The NSA Does Not Want You to Know About Taps for Network Security
It is well known that using network taps for out-of-band monitoring is an effective way to improve both network performance and uptime. However, taps are typically labeled as a less-desirable monitoring deployment for security. This is simply not true and the National Security Agency (NSA) knows it.
A recent article in Wired, NSA Hacker Chief Explains How to Keep Him Out of Your System, provides insight that validates my statement. The article states, “Another nightmare for the NSA? An “out-of-band network tap”—a device that monitors network activity and produces logs that can record anomalous activity—plus a smart system administrator who actually reads the logs and pays attention to what they say.”
NSA hacker chief Rob Joyce is acknowledging in this article that taps can help to reveal his team’s presence, along with other hacker’s, on your network. Taps work 24x7 to pass all packets, including any errors, to your monitoring tools. This is what the NSA hacking team does not like: a passive monitoring device that can alert network teams to any abnormal activity on the monitored links.
Network taps are versatile and can go anywhere in a network. Meaning, anywhere a complete inline monitoring solution is not practical, taps can fit the bill and help augment the security of the network.
There is no way for hackers to compromise passive taps or effectively remove them from the link without causing a major outage. Additionally, taps can serve the purpose as a “cleanout,” a special pipe that gives you access to the traffic when it is needed.
More Information: Ixia Network Taps