What’s On Tap?

Access Point of Sorts

While some might hear the term “TAP” and think of either beer at the pub or wiretapping as in malicious or secret government monitoring of telephone and internet-based conversations, that’s not what we’re talking about here. In this instance, TAP stands for either traffic analysis point, test access point or terminal access point—typically depending on the vendor or who you’re talking to. Regardless of the various nomenclature, the primary purpose of a TAP is to monitor network traffic in real time without interrupting data transmission. While network TAPs are often deployed for network intrusion detection purpose, especially on critical links, they can also be used to analyze traffic for better insight on overall network performance and high-bandwidth users, as well as to prevent network downtime by copying traffic to another device. 

Typically rack-mounted and housed within a telecom room, network TAPs are standalone devices that connect directly to the cabling plant between two network nodes (e.g., end devices, routers and switches) to split or copy packets for sending to a separate traffic or performance analyzer, intrusion detection system or data capture system. They also can be integrated into existing patching solutions to eliminate the need for additional rack space and extra connections via patch cords from the TAP.

TAPs should not be confused with the use of switch port analyzers (SPANs), which is a port mirroring software function of a network switch for duplicating traffic on specific ports. Unlike a TAP, SPANs need to be configured, they may drop traffic and can create latency issues. This is partly why TAPs are considered forensically sound for legal purposes while SPANs are not.

Passive vs. Active

TAPs are available for both fiber and copper networks, and the main difference is that one is passive and the other is active. Passive TAPs used with fiber cabling systems come in a variety of speeds from 10 to 100 Gb/s and in both multimode and singlemode options with either duplex (LC, ST, SC, etc.) or MPO/MTP connectivity. These passive devices essentially include an optical splitter that splits an optical stream into two paths—one to transmit the information on to its original destination and the other to transmit the copied information to the monitoring port. Unlike a splitter used in a passive optical LAN that provides downstream and upstream communication via separate wavelengths over singlemode fiber, TAPs only transmit information and never receive. That means that a 10 Gb/s TAP can pass through 20 Gb/s worth of data for monitoring over a duplex port. In general, passive optical TAPs are considered very reliable as “listen only” devices with no active electronics or required power.

Active TAPs are required for copper cabling systems and come in speeds ranging from 100 Mb/s to 10 Gb/s. They require power to retransmit signals to the intended location on the network and a copy to the monitoring system. This unfortunately makes an active TAP a point of failure within the network, which is why passive TAPs are typically preferred and used within backbone fiber links. However, today’s active TAPs do have battery backup and other failover features that allow them to let network traffic continue to flow in the event of a malfunction. Active TAPs are also required if there is a need for any type of media conversion or signal regeneration.

Key Considerations

While active TAPs can be a point of failure, that doesn’t mean that passive TAPs have no impact on the network.  Because passive TAPs divert a portion of the light signal passively, they do introduce insertion loss that needs to be calculated as part of the overall loss budget. That is why it is highly recommended to know during the design process whether your customer is going to require TAPs. Not only does adding them later require temporarily taking down live network links, but it could also introduce too much insertion loss for the application.

As with any network component, TAPs will come with specified insertion loss values, and in a passive optical TAP, the loss can vary based on the split ratio. In lower speed networks, TAPs don’t need to split the incoming optical signal equally but can allocate 70% of the signal to the network and 30% for monitoring. This introduces less loss for the network and more for the monitoring traffic. However, for 40 Gb/s and higher, it’s better to use an equal 50/50 split because the loss could be too high for the monitored traffic to be effectively transmitted. For example, a 70/30 split ratio may introduce 6.3dB for the monitoring link and only 2.3dB for the network, while a 50/50 split will introduce 4.3dB for both monitoring and network links.

Like any fiber optic link, those incorporating passive TAPs need to be certified using an optical loss test set such as the Fluke Networks’ CertiFiber® Pro.  Of course, the loss inserted by the TAP needs to be taken into consideration when determining the loss budget for the link.  An example of how that’s done can be found in our knowledge base article explaining how to test Corning® Pretium EDGE® TAP modules.  Since every interconnection, including TAPs, can add reflectance to the link, it’s also recommended that they be characterized using an OTDR such as the OptiFiber Pro.  (Check out this blog post on the importance of measuring reflectance.)  Note, however, that they can only be tested from the transmit end of the link.  That means you can test them in only one direction, leaving open the possibility of less accurate OTDR loss measurements – a good reason to test with both the OLTS and OTDR.
 
In situations where there will be too much loss for either the network or the monitoring link, an active regeneration TAP will need to be used to fully retransmit the signal. It’s also important to keep in mind for passive or active optical TAPs, just like with any optical equipment, cleaning and inspection of fiber ports remains a number one priority.

Try a Online Demo