Universal TAP

Solution Briefs

Any TAP, Anytime

Whether you need to troubleshoot a server, adhere to compliance or secure your network, tapping is an indispensable tool for any company. For the uninitiated, a network TAP is similar to a phone TAP. In both cases, the goal is to gain visibility into an ongoing “conversation”. For the network, that conversation can be between any network device in the network; switch to switch, server to switch, router to ISP, etc.

Ideally, network operators would be able to TAP any connection in the network at any time. Until recently the only way to achieve that goal was to implement an entire parallel TAP network, which is an expensive proposition. In practice, most networks utilize a limited number of TAPs and move them manually when a new port needs to be monitored. With Fiber Mountain’s Glass Core, however, the ability to TAP any connection at any time becomes both easier to implement and much less expensive.

Tap Basics

In its most basic form, tapping a network device involves capturing the transmit/receive traffic and redirecting it to a monitoring device.

Traditionally, tapping is accomplished via one of the following methods:

  1. Specialty boxes – Hardware build specifically for tapping
  2. Port mirroring (SPAN) – Copies data from one port to another
  3. Agent software – Software that runs on network devices to redirect traffic

TAP Pain Points

One of the biggest challenges with TAP is the overhead of the setup. Today you may only need to TAP servers in one rack, but tomorrow you may need to TAP a router on your edge and a year from now you may need to TAP switches in building two.

Setting up TAP for all these devices with specialty boxes, software agents or port mirroring would be time-consuming and expensive for any large network. Even for those organizations with the time and resources to do so, management of the solution requires a small army of admins. But what if TAP could be available as soon as you plug in a new network device, with built-in functionality?

Fiber Mountain's Glass Core™

In a Glass Core network, all physical connectivity is centrally managed. All physical network connections from all devices are tied into the Glass Core via Fiber Port Aggregators (FPAs) and Optical Path Exchanges (OPXs), and from there connections are dynamically managed by the AllPath Director (APD) orchestration software. This allows an admin to route any physical network connection to any number of other devices in the network. This includes TAP of any connection for diagnostic, security or compliance purposes.

Glass Core TAP

The OPX is designed to regenerate the received optical signals when it forms the cross-connection. This introduces the option of multicasting the regenerated signal to up to 160 ports on one OPX. Using a handful of OPX ports to TAP network traffic passing through the other ports is easy for the network manager to configure, with no need for additional equipment or software.

The below diagram shows a network with various network and monitoring devices connected via the Glass Core. Using APD, network operators can set up TAPs as needed, and can also configure the cross connects to form any desired network architecture, whether leaf-spine, hierarchical or a hybrid.

Benefits of Glass Core TAP:

  1. Plug and Play – Glass Core networks are TAP-ready by default
  2. Non-intrusive – All TAPs are passive
  3. Security – All TAP connections are auditable
  4. Documentation – All end-to-end connections are automatically documented
  5. Future-Proof – Can be configured via software for any physical network design

Conclusion

The ability to TAP is a requirement for any large network, and the ability to TAP on demand can be a game-changer. Whether you’re building a new network or upgrading an existing one, Glass Core solutions provide the quickest and easiest way to add tapping capabilities in your network. Network tapping does not have to be a pain point – with a Glass Core network, you can TAP anything at any time.

 

Components of Fiber Mountain’s Glass Core:

  • AllPath Director is a centralized SDN orchestration system that provides real-time visibility and control of the network. This orchestration system is unique among SDN controllers because it is not confined to packet processing over a static infrastructure. AllPath Director ‘software defines’ the physical layer.

  • OPX Optical Path Exchange offers 160x10Gbps ports with dense MPO connectors and on-board optics. It has been measured at five nanoseconds port-to-port latency, enabling "bump-in-the-wire" optical switching with multicast support.

  • Sensus intelligent patch panels aggregate and break out duplex LC to MPO trunks. Each Sensus panel features an interactive management module screen that offers local or remote access for improved control and asset management. Two hot-swappable patching modules allow for dynamic breakout configurations.

  • L-Series Fiber Port Aggregators provide LC-to-MPO or MPO-to-MPO aggregation and QSFP breakout. Per-port LEDs and a variety of TIA-5638-D.3 2016-compliant fiber mapping options couple with AllPath Director and OPX to facilitate effective network control and visibility.

  • Super Premium Fiber Optic Cables ensure efficient and consistent data via a high-quality glass core and superior design. Cables equipped with ICID technology can be discovered by AllPath Director to provide visibility and complete control of the physical layer.

I want more information!