Frequently Asked Questions

FAQs

Network Taps
SINGLEstream™ Link Aggregation Taps
VERSAstream™ Data Access Switches
Physical Layer Switches

Network Taps

Q: What is a Passive Tap?

A: Passive taps are network taps that will cause absolutely no change in the state of the link if the tap loses power. In the event of power loss, network traffic will flow uninterrupted as long as the network itself has power. Datacom Systems taps designed for Gigabit fiber links, 10/100 only, T-1/E-1 and DS-3 are passive.

Q: What is an Active Tap?

A: Active taps rely on a Fail-over system for power fault tolerance. If an Active tap loses power a set of copper relays will fall into a closed position to provide a passive bypass. When the passive bypass system is engaged a momentary interruption of link occurs. This can be kept to an absolute minimum by configuring the endpoint devices of the tapped link for PortFast or FastLearn.

Q: Is there such a device as a truly passive Copper Gigabit tap?

A: At this point in time no truly passive scheme for tapping copper Gigabit has been marketed by any manufacturer. All currently available copper Gigabit capable taps are Active devices and rely on relay based power fault tolerance systems.

Q: Do network taps introduce any significant latency into the tapped link?

A: The latency introduced in the link by any fiber or passive 10/100 design is equal only to that caused by actual length of the physical path through the tap. It is equivalent to adding only a few inches of fiber or copper cable to the actual link.

The latency introduced into links by the Datacom Systems copper Gigabit capable SS-1200 and SS-2200 series taps will depend on the nature of the traffic (packet size distribution and inter-packet gap) and will range from as little as 2.09 microseconds up to a maximum of 13.82 microseconds.

Q: What about added latency of the data copies going to the monitoring tools?

A minute amount of latency is added when packet copies are aggregated and/or regenerated out the monitor ports to the tools; it is minimal and measured in microseconds. Depending on what type of media conversion is done (media type of both link and tool) and the nature of the traffic (packet size distribution and inter-packet gap) – this figure will range from as little as 2.09 microseconds up to a maximum of 13.82 microseconds.

The packets themselves have timestamps from the network – field experience has proven that monitoring of latency sensitive traffic such as VOIP can be done effectively and accurately with both taps and Data Access Switch products.

Q: What is the “TCP Reset” or Bi-Directional feature in a tap and how is it used?

Intrusion Detection Systems (IDS) may have an option to use a feature known as “Active Response” when malicious traffic is detected. If an attacker uses TCP sessions, they can be reset by RST (Reset) packets that are sent to reset one or both hosts in a session from the IDS. In the case of UDP, a session can be broken by sending various ICMP packets to the host from the IDS box.

In some cases the IDS may need to use the monitoring NIC for this purpose. Enabling a Bi-directional traffic path in the tap allows the RST packets to renter the network through a tapped copper link. In the case of a tapped fiber link the directional characteristics of fiber taps will not allow this. The “any-to-any” feature of Datacom Systems configurable taps allows the RST packets to be sent out any available extra Monitor port of the tap and enter the network via a local network switch.

Q: Why isn't there a truly passive tap offered that allows bi-directional traffic or "TCP Resets"?

A: In order to introduce traffic injection into the network, there must be an actual bidirectional physical connection between the tap's monitor ports and the link itself. For this reason neither passive copper taps nor fiber taps can support bi-directional or be used with TCP Resets.

Q: What is auto-negotiation / speed sensing?

A: Auto-negotiation and speed sensing allows the port of a network device to automatically detect the speed and duplex setting of the link (10/100/1000 and half or full duplex) and negotiate link with the connected device. Due to a history of consistency and reliability issues with 10/100 Auto-negotiation network administrators and engineers often configure links that include 10/100 devices to 100 Full Fixed.

If two Auto-enabled devices fail to properly establish link they will typically default to a lower speed half duplex setting - serious performance issues on the link result. Also, if an Auto enabled device is connected to a device with Fixed settings they will sometimes initially establish link (and sometimes not) but will often fail to re-establish link of a port “flaps” on one of the endpoints or either of them is rebooted.

Q: Why is auto-negotiation relevant to a discussion of network taps or Data Access Switches?

All Gigabit capable copper taps negotiate, establish and maintain two separate links between the tap and the endpoint devices of the link. If one link endpoint device is only 10/100 capable and the other endpoint is 10/100/1000 capable then the taps respective tap assembly ports will each negotiate to the highest available speed – resulting in a speed mismatch and significant performance issues on the link. The required solution is to hard set the ports of both the endpoint devices and the tap assembly to fixed speed and duplex settings.

