102 OPS | Home | README.md | Portfolio | ← | →

Reading How to capture network traffic? SPAN vs TAP

What are the differences between SPAN and TAP?

a TAP is a device you place between the flow of traffic from a network to the internet, so you can monitor that traffic and see what's going on. The name is easy to remember, like when someone taps a phone line to hear the conversation taking place. A SPAN can do more than just listen in, it can decide certain pieces of the conversation are dropped and not heard or delivered. It also is not easy to install and requires an engineer the downside to span port is it can be hacked, but a tap cannot. A TAP also does not require a switch port to monitor it. Very low maintenance.

What types of network devices can support network traffic mirroring?

Security Devices specifically that handle Firewalls, VPN, load balancers. Switches are needed to handle SPAN

How can network traffic mirroring be used for network security?

you can see the traffic between the internet and the server/client. So if something goes wrong, you'll be able to pin point the problem.

Are there any legal or ethical considerations when using network traffic mirroring?

Not invading someone's boundaries. If they are in an area that is private, like a bathroom vs a public accessible area like a living room. Same rules should apply, unless there is a reason that warrants for the invasion of privacy. Videos Logs and Monitoring