Skip to main content

How to Boost Network Monitoring Tool Efficiency

Alastair Hartrup

Having the right tools and good visibility are critical to understanding what's going on in your network and applications. However, as networks become more complex and hybrid in nature, organizations can no longer afford to be reactive and rely only on portable diagnostic tools. They need real-time, comprehensive visibility.

To accomplish this, more and more organizations are deploying network monitoring platforms and solutions that utilize TAPs (Terminal Access Points) and Packet Brokers to permanently establish network links and gather critical performance data. These technologies provide maximum utilization of connected tools for IT teams looking for comprehensive monitoring and management in, for example, a Network Performance Monitoring and Diagnostics (NPMD) platform.

Why are TAPs so important? Network TAPs are stand-alone devices that make a mirror copy of all of the traffic that flows between two network end-points (or nodes). This can then be output to various network tools, while the live traffic continues to pass through the network. Because they are independent of the network, they're fully configurable. This allows complex packet manipulation to be performed by network performance (or security) solutions.

Packet Brokers take the technology a step further and allow for the combination, integration, separation, manipulation and processing of inputs from many sources (including TAPs), and then deliver that data to a wide variety of appliance, platform and tool destinations. 

Both play a major role in providing the data necessary for real-time, comprehensive network visibility.

Monitoring tools such as sniffers, probes and NPMD solutions can be permanently and safely installed on all network links using TAPs. They connect in-line on a network link, making a mirror copy of all network traffic and then forward that information directly to a monitoring tool (or Packet Broker). TAPs are also extremely safe – if power is lost, the network traffic will continue to flow. For more complex networks with a variety of connected tools, Packet Brokers are used with TAPs.

What are some of the key features that organizations should look for when deploying TAPs and Packet Brokers? Here are three key features to consider:

1. Flexible Port Mapping

Flexible port mapping allows the user to choose which ports the packets will travel through with no preset requirements. Packets may come in from the network, go back out to the network and also be directed to a connected monitoring tool. Some TAPs require certain ports be used for network traffic and others to be used to support monitoring tools. Flexible Port Mapping allows any port to be utilized for any type of traffic. This eliminates the need to buy a bigger system than necessary just because one type of port is maxed out, while other ports are open and unused. It also makes it simpler to add links and tools when any open port can be utilized for a tool or network access at any time. Not all TAPs and Packet Brokers offer this "scale out" flexibility.

2. Easy Aggregation

Aggregation is the combining of traffic from multiple links and sending that traffic to one specific tool. Often, links are underutilized. A 10 Gbps link, for example, may actually be carrying only 4 Gbps of actual traffic.

Understanding the actual traffic on links and aggregating underutilized links to a single TAP or Packet Broker port can provide dramatic savings on monitoring tools. Doing the math, aggregating five links running at 2 Gbps to a single 10 Gbps output port connected to one monitoring tool can reduce the tool budget by a factor of five.

Imagine the savings opportunity in a large complex network. Using this strategy on hundreds of links, organizations can save hundreds of thousands of dollars.

3. Independent Filtering

Independent filtering eliminates traffic that is not relevant to the mission of the connected monitoring tool. It helps tools run faster, more efficiently and allows them to monitor more links.

Hierarchical filtering is the traditional way that filtering is designed. This can be very complicated and prone to network affecting errors. If packets are filtered out at the top of the list, they cannot be re-introduced later.

Independent fast filtering allows filter maps to be created quickly without consequence to other filters further down the list. Independent filtering is faster and more accurate than hierarchical filtering. Look for TAPs or Packet Brokers that allow you to created multiple filters quickly on any stream with no need to distinguish between ingress and egress ports (and be sure you can create filter criteria with ranges and individual criteria).

When independent filtering is combined with aggregation, packets are filtered out of streams, allowing a higher aggregation ratio of links being sent to a monitoring tool. This means that independent filtering not only helps save OPEX by allowing faster, more accurate tool deployment, it also saves CAPEX by enhancing the link to tool aggregation ratio.

When looking to deploy or optimize your network monitoring solutions, consider the impact of strategically deploying network TAPs and Packet Brokers. Be sure you're using the aforementioned features, as they can offer significant tool cost savings and allow for a more efficient network monitoring solution.

Hot Topics

The Latest

In the final part of APMdigest's 2025 Predictions Series, industry experts offer predictions on how AI will evolve and impact technology and business in 2025 ...

E-commerce is set to skyrocket with a 9% rise over the next few years ... To thrive in this competitive environment, retailers must identify digital resilience as their top priority. In a world where savvy shoppers expect 24/7 access to online deals and experiences, any unexpected downtime to digital services can lead to significant financial losses, damage to brand reputation, abandoned carts with designer shoes, and additional issues ...