Data Access Switch products, although they are not subject to the speed mismatch issue because they are not used in-line, can face a different challenge. If simple non-aggregating passive fiber taps are used as the source of data to provide inputs to a Data Access Switch then the ports on that device must have Auto-negotiation disabled in order to accept data. But if other ports on that same device are used to accept data from SPAN ports or aggregation taps it is customary for Auto-negotiation to be used.
Datacom Systems configurable SINGLEstream™ and VERSAstream™ products include the flexibility to change speed/duplex and Auto-negotiation settings independently on any and all ports – providing a solution to these challenges.

Q: What is a “Potential Point of Failure” and why should it be considered as part of any network access design that includes taps?

A: All network hardware, no matter how reliable, must be considered as a device that could - in theory – need to be replaced if it malfunctioned. Network architects will assess the mission critical nature of any given link, what redundant or alternate data paths exist, and how service might be impacted if a service window were required to replace a device in that link.

In some cases an in-line device that has multiple links passing through it – e.g. a Datacom Systems Dual Link Aggregation tap – may be an appropriate choice. But a more conservative design might dictate that no in-line device should ever tap more than one link – thereby eliminating the possibility that two links might ever be impacted if such a device had to be replaced. The most conservative or lowest risk designs may even require that the tapping be done by a non-powered Physical Layer device such as a simple fiber tap and the task of aggregating the duplex data streams and making multiple copies for the tools be handled by a separate device.

There is no right or wrong answer for such question – it will be determined by the individual circumstances and priorities of the organization – but such issues should be considered.

Q: If I deploy my monitoring device using a network tap, will my monitoring device be visible on the network?

A: That depends on the model of tap that you use and how it is configured. If you are using a truly passive tap, such as the SS-100 or a fiber tap the answer is no. Gigabit capable copper taps that are configurable can be set up by the user to allow bi-directional traffic back onto the link. The monitoring tool will be visible only if the tap has a Bi-directional traffic path intentionally configured to allow this. The default configuration of these taps has bidirectional traffic disabled by default for security reasons. It can be changed only by an administrator logged in via Superuser mode.

Q: Are the taps equipped with redundant, load sharing power supplies?

A: Yes - all of our products including taps have this feature. In nearly all of our product s these supplies are also hot swappable.

Q: I want to install a large number of taps in a single rack but may have issues with the number of AC outlets required – how is this issue resolved?

A: The optional AC Power Supply model RPS-12-5-AC addresses this need. The 1U rack mountable chassis is equipped with two load sharing hot-swappable power supplies and contains 24 lead power connections to provide dual redundant power for up to 12 Datacom Systems network taps, SINGLEstream™ aggregation taps, or VERSAstream™ Data Access Switches.

Q: Is a 48 volt DC direct option available?

A: The Model PS-DC-1 is a rackmountable load sharing dual power supply converting 48 VDC to 5 VDC for All Datacom products that utilize external power supplies. This includes all non-aggregating network taps, SINGLEstream aggregation taps and VERSAstream Data Access Switches.

SINGLEstream™ Link Aggregation Taps

Q: What is an Aggregation Tap?

A: Aggregation Taps are network taps that can combine the copies of data from both sides of one or more full duplex links and send the "aggregated" copy of the entire transmission to a connected monitoring device. That receives it on a single capture/monitoring NIC. Datacom Systems aggregation taps are all in the product family known as SINGLEstream™.

Q: Why not just use a regular full duplex tap?

A: Traditional full duplex taps provide a dual stream of non-aggregated output – one monitor port for each side of the conversation. This requires use of “dual receive” devices, which have two separate monitor cards and combine the data streams after receiving it. Protocol analyzers, probes, and intrusion detection systems (IDS) of this variety are more expensive and are less common in today’s networks.

Many of the most widely used packet sniffer and IDS tools are based, respectively, on the open source Wireshark and Snort products - neither of which supports receiving on separate NICs and recombining the data. The SINGLEstream™ tap can combine the bi-directional traffic from a full duplex conversation into a single data stream, thus allows such tools devices with half duplex single receive monitor cards to be used in-line on full duplex links.

Q: Are there any situations in which a regular full duplex tap should still be used?

A: Yes. Certain tools monitor “conversation flow” on the network and perform analysis based on directional data – thus requiring that the Rx and Tx information be received separately. In other instances a specialized tool may be deployed that needs to see only the Inbound (Rx) traffic or Outbound (Tx) traffic but not both.

Avoiding lost packets due to oversubscription during aggregation is another example. Using aggregation taps in links that experience spikes exceeding 50% aggregate utilization of the maximum link capacity will result in packet copies being lost due to oversubscription. For example - a 1 Gig full duplex link that spikes at 60% will have 1.2 Gig of data to be aggregated and handed off on a 1 Gig Monitor port. In such instances it’s advisable to use a regular full duplex or non-aggregated tap and a monitoring tool that can receive and recombine the two streams of data.

