With so much of the world’s communications and IT / OT networking systems still relying on Copper at the physical layer, it is critical that network, cybersecurity, and solutions engineers understand how to best TAP them. Without visibility or access to network traffic, NetOps and SecOps Teams cannot effectively manage, optimize, and secure the network or the applications they support.
What is the best TAP for Copper Networks?
Garland Technology has the largest Copper TAP portfolio in the industry and has designed this Field Book to help you identify the ideal Copper TAP for your project.
Turn to page 4 and get started tapping your Copper Network.
Start Here
PORTABLE TAPs
◼ Engineered for single-purpose use.
◼ Smaller size to fit in remote or constrained network locations.
◼ Can be used for quick-connect and permanent installations.
◼ Can be set up on a desk, shelf, or added to a rack or DIN Rail.
What do you need to do?
Continue to next page
I need to connect a security or monitoring tool to one (1) Copper link in my network. Tool has two (2) open physical ports to observe the mirrored network traffic.
Use a Breakout TAP to send copies of each direction of traffic out separate monitoring ports.
Breakout TAP is ideal when:
◼ (1) connected out-of-band network tool
◼ Utilization is very high
◼ Packet loss is not an option
PART NUMBERS
P1GCCB (10/100/1000M DC power)
PT100 (10/100M Passive)
P1GCCBV2 (10/100/1000M DC power)
I need to also connect another monitoring tool (e.g., Wireshark) that needs copies of that same traffic.
Use an Aggregator TAP to merge copies of each side of traffic out one monitoring port.
Aggregator TAP is ideal when:
◼ (2) connected out-of-band network tools
◼ Utilization is under 50%
◼ Need copies of full duplex in both directions
PART NUMBERS
I need to address oversubscription because it is a possibility.
Use a Filtering TAP to send only the copies of traffic the connected tool(s) need to receive and avoid sending unwanted traffic.
Filtering TAP is ideal when:
◼ Need to keep traffic to tools below 1G
◼ Tools risk being oversubscribed
◼ There is traffic that tool(s) is not interested in (e.g., camera or VoIP traffic)
PART NUMBERS
P1GCCFE (10/100/1000M)
Actually, my connected security or monitoring tool(s) is placed inline.
Use a Bypass TAP to deploy between the network and the connected tool.
Bypass TAP is ideal when:
◼ Prevent inline tool from becoming single point of failure
◼ Avoid network downtime
◼ Eliminate maintenance windows
I have more than one link to TAP in the same rack and I require a solution that offers more flexibility and density than the Portable options. Continue to next page
MODULAR TAPs
◼ Engineered for scalability.
◼ Individual TAP modules are hot swappable, fully configurable, and interchangeable.
◼ Offer tremendous flexibility for network needs both today and in the future.
◼ Designed for deployment in a rack via a 1U or 2U chassis.
◼ Dual power supplies.
What do you need to do?
Continue to next page
I need to connect a security or monitoring tool to one (1) Copper link in my network. Tool has two (2) open physical ports to observe the mirrored network traffic.
Use a Breakout TAP to send copies of each side of traffic out separate monitoring ports.
Breakout TAP is ideal when:
◼ (1) connected out-of-band network tool
◼ Utilization is very high
◼ Packet loss is not an option
NUMBERS
I need to also connect another monitoring tool (e.g., Wireshark) that needs copies of that same traffic
Use an Aggregator TAP to merge copies of each side of traffic out one monitoring port.
Aggregator TAP is ideal when:
◼ (2) connected out-of-band network tools
◼ Need to keep utilization under 50%
◼ Need copies of full duplex in both directions PART NUMBERS M1GCCF (10/100/1000M)
I need to address oversubscription because it is a possibility.
Use a Filtering TAP to send only the copies of traffic the connected tool(s) need to receive and avoid sending unwanted traffic. Filtering TAP is ideal when:
◼ Need to keep traffic to tools below 1G
◼ Tools risk being oversubscribed
◼ There is traffic that tool(s) is not interested in (e.g., camera or VoIP traffic)
PART NUMBERS
M1GCCF
(10/100/1000M)
Actually, my connected security or monitoring tool(s) is placed inline.
Use a Bypass TAP to deploy between the network and the connected tool.
Bypass TAP is ideal when:
◼ Prevent inline tool from becoming single point of failure
◼ Avoid network downtime
◼ Eliminate maintenance windows
If possible, I’d like to combine multiple Copper TAPs together and aggregate traffic without the cost of a full-on Network Packet Broker.
Use the M1G1ACE chassis and 4 Copper Aggregating TAP modules.
The backplane built into the M1G1ACE allows for sending traffic across the TAPs in the same row. Additionally, the backplane allows for aggregating and filtering network traffic and then routing the results to any of the monitoring ports of the TAPs in a single row.
