Observer nTAPs : Observer nTAPs : Getting started : Security, convenience, and dependability
Security, convenience, and dependability
The security and convenience of a TAP makes it preferable to inline connections for network analysis and intrusion detection and prevention (IDS/IPS) applications.
Because a TAP has no address on the network, the TAP and the analyzer connected to it cannot be the target of a hack or virus attack. TAPs are economical to install, allowing you to leave them permanently deployed. This allows you to connect and disconnect the analysis device as needed without breaking the full-duplex connection, much like plugging in an electrical device.
A TAP is also preferable to using a switch’s SPAN/mirror port to copy the data stream. Unlike the SPAN/mirror port, a TAP will not filter any SPAN/mirror port is a half-duplex link (that is, a send-only “simplex” data stream), it has the capacity to transmit only half of a fully-saturated link. Additionally, a TAP does not use any of the switch’s CPU resources.