Efficiency is a highly-desirable objective in business ... We're seeing this scenario play out in enterprises around the world as they continue to struggle with infrastructures and remote work models with an eye toward operational efficiencies. In contrast to that goal, a recent Broadcom survey of global IT and network professionals found widespread adoption of these strategies is making the network more complex and hampering observability, leading to uptime, performance and security issues. Let's look more closely at these challenges ...

Image
Broadcom

The 2025 Catchpoint SRE Report dives into the forces transforming the SRE landscape, exploring both the challenges and opportunities ahead. Let's break down the key findings and what they mean for SRE professionals and the businesses relying on them ...

Image
Catchpoint

The pressure on IT teams has never been greater. As data environments grow increasingly complex, resource shortages are emerging as a major obstacle for IT leaders striving to meet the demands of modern infrastructure management ... According to DataStrike's newly released 2025 Data Infrastructure Survey Report, more than half (54%) of IT leaders cite resource limitations as a top challenge, highlighting a growing trend toward outsourcing as a solution ...

Image
Datastrike

Gartner revealed its top strategic predictions for 2025 and beyond. Gartner's top predictions explore how generative AI (GenAI) is affecting areas where most would assume only humans can have lasting impact ...

The adoption of artificial intelligence (AI) is accelerating across the telecoms industry, with 88% of fixed broadband service providers now investigating or trialing AI automation to enhance their fixed broadband services, according to new research from Incognito Software Systems and Omdia ...

 

AWS is a cloud-based computing platform known for its reliability, scalability, and flexibility. However, as helpful as its comprehensive infrastructure is, disparate elements and numerous siloed components make it difficult for admins to visualize the cloud performance in detail. It requires meticulous monitoring techniques and deep visibility to understand cloud performance and analyze operational efficiency in detail to ensure seamless cloud operations ...

Imagine a future where software, once a complex obstacle, becomes a natural extension of daily workflow — an intuitive, seamless experience that maximizes productivity and efficiency. This future is no longer a distant vision but a reality being crafted by the transformative power of Artificial Intelligence ...

Enterprise data sprawl already challenges companies' ability to protect and back up their data. Much of this information is never fully secured, leaving organizations vulnerable. Now, as GenAI platforms emerge as yet another environment where enterprise data is consumed, transformed, and created, this fragmentation is set to intensify ...

Image
Crashplan

How to Boost Network Monitoring Tool Efficiency

Alastair Hartrup

Having the right tools and good visibility are critical to understanding what's going on in your network and applications. However, as networks become more complex and hybrid in nature, organizations can no longer afford to be reactive and rely only on portable diagnostic tools. They need real-time, comprehensive visibility.

To accomplish this, more and more organizations are deploying network monitoring platforms and solutions that utilize TAPs (Terminal Access Points) and Packet Brokers to permanently establish network links and gather critical performance data. These technologies provide maximum utilization of connected tools for IT teams looking for comprehensive monitoring and management in, for example, a Network Performance Monitoring and Diagnostics (NPMD) platform.

Why are TAPs so important? Network TAPs are stand-alone devices that make a mirror copy of all of the traffic that flows between two network end-points (or nodes). This can then be output to various network tools, while the live traffic continues to pass through the network. Because they are independent of the network, they're fully configurable. This allows complex packet manipulation to be performed by network performance (or security) solutions.

Packet Brokers take the technology a step further and allow for the combination, integration, separation, manipulation and processing of inputs from many sources (including TAPs), and then deliver that data to a wide variety of appliance, platform and tool destinations. 

Both play a major role in providing the data necessary for real-time, comprehensive network visibility.

Monitoring tools such as sniffers, probes and NPMD solutions can be permanently and safely installed on all network links using TAPs. They connect in-line on a network link, making a mirror copy of all network traffic and then forward that information directly to a monitoring tool (or Packet Broker). TAPs are also extremely safe – if power is lost, the network traffic will continue to flow. For more complex networks with a variety of connected tools, Packet Brokers are used with TAPs.

What are some of the key features that organizations should look for when deploying TAPs and Packet Brokers? Here are three key features to consider:

1. Flexible Port Mapping

Flexible port mapping allows the user to choose which ports the packets will travel through with no preset requirements. Packets may come in from the network, go back out to the network and also be directed to a connected monitoring tool. Some TAPs require certain ports be used for network traffic and others to be used to support monitoring tools. Flexible Port Mapping allows any port to be utilized for any type of traffic. This eliminates the need to buy a bigger system than necessary just because one type of port is maxed out, while other ports are open and unused. It also makes it simpler to add links and tools when any open port can be utilized for a tool or network access at any time. Not all TAPs and Packet Brokers offer this "scale out" flexibility.

