Talk:Network tap

This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computing: Networking Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Low This article has been rated as Low-importance on the project's importance scale. This article is supported by Networking task force (assessed as Mid-importance). This article is supported by WikiProject Computer Security (assessed as Mid-importance). Things you can help WikiProject Computer Security with: edit history watch purge Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

On network taps

Latest comment: 17 years ago2 comments2 people in discussion

According to Datacom Systems, network taps are physical layer devices that allow network and security personnel to create permanent test access ports (TAPs) throughout the network, eliminating the need for network connectors to be disconnected and reconnected each time a network segment needs to be monitored by a network management or security appliance. Therefore, the network never needs to be disconnected and the physical wires always can stayy in place.

Network taps are what is known as "passive" devices and typically pass all seven layers of OSI network traffic. Taps do not interfere with the performance and integrity of the network or the data that flows across it.

A network tap will pass full duplex traffic at "line rate", whereas some network management and security devices when deployed In-Line may cause a delay when copying packets or converting data signals from electrical to optical format on networks with both copper and fiber media types. The same problem can occur when network switches are deployed for network devices to monitor their SPAN (or mirror) ports.

Since most taps are passive devices, they are perfect solutions for "In-Line" deployment where they allow network monitoring tools to have permanent and real-time access to network links without introducing a point of failure.

Deploying network taps for use with security and management devices should conserve network resources. They require no management, configuration, and can connect any two network devices — Preceding unsigned comment added by 69.201.72.83 (talk) 17:25, 17 May 2006 (UTC)Reply

Above comments are not attributed.

I suspect test access port is a bacronym. tap has been a common network term for many years, dating back at least to the vampire taps used for 10base5. Morty abzug 03:15, 30 May 2006 (UTC)Reply

Potentially dated information

Latest comment: 3 years ago1 comment1 person in discussion

Most current network taps introduce less of a point of failure than the network cables themselves. Fiber taps are more vulnerable to being physically damaged than most other types.

"Span Ports" really tend to slow switches down and in turn, generally slow the entire network down, since the ideal monitoring point is usually a network backbone. A "span port" steals valuable resources from the switch, especially in high traffic environments where memory must be used to buffer full-duplex traffic beyond the speed of the single interface. This can bring an entire network down very quickly.

Network taps generally do not require "channel-bonding", as suggested. Most modern network monitoring software allows multiple interfaces (often unlimited) to be monitored simultaneously.

It is generally more desirable to use "dumb" network monitoring devices (e.g. no snmp), as they are not hackable and are not detectable on the network. This is actually a requirement under current CALEA laws.

Although this is a well written article overall, some of the statements really make one wonder how much network monitoring the author(s) has/have actually done lately. Perhaps this article has not been updated in a very long time? Most of this information was true several years ago.

As I am obiously not the best writer, I will leave this up to someone else to update as they see fit - or not... —The preceding unsigned comment was added by 206.222.110.30 (talk) 21:50, August 21, 2007 (UTC)

You write perfectly fine by my measure. So if I were you, I'd try to reorganize and rewrite this article to include the updated information that you know. JakeEs (talk) 09:10, 6 September 2020 (UTC)Reply

Similarity to another source

Latest comment: 16 years ago1 comment1 person in discussion

This segment:

"Network taps are commonly used for network intrusion detection systems, network probes, RMON probes, packet sniffers, and other monitoring and collection devices and software that require access to a network segment. Taps are used in security applications because they are non-obtrusive, are not detectable on the network, can deal with full-duplex and non-shared networks, and will usually pass-through traffic even if the tap stops working or loses power."

Is the same as used on this product page: http://www.barracudanetworks.com/tap/. Neither seems to cite the other as a source. —Preceding unsigned comment added by 12.10.125.8 (talk) 23:02, 15 November 2007 (UTC)Reply

External links

Latest comment: 13 years ago1 comment1 person in discussion

• Axel Schemberg (November 2010). "How to build a passive network tap" (PDF). Axel Schemberg. Retrieved 2011-01-13.

— Preceding unsigned comment added by 88.77.61.251 (talk) 07:42, 13 January 2011 (UTC)Reply

Fix needed

Latest comment: 10 years ago1 comment1 person in discussion

Fix required: The first reference links to a Sociology paper, not a paper about "Practical quantum key distribution". — Preceding unsigned comment added by 204.209.209.138 (talk) 14:51, 25 March 2014 (UTC)Reply