our specialist.

TAPs - Where to put them?

TAPs - where to put in the IT network

TAPs are an essential component of network monitoring systems and IT security (visibility platforms), the typical architecture of which is schematically shown in the figure below.

Their task is to deliver copies of network traffic from selected network segments without interfering with its structure to Network Packet Broker - NPB devices

Where to put TAPs online

Before the data flows from our Internet Service Provider (ISP) to the customer's computers, it passes through a series of "stops", where each changes a little bit the content, structure and information contained in it. Simplifying this scheme, we can separate 6 main groups of points that we find in almost every network. These are:

  1. Cloud - the beginning of the journey of our data, most often it is the ISP's server.
  2. Router - A device that allows you to connect your internal network to an external network.
  3. Firewall - A firewall, or our protection against outside attacks.
  4. Distribution Switch - Switches that distribute from the router and firewall to the access switches.
  5. Access switches - Switches to which end customers are connected, usually much less powerful than distribution switches.
  6. End-customer computers.

Knowing where you are plugging into the network is crucial for the reason that completely different information will be gained by plugging into the connection between the end client and the access switch, and different between the router and the firewall.

Note that the best time to implement TAPs is when the infrastructure is being built, since connecting a new device always involves the need to disable the connection.

The differences between the information we obtain from TAPs connected to different places in the IT network are shown in the graphic below.

In one of our previous texts, which you can find a link to HERE, we described what types of TAPs there are, but in this case we are interested in two main types of these devices: Breakout TAP and Bypass TAP.

Due to the nature of Network Security and Visibility devices, different types of TAPs are used.

For example, when using the Firewall, we will use a Bypass TAP, as in the image below. This will provide the Firewall with all two-way network traffic, and at the same time minimize the risk of so-called downtime, i.e. downtime in our network caused by failures.

When for devices such as application performance analyzers or protocol analyzers, a simple breakout TAP is sufficient.

Stovaris has a wide range of TAPs and Network Visibility devices, including market leaders such as Cubro and Profitap.

Fiber optic TAPs and copper TAPs are available.

More about TAPs
Ask a Stovaris specialist
Back to all solutions