Turn the tap on: steps to a secure network

Digital transformation and cloud computing have changed the business technology landscape, bringing an enhanced focus on network security and infrastructure. A network tap can be a key implementation to optimise uptime and protect against breaches. network tap

The move into cloud in recent years for businesses has been quick and wholesale. There are advantages to be gained from shifting core business systems and applications into the cloud, but this move must come with the robust security to match. Disrupted services or data breaches could be catastrophic and can mean loss of reputation and revenue, particularly with the highly sensitive data entrusted to government bodies, including citizens’ health records and personal data.

Software is certainly important, yet hardware must be a consideration of the security mix too. Cloud adoption introduces new hardware vulnerabilities. Applications are hosted outside the internal data centre, making it difficult for network administrators to track and analyse network performance in real-time. System lag and switch overutilisation could crash critical applications in the data centre and storage area network (SAN).

As a result, data centre teams need to continually monitor for potential security threats such as denial-of-service attacks, and identify bottlenecks or other performance issues quickly.

Tony Robinson, Corning, network tap
Tony Robinson, Corning

Steps to a secure environment

There are a number of steps that organisations can take to ensure a more secure cloud environment.

Involving network administrators and structured cabling teams to adopt a preventive approach with network monitoring, is not only effective in detecting errors and offering access to performance and utilisation data, but also ensures the accuracy of changes to produce only desired results.

In addition, a technology currently used in network monitoring systems is tap (traffic access point).

A tap is a passive component that allows non-intrusive access to data flowing across the network and enables monitoring of network links. A tap uses passive optical splitting to transmit inline traffic to an attached monitoring device without data stream interference, thus ensuring no disruption to the live network.

Tap technology an uptime enabler

Maintaining uptime is a critical focus for businesses to maximise productivity and value for their IT networks and applications. Therefore, it is wise to implement solutions that allow network monitoring without affecting live applications. Network monitoring when implemented optimally should allow individuals to see all network traffic including errors, regardless of packet size, in real time to allow preventative actions to be taken quickly and efficiently rather than a more costly, corrective approach after the event.

Taps are truly passive and do not add any additional load onto the live network. Because the device simply splits a signal instead of replicating it, a portion of the signal can be taken offline, or out of band, to conduct analysis of the input/output (I/O) traffic without affecting live applications.

For these reasons, optical tapping is becoming a more popular solution for higher data rates.

To integrate or not to integrate

As network taps become more popular, a decision for procurement and security teams then becomes how this solution is implemented. Not all taps are created equal, and it is important for businesses to understand the options available to them.

The first consideration is location. Presenting the tap port as an MPO connector in the rear of the module will provide maximum flexibility when designing a structured cabling network. The MPO connector footprint allows separation of live production network ports and tap ports into different cabinet locations if desired.

Using this capability to centralise the active monitoring equipment, rather than installing across multiple cabinet locations throughout the data centre, provides cost savings by optimising the use of active monitoring equipment and reducing the risk of patching errors.

There are further considerations too. A tap can be either integrated or non-integrated into your structured cabling and can use either fused biconical taper (FBT) splitters or thin-film splitters. Generally, integrated taps are providing better solutions for those looking to monitor their networks. Not only do they perform the same function as a normal structured cabling network, but also send a portion of light to the monitoring electronics. An integrated tap module allows moves, adds, and changes (MACs) to monitored ports without disrupting the live network, and can annually save up to eight hours in downtime.

A powerful advantage of an integrated tap module is that the solution can be directly installed into structured cabling. Since integrated tap modules occupy the same space as traditional MPO or LC modules, adding monitoring to an existing network is as simple as swapping out a traditional module for a tap module.

Tapping into the future

The need for data and the capability for businesses to store, analyse and manage it will only increase. This, in turn, means that potential cost considerations of a data breach will also grow. From a hardware point of view, companies need to fully understand their networks, and to integrate security and monitoring solutions that are scalable. Tapping provides this possibility, making it a pragmatic and realistic option that provides a robust, long-term solution.

Previous ArticleNext Article


The free newsletter covering the top industry headlines