PART NUMBERS
M1G1ACE
M1GCCF (10/100/1000M)
Note: Modular TAPs are used in conjunction with M1G1ACE or M1G2ACE and M1GC (management card).
These are great but I need a TAP solution that meets very unique network requirements.
Continue to next page
SPECIALIZED TAPS
Engineered for networks with unique requirements like:
◼ On-the-go technicians
◼ Environments with heat and vibration
◼ Installations inside existing Server
◼ Military-grade standards
◼ OT networks
What do you need to do?
Continue to next page
P1GCUA_mini
I need to see copies of network traffic on my laptop while out in the field.
Use the USB 3.0 port on a FieldTAP to connect to a network tool and see copies of network traffic on a laptop.
FieldTAP is ideal when:
◼ Need a handheld TAP
◼ Have Wireshark on a laptop
◼ Need to troubleshoot on-the-go
PART NUMBERS
P1GCUA_mini (10/100/1000M)
P1GCUA (10/100/1000M)
*portable, rack-mounted version
I need to TAP a network segment that encounters extreme temperature variations like -40oC to +85oC / -40oF to +185oF.
Use a Copper OT TAP in areas prone to heat, vibration, and DC power.
Copper OT TAP is ideal when:
◼ Space is limited: portable size
◼ DIN Rail mounting required
◼ (1) connected tool with (2) open ports
PART NUMBERS
P1GCCB-OT
(10/100/1000M DC power)
I need to easily integrate a network TAP into an existing network appliance or a PC to gain packet-level visibility.
Use a PCIe TAP to insert into a open PCIe x4 slot on a server or PC and receive out-of-band copies of packets from the network via the PICe TAP.
PCIe TAP is ideal when:
◼ A single link will be used to access packets from the network
◼ Ingress traffic from both network ports will be aggregated
◼ Power is provided by the network appliance or PC
PART NUMBERS
PCIE1GCA (10/100/1000M)
PCIE1GCUA (10/100/1000M)
*USB 3.0 monitoring port
I need to install a Network TAP on a military vehicle like a Humvee, tank, or aircraft. Is that even possible?
Yes! Use a Military-grade Industrial TAP to connect to rugged, moving vehicle and copy full duplex traffic. Might Mouse connectors on network and monitoring ports hold Copper connections in place.
Military-grade Industrial TAP is ideal when:
◼ (1) connected tool with (2) open ports
◼ Environments prone to shaking and bouncing
◼ DC power
PART NUMBERS
M100CCBm (10/100M)
M1GCCBm (10/100/1000M)
I need to secure SPAN link(s) with hardware enforced unidirectional traffic.
Use a Hardware Data Diode to eliminate bidirectional traffic flow ensuring that no data is passed back into the Switch Mirror port.
Hardware Data Diode is ideal when:
◼ The use of SPAN ports is still needed for visibility in a network
◼ Affordable pricing required (when compared to software-based data diodes)
◼ Need help meeting NERC CIP v5
PART NUMBERS
CTAP-P1GCCREG (10/100/1000M)
*2 SPAN input
P1GCCAS-Custom (10/100/1000M)
*1 SPAN input
I need to send more traffic to my OT / ICS security sensors.
Use an Aggregator TAP or SPAN Aggregator.
Aggregator TAP is ideal when:
◼ Copper network with 10/100/1000M speed
◼ TAP up to (4) network links and aggregate
◼ 1 or 2 sensors require exact copies of traffic
PART NUMBERS
INT1G10CSA
SPAN Aggregator is ideal when:
◼ Copper network with 10/100/1000M speed
◼ TAP up to (8) SPAN links and aggregate
◼ 1 or 2 sensors require exact copies of traffic
PART NUMBERS
INT1G10CSASP
I need to navigate media conversion without dropping packets.
Use a media conversion Network TAP.
Network TAP’s network ports are Copper and it’s monitoring ports are SFP.
Media Conversion Network TAP is ideal when:
◼ Media types of network and connected tool are different
◼ Network is Copper
◼ Connected Tool is not Copper
PART NUMBERS
(10/100/1000M)
(10/100/1000M)
Benefits of Garland Technology’s Copper TAPs
Garland Technology engineers and manufactures its Copper TAP portfolio in the USA. Benefits of deploying Garland’s Copper TAPs include:
◼ TAP the wire once and deliver copies of 100% network packets.
◼ Support networks with applications that are using jumbo frames.
◼ Durable, metal chassis: Garland Technology’s Network TAPs are built with metal construction providing durability during installation and throughout the life of deployment. Longer life than plastic TAPs.
Continue to the next pages for additional benefits.
