What is a SPAN port?
SPAN (Switched Port Analyzer) is a dedicated port on a switch that takes a mirrored copy of network traffic from within the switch to be sent to a destination. The destination is typically a monitoring device, or other tools used for troubleshooting or traffic analysis.
SPAN ports present a readily available mechanism through which to access detailed packet information.
An active SPAN session uses the switch’s hardware resources. During normal function, one of the switch’s jobs is to eliminate packets that are below the minimum size and to delete corrupt packets, i.e. hardware and media errors are dropped. This means that the out-of-band monitoring devices may not receive all true traffic. The switch gives high priority to network traffic while the SPAN traffic gets lower priority. So during peak times, SPAN traffic may be dropped, and the monitoring equipment will not get the complete information.
Also, traffic on a SPAN needs to be configured as Rx (receive) and Tx (transmit) or both. This limits your visibility. Selecting both Tx and Rx, the port can become oversaturated and packets may be dropped.
Taps see all the traffic all the time, and are not dependent on the switch’s resources and limitations. As needed, traffic can be replicated ensuring that all tools get the same copy of the traffic.
Why Niagara network TAP?