Network Tap Groups
A Network TAP (test / terminal access point) is an element for acquiring and viewing network traffic. Network tap groups are the FireMon implementation of network TAPs allowing users to create an access point to monitor network traffic in a specified location in their network.
Network tap groups live on Layer 2 devices allowing users to gather data, analyze, and monitor network traffic; because Layer 2 configured devices do not have a normalized IP address interface resulting in no assigned routes.
A Network Tap Group consists at least one transparent device and two mappings to routed interfaces.
Valid Network Tap Groups currently include:
-
One transparent device and two tapped routed interfaces.
-
One transparent device, one tapped routed interface, and one tapped network segment.
-
Less than one transparent device, one device must have two tapped routed interfaces, all others may have one, and all transparent devices must be connected in to allow traffic to flow through.
What devices are eligible to be in a Network Tap Group?
-
Network segments not already in a network tap group (starting network segment must have one or two edges).
-
Transparent devices (Layer 2) and their interfaces.
-
Routed interfaces from the starting network segment (connections to devices on Layer 3).
How does creating a Network Tap Group change the network topology?
Inserting a Network Tap Group replaces an existing network segment in the map topology. The original network segment is replaced with the creation of the Network Tap Group; however it can be recreated by replacing the Network Tap Group that replaced it.
Definitions
-
Transparent Firewall Device - A device having one or more Interfaces marked as transparentMode = true
-
Transparent Interface - An Interface having transparentMode = true
-
Network Tap Group - An object representing a group of transparent firewall device(s) and the associated Network Tap Pair Mappings
-
Network Tap Pair - An object representing a from and to interface mapping
-
Edge - An interface representing the connection between network segments
Permission Requirements
A user will need to be a member of a user group with the following minimum permissions granted:
-
FireMon Objects: Network Segments - a minimum of Read is needed to view the page, and Write is needed to modify or delete.
-
Modules: Administration and Security Manager - Write access
-
Device Group: All Devices or specific device groups - Write access
Open the Network Tap Groups Page
To open the Network Tap Groups page, on the toolbar, click FireMon Objects > Network Tap Groups.
Network Tap Groups List
The following table defines the values in the Network Tap Groups table. The order listed is ascending by Name, but can be sorted by any column.
| Value | Description |
|---|---|
| Name | |
| Original Network Segment Name | The name of the original network segment that was replaced with the respective tap group. |
| Created | The timestamp of when the group was created. |
| Last Updated | The timestamp of when the last updated to the group occurred, |
|
Action menu with options for tasks to complete at the network tap groups level. |