Active Tap vs Passive Tap
When talking about network security and monitoring solutions, network access devices are the very first step in building an advanced visibility platform. The two most popular ways of monitoring traffic are using Network TAPs or port mirroring through a SPAN port.
As covered in this article, a network TAP provides the most accurate way to copy the actual traffic that runs through a system for monitoring and analysis purposes.
What is Traffic Analysis Point?
A Traffic Analysis Point(TAP) otherwise known as an optical TAP provides real-time reporting functionality between two or more points within a fibre-optic network.
Optical TAPs exist in two distinct types, namely active TAPs and passive TAPs. Active TAPs allow manipulation of a signal to the monitoring port and therefore tend to have more specialist applications and specialist transmission and monitoring equipment.
For the purposes of this overview however we shall talk only with reference to the passive versions. As the title of the product suggests, a passive TAP is typically a non-powered unit and is typically used in enterprise data centres for infrastructure and storage monitoring applications.
What is Passive Network TAP?
A passive network TAP is a device that has no physical separation between its network ports. This means that if the device loses power, the traffic can still flow between the network ports, keeping the link up because they don’t require power to operate. These devices contain an optical splitter that creates a copy of the signal as it passes through and this applies both to fiber TAPs and to network TAPs with 10/100M copper interfaces.
Passive TAPs are unidirectional — that is, they only send traffic, never receive it — so a passive, 10Gb TAP equipped with two ports could pass through 20Gb of data. Sharing the load between the two eliminates the chance of oversubscribing just one.
What is Active Network TAP?
Active TAPs, of course, require electricity to do their jobs. Because they retransmit all signals, split ratio is no longer a factor. However, during a power loss an active TAP can be a point of failure, so passive network TAPs are generally preferred. Here are a few scenarios where an active TAP makes sense:
- Locations where the light levels are too low to use a splitter; regeneration provides a viable solution
- Copper infrastructures where electricity is used to move electrons (instead of photons)
- Signal conversions, since an active TAP regenerates the signal anyway, it can also be designed to create a signal of a different type (such as 10Gb SR converted to 10Gb LR)
- SFP-based links that cannot otherwise be broken (such as TwinAX cabling) — regeneration works here as well
All LightOptics Active Copper TAPs have a fail-safe feature called No Break, which is a quick switching mechanism that activates in case of complete power failure. Contrary to conventional safety features on most TAPs, No Break feature switches much faster, so it doesn't cause the network link to renegotiate.
Finally, the more advanced active TAPs may have backup batteries to extend usage during power failures, as well as graceful failover features that will allow network traffic to pass through, even as the TAP’s monitoring output ceases.
The Passive TAPs vs Actives TAP Difference
As you can see both types of TAPs work in essentially the same way, splitting part of the signal off to the network traffic analyzer while the main signal continues uninterrupted. For passive TAPs, the light beam is physically split in two, while for the active TAPs the electrical signal is copied.
So, to sum up:
- A Passive Network TAP has no physical separation between the network ports. When the power to the device is lost, the network link will remain operational without delay. It requires no extra powering.
- An Active Network TAP does have a physical separation between the network ports, because of the relays and other electronic components inside the device. Extra powering is required by the TAP to fully operate.
Fiber TAPs are passive mirroring devices for secure and reliable tapping of network data in optical networks. These optical TAPs are looped into the fiber optic line to be monitored and route all data traffic without interruption.
LightOptics fiber optical TAPs do not require power, are purely passive components and therefore cannot be detected in the network without expensive measurement equipment. Hackers and other attackers thus have no chance, and since the integrity of the outgoing data remains unaltered due to this tapping method, Network TAPs are increasingly used in the areas of network forensics, security and monitoring.