For network professionals, Ethernet switches have already been used very commonly in network design. In order to ensure network security and monitor the performance of the standard Ethernet switches, network test access port (TAPs) have emerged as one of the primary sources for data monitoring or network traffic monitoring. What is network TAP or TAP aggregation switch, and how to deploy it for network traffic monitoring? This post will give you an answer.
What Is TAP Aggregation Switch or Network TAP?
A network tap is a hardware device which provides an approach to access the data flowing across a network. It functions by flow copy or aggregation, thus it’s also called TAP aggregation switch. TAP aggregation switch works by designating a device to allow the aggregation of multiple TAPs and to connect to multiple monitoring systems. In this process, all the monitoring devices are linked to specific points in the network fabric that handle the packets that need to be observed. In most cases, a third party TAP aggregation switch monitors the traffic between two points in the network. If the network between point A and B consists of a physical cable, a network TAP or TAP aggregation switch might be the best way to accomplish this monitoring. TAP aggregation switch deployed between point A and B passes all traffic through unimpeded, but it also copies that same data to its monitor port, which could enable a third party to listen.
Deployment Scenario of TAP Aggregation Switch
TAP aggregation switches or network TAPs can be extremely useful in monitoring traffic because they provide direct in-line access to data that flows through the network. The following part illustrates the typical applications of TAP aggregation switches in the data center and carrier network.
- Application in Data Center
As shown in the figure below, the user can enable the timestamp and source port label function of TAP devices. The server cluster can access the exact packet process time in each data center layer via source port and timestamp message carried by the packets. From port1, port2, port3, the user can distinguish the devices that the streams come from. Through T1, T2 and T3, packets forward latency of each device can be calculated, according to which users can find out the bottleneck during packet forwarding for the further optimization of data center network.
- Application in Data Center
- Application in Carrier Network
TAP aggregation switch can also be used to assist DPI (Deep Packet Inspection) in carrier networks. As illustrated below, the TAP aggregation switch is applied to forward flows of a carrier at the internet access point and sends a mirrored copy of the packet flow to DPI device at the same time. The DPI device is for traffic analysis, once a virus on a website or illegal information has been monitored, the flows will be blocked by a five elements table sent from management channel between DPI and TAP.
FS TAP Aggregation Switches Solution
FS network TAPs or TAP aggregation switches deliver security, visibility and traffic analysis for high density, non-blocking 1G/10/40/100GbE networks at any scale with advanced traffic management capabilities for lossless monitoring of network traffic. They can cost-effectively and losslessly monitor all data center network traffic while capturing and analyzing only the traffic that is needed. The table below lists FS T5800 and T8050 series TAP aggregation switches.
TAP aggregation switches are crucial to any network monitoring plan because they offer an uncensored view of all network traffic. With FS TAP aggregation switches, customers can transform opaque data center traffic into comprehensive visibility for security threat detection, service availability monitoring as well as traffic recording and troubleshooting. Apart from TAP aggregation switches, the standard Ethernet switches including Gigabit switches, 10gb switches, 40gb switches, and 100gb switches are also available for your choice.
An Overview on EVPN and LNV
What Are the Commonalities of Switches Supporting Cumulus Linux