Over a decade ago it wasn’t uncommon for an engineer to put a network tap on a network to send packets to a monitoring tool. Over the years using a switch port analyzyer (span) or mirror port has accomplished much of the same thing.
However, for some organizations and service providers, network taps are coming back into popularity.
That’s why Net Optics Inc., a Santa Clara, Calif., company, has added a passive 40 Gigabit Fibre Tap for high performance networks to its lineup.
The US$1,500 unit requires no power but delivers full duplex monitoring thanks to a custom monitoring cable that sends the signal to a separate network interface card on the monitoring device.
Dennis Carpio, Net Optic’s director of product innovation, acknowledged in an interview that only a small number of organizations, mostly telecommunications companies and service providers, have 40G Ethernet networks today. But, he added, when demand goes up the company will be ready.
“As 40Gig and 100Gig become more prevalent [in the data centre] I think you’re going to see more and more of these core and backbone environments turn to 40 and 100, which is going to push everything else down the stack. There’s going to be a need eventually where 40Gig will be in the core and people are going to want to access 40Gig traffic outside of any additional methods like span port mirroring. ”
The company makes a series of copper and fibre taps, including ones for 10/100 networks, for attaching at any point on the network – the perimeter, the core the access layer or distribution layer.
“A lot of the need for establishing visibility (on the network) has been primarily in the 1Gig and 10Gig,” he said. “10Gig made a huge move into the data centre in the past few years, and a lot of the analysts are saying the impending growth of 40Gig and 100Gig is going to push everything down the stack.”
Essentially, he said, Net Optics optimized its existing 10G Fibre Tap – which uses an optical splitter to do its work – to run at 40G without materially slowing the traffic.
There aren’t a lot of companies making network taps, but the few include Datacom Systems Inc. of East Syracuse, N.Y., which makes a series of taps ranging from 10/100 to 10G and Network Instruments LLC of Minnetonka, Minn.
Network taps are a good way to divert packets to a device that does protocol analysis, said Glenn O’Donnel, a Forrester Research analyst who specializes in infrastructure issues. However, they aren’t accepted on certain networks – for example, ones that carry financial information. A tap is “very much frowned upon” there, he said, because customers don’t like the idea of their data being intercepted. A temporary mirror port is more acceptable.
“It’s a market that was really popular 15 years ago,” he said, “then fell from the radar screen. It’s starting to come back a bit now that people are starting to do more with packet-capture technologies – anything from intrusion detection systems to application-dependency mapping and various performance functions.”
The Net Optics 40G Fibre Tap is the same size as its 10G Fibre Tap, which means up to eight can be installed in an optional 19-in. rack panel.
Neither the tap nor the NIC have an IP address. Any monitoring device connected to the tap still sees all full-duplex traffic as if it were in-line, including Layer 1 and Layer 2 errors.