When talking about network security and monitoring solutions, network access devices are the very first step in building an advanced visibility platform. The two most popular ways of monitoring traffic are using Network TAPs or port mirroring through a SPAN port.
As covered in this article, a network TAP provides the most accurate way to copy the actual traffic that runs through a system for monitoring and analysis purposes.
There are many different types of network TAPs on the market, with many benefits to your network uptime and analysis reliability. But, one topic that often comes up when talking with clients is passive vs active network TAPs. The definitions for passive and active TAPs can be quite confusing, that's why in the next paragraphs, we'll explain what are the main differences between these two types and what they mean for your network.
Passive Network TAP
A passive network TAP is a device that has no physical separation between its network ports. This means that if the device loses power, the traffic can still flow between the network ports, keeping the link up. This applies both to fiber TAPs and to network TAPs with 10/100M copper interfaces.
Fiber TAPs operate by splitting the incoming light into two or more paths and don’t require power, for starters. 10 or 100M Copper TAPs require power when used, but because there is no physical separation between network ports, they are also fully passive. In their case, in the event of power outage, the link stays up with zero failover time or link restoration delay.
Active Network TAP
As opposed to passive TAPs, the active ones have a physical separation between network ports, because of the electrical components used inside the TAP. Therefore, they require a fail-safe mechanism to ensure the network stays operational when power to the TAP is lost.
All Profitap Active Copper TAPs have a fail-safe feature called No Break, which is a quick switching mechanism that activates in case of complete power failure. Contrary to conventional safety features on most TAPs, No Break feature switches much faster, so it doesn't cause the network link to renegotiate.
The technology is based on a set of relays that are kept open when the device is powered. When the power is down, these relays switch to a straight flow of the traffic through the TAP so that the network remains operational.
The Passive vs Active Difference
As you can see both types of TAPs work in essentially the same way, splitting part of the signal off to the network traffic analyzer while the main signal continues uninterrupted. For passive TAPs, the light beam is physically split in two, while for the active TAPs the electrical signal is copied.
So, to sum up:
- A Passive Network TAP has no physical separation between the network ports. When the power to the device is lost, the network link will remain operational without delay. It requires no extra powering.
- An Active Network TAP does have a physical separation between the network ports, because of the relays and other electronic components inside the device. Extra powering is required by the TAP to fully operate.
If you are on the market for an active TAP, make sure to select one that is able to close its relays in under 8ms like the Profitap No Break feature. Anything above that will cause Spanning-Tree Reconvergence.