Net Optics PA-CU-AR, PAD-CU-AR User Manual

Installation Guide for

10/100BaseT Port Aggregator Tap

with Active Response

Models PA-CU-AR, PAD-CU-AR

Doc. PUBPACUARU Rev. 1, 06/06

Contents

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

10/100 Port Aggregator Tap

Key Features

Unpacking and Inspection

Product Diagrams

LED Indicators

Application Diagrams: Memory Operation

Cabling Guidelines

Connecting to the Network

Connecting to the Monitoring Device(s)

DIP Switch Settings

Active Response Tap FAQs

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Specications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Limitations on Warranty and Liability

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

10/100 Port Aggregator Tap

PLEASE READ THESE LEGAL NOTICES CAREFULLY.

By using a Net Optics Tap you agree to the terms and conditions of usage set forth by Net Optics, Inc.

No licenses, express or implied, are granted with respect to any of the technology described in this
manual. Net Optics retains all intellectual property rights associated with the technology described in
this manual. This manual is intended to assist with installing Net Optics products into your network.

Trademarks and Copyrights

© 2007 by Net Optics, Inc. Zero DelayTM Net Optics® is a registered trademark of Net Optics, Inc.
Additional company and product names may be trademarks or registered trademarks of the individual
companies and are respectfully acknowledged.

Additional Information

Net Optics, Inc. reserves the right to make changes in specications and other information contained

in this document without prior notice. Every effort has been made to ensure that the information in this
document is accurate.

Introduction

Net Optics 10/100 Dual Port Aggregator Taps with Active Response provide
ultra-efcient access to critical links with the option to inject an active re­sponse into the network. This pioneering technology enables any two devices
to simultaneously monitor a full-duplex link - using only one NIC per device.

Typically, full-duplex monitoring with a network tap requires two NICs (or
a dual channel NIC) – one interface for each side of the tapped full-duplex
connection. The Dual Port Aggregator Tap combines and regenerates these
streams, sending all aggregated data out two separate passive monitoring
ports. The best part of this innovation is the onboard memory to make sure

trafc isn’t dropped during bursts.

Response Ready

When active responses to network events are required, the rst monitoring

port can be changed to an Active Response Port using a hardware switch. The
Active Response Port buffers and transmits into the network link any type
of Ethernet packet, from a simple TCP reset to ICMP messages. The Active
Response Port can be easily switched back to passive monitoring via the
hardware switch.

The combination of active response capability and passive monitoring in
the Tap reduces the number of devices and network ports required for active
response functionality.

10/100 Port Aggregator Tap

Buffering Prevents Lost Data

The Dual Port Aggregator Tap with Active Response is designed to handle the

combined trafc of a single full-duplex link. Normally, the trafc should be

below the receiving capacity of the NIC, that is, less than 10 or 100 Mbps.

When the trafc queue exceeds the capacity of the NIC, the Tap buffers the
overow of up to one megabyte per side of the full-duplex connection. For
your convenience, the buffers clear automatically when the trafc volume falls
below the receiving capacity of the NIC. For example, if there is a trafc burst

and a tap connected to a 100 Mbps network port on a monitoring device is

now receiving 140 Mbps of trafc, the Tap buffers data until the burst is over.

The Tap then sends the buffered data to the monitoring device until the buffer
is cleared.

1

10/100 Port Aggregator Tap

Simple to Deploy

Net Optics’ Dual Port Aggregator Tap with Active Response is a simple plug-

and-play solution addressing the fact that many monitoring systems, including

most software based solutions, only offer a single channel NIC, limiting full­duplex visibility. While adding a second NIC can help maintain data integrity

and visibility, there is a tradeoff in exibility and ease-of-use. An operating

system and NICs that enable binding are often required to achieve the same
functionality as the Dual Port Aggregator Tap. In contrast, the Dual Port

Aggregator Tap requires no additional components or conguration on the

monitoring devices.

All network and monitoring cables required for plug-and-play deployment are
included with the 10/100BaseT Dual Port Aggregator Tap w/Active Response.

Better than Span Ports

In the past, span ports were occasionally used to aggregate tapped trafc.

However, in addition to other shortcomings of span port monitoring, span
ports support very limited buffering and can simply drop data during bursts.
The generous buffers of the Dual Port Aggregator Tap prevent data loss in
these conditions.

Security and Visibility

Without an IP address, monitoring devices are isolated from the network,
dramatically reducing their exposure to attacks. However, the monitoring

device connected to the Tap still sees all full-duplex trafc as if it were in-line,

including Layer 1 and Layer 2 errors.

Reliability

For extra uptime protection, Net Optics Taps offer redundant power connec

­tions. Should the primary power source fail, the Tap automatically switches
to the backup power source. Power LEDs on the front of the Tap indicate the
current power source.

2