DURABLE METAL CHASSIS
Failsafe
◼ The Failsafe feature in Copper TAPs recognizes power outages and then automatically closes the relay circuitry in less than 8 milliseconds reconnecting the two network devices connected to ports A and B.
◼ Furthermore, a TAP losing power is a very infrequent occurrence.
◼ Typically, lost power affects the entire network rack.
◼ In most cases, the TAP is plugged into a power source from either the device connected to port A of the TAP or to port B.
◼ Thus, if power is lost to either device connected to the TAP then it makes no difference if the TAP remains powered on or not because there is no destination to send the traffic.
◼ That said, to ensure Garland Technology’s Copper TAPs do not become a single point of failure, Garland’s Copper TAPs have built-in " Failsafe " circuitry.
Note: All Part #s included in the booklet have the Failsafe feature except PT100, P100CCA, M100CCB, and M100CCA (these are passive).
If Failsafe is a concern then plug the Copper TAP into a unique power source (UPS), move to Fiber, or use a completely passive Copper TAP (i.e., PT100, P100CCA, M100CCB, M100CCA).
Unidirectional Data Diodes
◼ Data Diode TAPs are engineered to allow raw data to travel in only one direction and ensure the out-of-band traffic does not return to the network. Packet injection becomes impossible.
◼ Hardware Data Diodes and Data Diode TAPs are useful and cost-effective solutions to help provide an additional layer of security in OT and IT networks.
◼ There are situations where SPAN/Mirror ports are still needed for visibility in an OT network.
◼ In these instances, it is best practice to connect the SPAN/Mirror port to a hardware Data Diode to pass the mirrored data onto the monitoring and security sensors.
◼ Using hardware Data Diodes eliminates bidirectional traffic flow, ensuring no data is passed back into the Switch Mirror port.
◼ Different from standard software-based Data Diode gateways in the industry, these are hardware-based. This means there is no complicated software to configure or the added risk of software failure.
◼ Network traffic control is enforced at the physical hardware level
Note: All Part #s included in the booklet have the Data Diode feature.
Link Failure Propagation (LFP) Solution
◼ Link failure propagation (LFP) is essential for ensuring 100% network uptime when network elements fail.
◼ This feature is imperative in high availability situations with 1G copper network TAPs.
◼ Copper gigabit networks differ because copper gigabit requires that each network port negotiate with the network TAP individually (i.e., the switch to the TAP, the TAP to the router).
◼ Essential for ensuring 100% network uptime when network elements fail.
◼ The functional network element continues to send packets and you start to lose visibility as a result.
◼ LFP is designed to shut down the link attached to the TAP if one side or the other fails.
◼ In a non-HA environment, the link is turned off by the TAP and it is up to diagnostic tools to alert the maintenance folks that there is a problem.
◼ Without LFP in a copper gigabit environment, if a network element link goes down, there’s nothing to tell the corresponding network element that there’s an issue.
◼ Without LFP in Copper 1G environments, if a network element link goes down, there’s nothing to tell the corresponding network element there’s an issue.
◼ The functional element continues to send packets and you start to lose visibility. LFP ensures an instant switch to the secondary link to maintain 100% uptime.
No battery back-ups in Garland Technology’s TAPs
◼ Garland Technology has never included a lithium ion battery in its Network TAPs.
◼ Garland Technology does not recognize lithium ion batteries as an acceptable power source for a Network TAP.
◼ Network TAPs with batteries should never be installed in a data center, network application, or critical infrastructure deployment.
◼ Issues with battery power include: - Rupture/fire hazard - Added maintenance - Insurance liability
◼ The best practice is to avoid Network TAPs with batteries and use Network TAPs that have power failsafe or a back-up power source.
Note: Garland Technology’s Copper TAPs do NOT contain battery back-ups.
RMP-1U
RMP-1U
1U Rack Mount Kit - holds up to 4 portable TAPs
M1G1ACE & M1G2ACE
M1G1ACE is 1U and holds up to 4 modular TAPs
M1G2ACE is 2U and holds up to 12 modular TAPs
M1GP1G-DC
Two slot Chassis - Holds up to 2 Militarygrade Industrial TAPs
P1GCCB
P1GCCBV2
PT100
P1GCCAS
P100CCA
P1GCCFE
P1GCCBP
P1GCCBPPE+
P1GCCB_OT
P1GCUA
CTAP-P1GCCREG
P1GCCAS-Custom
P1GCSBP
P1GCSBPPOE+
P1GCCA
M100CCB
M1GCCB
M1GCCF
M1GCCBP
M100CCA
M1GCSF
M1GCSBP
M100CCBm
M1GCCBm
Accessories
DIN Rail Mounting Kit
Model# + DIN_MOUNT
Power Lock Connector
PLTYPE1
Power Supply Lock System for Portable TAPs (except P100CCA)
