Configure a tap interface for your firewall.
Where Can I Use
This? | What Do I Need? |
A network tap interface is a device that provides a way to access data flowing across
a computer network. Tap mode deployment allows you to passively monitor traffic
flows across a network by way of switch SPAN or mirror port.
The SPAN, or mirror port, permits the copying of traffic from other ports on the
switch. By dedicating an interface on the firewall as a tap mode interface and
connecting it with a switch SPAN port, the switch SPAN port provides the firewall
with the mirrored traffic. This provides application visibility within the network
without being in the flow of network traffic.
By deploying the firewall Ethernet interface in tap mode, you can get visibility into
what applications are running on your network without having to make any changes to
your network design. In addition, when in tap mode, the firewall Ethernet interface
can also identify threats on your network. Keep in mind, however, because the
traffic isn’t running through the firewall when in tap mode it can’t take any action
on the traffic, such as blocking traffic with threats or applying Quality of Service
(QoS) traffic control.