2. Easy Aggregation

Aggregation is the combining of traffic from multiple links and sending that traffic to one specific tool. Often, links are underutilized. A 10 Gbps link, for example, may actually be carrying only 4 Gbps of actual traffic.

Understanding the actual traffic on links and aggregating underutilized links to a single TAP or Packet Broker port can provide dramatic savings on monitoring tools. Doing the math, aggregating five links running at 2 Gbps to a single 10 Gbps output port connected to one monitoring tool can reduce the tool budget by a factor of five.

Imagine the savings opportunity in a large complex network. Using this strategy on hundreds of links, organizations can save hundreds of thousands of dollars.

3. Independent Filtering

Independent filtering eliminates traffic that is not relevant to the mission of the connected monitoring tool. It helps tools run faster, more efficiently and allows them to monitor more links.

Hierarchical filtering is the traditional way that filtering is designed. This can be very complicated and prone to network affecting errors. If packets are filtered out at the top of the list, they cannot be re-introduced later.

Independent fast filtering allows filter maps to be created quickly without consequence to other filters further down the list. Independent filtering is faster and more accurate than hierarchical filtering. Look for TAPs or Packet Brokers that allow you to created multiple filters quickly on any stream with no need to distinguish between ingress and egress ports (and be sure you can create filter criteria with ranges and individual criteria).

When independent filtering is combined with aggregation, packets are filtered out of streams, allowing a higher aggregation ratio of links being sent to a monitoring tool. This means that independent filtering not only helps save OPEX by allowing faster, more accurate tool deployment, it also saves CAPEX by enhancing the link to tool aggregation ratio.

When looking to deploy or optimize your network monitoring solutions, consider the impact of strategically deploying network TAPs and Packet Brokers. Be sure you're using the aforementioned features, as they can offer significant tool cost savings and allow for a more efficient network monitoring solution.

Hot Topics

The Latest

In the final part of APMdigest's 2025 Predictions Series, industry experts offer predictions on how AI will evolve and impact technology and business in 2025 ...

E-commerce is set to skyrocket with a 9% rise over the next few years ... To thrive in this competitive environment, retailers must identify digital resilience as their top priority. In a world where savvy shoppers expect 24/7 access to online deals and experiences, any unexpected downtime to digital services can lead to significant financial losses, damage to brand reputation, abandoned carts with designer shoes, and additional issues ...

Efficiency is a highly-desirable objective in business ... We're seeing this scenario play out in enterprises around the world as they continue to struggle with infrastructures and remote work models with an eye toward operational efficiencies. In contrast to that goal, a recent Broadcom survey of global IT and network professionals found widespread adoption of these strategies is making the network more complex and hampering observability, leading to uptime, performance and security issues. Let's look more closely at these challenges ...

Image
Broadcom

The 2025 Catchpoint SRE Report dives into the forces transforming the SRE landscape, exploring both the challenges and opportunities ahead. Let's break down the key findings and what they mean for SRE professionals and the businesses relying on them ...

Image
Catchpoint

The pressure on IT teams has never been greater. As data environments grow increasingly complex, resource shortages are emerging as a major obstacle for IT leaders striving to meet the demands of modern infrastructure management ... According to DataStrike's newly released 2025 Data Infrastructure Survey Report, more than half (54%) of IT leaders cite resource limitations as a top challenge, highlighting a growing trend toward outsourcing as a solution ...

Image
Datastrike

Gartner revealed its top strategic predictions for 2025 and beyond. Gartner's top predictions explore how generative AI (GenAI) is affecting areas where most would assume only humans can have lasting impact ...

The adoption of artificial intelligence (AI) is accelerating across the telecoms industry, with 88% of fixed broadband service providers now investigating or trialing AI automation to enhance their fixed broadband services, according to new research from Incognito Software Systems and Omdia ...

 

AWS is a cloud-based computing platform known for its reliability, scalability, and flexibility. However, as helpful as its comprehensive infrastructure is, disparate elements and numerous siloed components make it difficult for admins to visualize the cloud performance in detail. It requires meticulous monitoring techniques and deep visibility to understand cloud performance and analyze operational efficiency in detail to ensure seamless cloud operations ...

Imagine a future where software, once a complex obstacle, becomes a natural extension of daily workflow — an intuitive, seamless experience that maximizes productivity and efficiency. This future is no longer a distant vision but a reality being crafted by the transformative power of Artificial Intelligence ...

Enterprise data sprawl already challenges companies' ability to protect and back up their data. Much of this information is never fully secured, leaving organizations vulnerable. Now, as GenAI platforms emerge as yet another environment where enterprise data is consumed, transformed, and created, this fragmentation is set to intensify ...

Image
Crashplan