SHARE
Networking / March 26, 2019

Understanding Network TAPs, Part 3: Eight Best Practices

You are reading the third and final blog post in a series inspired by the recent Gigamon whitepaper, Understanding Network TAPs — The First Step to Visibility.” In Part 2 we learned about the many differences between passive and active TAPs, and in Part 1, the merits of TAPs vs. SPANs.

Today we’ll bring it all together by outlining eight best practices for effectively utilizing TAPs in your infrastructure.

1. Deploy TAPs Everywhere

Many companies have adopted a “TAP-All” best practice, meaning that they add TAPs (or when necessary, SPANs) to all critical links, even if the traffic isn’t currently under continuous monitoring. If a breach occurs or troubleshooting is required, then the TAP is already in place, with no need to create link downtime for installation.

2. Deploy TAPs from the Start

The best time to deploy a TAP is when initially building the network. It’s more expensive to introduce equipment later and installing a TAP later may require network downtime.

3. TAP Where You Can, SPAN Where You Can’t

TAPs are generally preferred over SPANs. It’s best to use TAPs for critical links with medium to high utilization, but SPANs may be necessary in locations not conducive to TAPs, like links with high power-budget limitations or remote sites with low-utilization links.

4. The Use Case Dictates Passive vs. Active

While passive TAPs have historically been preferred due to not needing power, this is changing. Active TAPs can boost signals over long distances, and while they require electricity, many now include failsafe features like battery backup.

5. Understand All the Factors Before Changing Infrastructure

Power budgets dictate proper TAP deployment, as well as appropriate split ratios. Local factors like distance (attenuation), connections, split ratios, splices and dirty environments induce signal power loss. It’s best to know the sensitivity and power ratings of the specific optics in use, but if those aren’t available, you can calculate worst-case numbers as per IEEE specifications.

If the power budget ends up too narrow, an active TAP or SPAN port can help create some slack. Upgrading to cables and optics rated for longer distances can also strengthen signals. Ensuring critical links have extra power margin lowers risk, an expense that can usually be justified.

6. Don’t Skimp on Cabling

Improper cabling is the main source of TAP failure, so when installing always use new cabling and clean all connectors. Don’t mix and match cable types within one link, and check the wiring diagrams to ensure the correct cable is plugged into each port. Never bend cabling beyond specifications. For newer technologies, such as Cisco BiDi deployments, only use TAPs rated for the exact wavelengths in use.

7. Choose Well-Regarded TAPs

Not all TAPs are created equal. Do research to find quality vendors and make sure the TAPs have good warranties. MTBF (mean time between failures) rates are always good to know.

8. Connect TAPs Directly to the Gigamon Visibility Platform

While you can connect a TAP directly to a monitoring tool, it’s far better to connect directly to the Gigamon Visibility Platform. The Visibility Platform is a matrix of nodes deployed throughout the infrastructure to act as a common platform to move packets from any source to the proper monitoring, analysis or security tools. This allows for tool consolidation to optimize your monitoring solutions while extending overall visibility across the network for pervasive security and analysis.

Further, traffic can be replicated, aggregated or filtered as required. Higher-level intelligence such as packet de-duplication, SSL/TLS decryption or header stripping can also be accomplished within the platform, reducing the load on each of the tools while accelerating mean time to resolution when problems emerge. NetFlow generation is also available, making more efficient use of critical switches and routers.

Read the Full Whitepaper for More

This concludes our series. For many more insights and details on TAP characteristics and best practices, check out the full whitepaper, “Understanding Network TAPs — The First Step to Visibility” (PDF). Or visit Gigamon Network TAPs site to learn how Gigamon products leverage TAPs to deliver excellent visibility into network traffic.

Featured Webinars
Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Networking group.

Share your thoughts today

RELATED CONTENT

CALCULATOR
Customers have saved millions in IT costs. How much can you save?
REPORT
Learn how 1,200 of your IT security peers plan to fight cyberattacks
WEBINAR
Zero Trust: What You Need to Know to Secure Your Data and Networks
DEMO
See how to finally achieve visibility to reduce costs and remove complexity

Back to top