Q: How can I keep from losing packets if I exceed 100% utilization when aggregating?

A: The SINGLEstream™ Aggregation Tap can aggregate up to 1000Mbps of data sustained at line rate. In the Gigabit fiber or 1000 Mbps environment it is possible to exceed 100% utilization if more than 1000Mbps of input is received at one time when the Rx and Tx of the duplex link are aggregated. To prevent exceeding 100% utilization, the aggregate total of Rx and Tx traffic – i.e. the overall utilization on the link itself- should never exceed 50%.

The SINGLEstream™ Aggregation Tap also includes a 1 MB shared buffer memory to account for very brief spikes of utilization over one Gigabit. If the tapped link is expected to routinely exceed 50% aggregate utilization then a non-aggregated tap is recommended.

Q: Is there a tap that can provide both aggregated and non-aggregated output?

A: Yes. Datacom Systems SS-1200 and SS-2200 series taps can be configured by the user to provide either type of output or on the higher port density models can even provide both simultaneously.

An additional benefit of this design is the capability for the tap to be reconfigured to accommodate growth in utilization. These taps can initially be deployed as aggregation taps but when utilization spikes begin to dictate the addition of a monitor card to the tool and a need for non-aggregated output - they can be reconfigured by the user to provide non-aggregated output.

Q: If I’m using a SINGLEstream™ Aggregation Tap and the link exceeds 50% aggregate utilization will I see packet loss on the link itself?

A: No. The link will continue to operate normally. If any packets were to be lost due to oversubscription they would be packet copies only – not the original data itself.

Q: Are large buffer memories the right solution for oversubscription in aggregation taps?

A: The answer is nearly always no – because most network tools can’t capture at 100% of full line rate.

The vast majority of tools rely on the onboard NICs of the appliance (i.e. the server running the capture/monitoring software) to receive the packets and send to disc those that will be retained. The front side bus speed and write-to-disc capability of even the best and most robust servers simply can’t keep up with the data rate of today’s Gigabit networks when utilization levels are high. If the capture device is doing software based filtering as a way to validate which packets to keep and which to discard the actual sustained throughput capability may be as low as 150 to 200 Mbps on a Gigabit capture tool.

If software filtering is not being used then a server doing full packet capture – e.g. the open source sniffer Wireshark or commercial products based on the Wireshark engine – then the throughput capability of such tools may increase to as much as 300 to 400 Mbps. Only when a specialized “enhanced capture card” is installed can the tool receive line rate data at full utilization without packet loss. These specialized NICs have large amounts of buffer memory and proprietary drivers – they are costly and in use only on a limited number higher end commercial capture/monitoring turn-key “appliances”.

What does this have to do with tap buffer memory? It’s simple. The tap buffer memory begins accepting packets when the aggregation chip set becomes utilized at 100% of line rate and then streams it out to the tool at line rate once utilization levels have dropped back down to the point where the chip set is not 100% subscribed. But this release of data form buffer memory is at a continuous 100% rate until the buffer is fully released. As we have seen above – the ultimate bottleneck in any capture/monitoring scenario is the tool itself.

Datacom Systems recommends using a regular full duplex or non-aggregated tap and a monitoring tool that can receive and recombine the two streams of data in any scenario where the utilization levels on the link will routinely be spiking at above 50% aggregate utilization. The flexible “any-to-any” feature of the SINGLEstream™ Aggregation Tap allows the user to reconfigure and change the monitor ports from aggregated to non-aggregated output. As utilization levels on the network increase over time the tap can be reconfigured to evolve with the network and additional monitor ports added to the tools to accommodate this growth.

Q: Why do Datacom’s link aggregation capable taps have more than one output (monitor port)?

A: In many network environments it is desirable and often necessary to have an IDS device monitoring a on a 24x7 basis. Additional monitor ports allow a protocol analyzer or other network management tools to access the same link on a permanent or as needed basis. This eliminates contention for access to the data. The extra monitor ports also allow redundant devices to be connected to the same link as a failsafe measure to prevent the loss of data in case one of the connected devices has problems or needs to be updated.

Q: What if my network links and my monitoring tools are not the same media type?

A: No problem. SINGLEstream™ Aggregation Taps come in a variety of media combinations that allow monitoring of fiber links with copper tools, copper links with fiber tools and are also available in several models with SFP based monitor ports that allow media type to be changed.

Q: Can I use an Ethernet switch with a SPAN or mirror port to accomplish the same thing?

A: In theory this is possible but there are a number of shortcomings to using such an approach. Network switches are designed to perform a variety of functions on the network. SPAN and mirror port activities take the lowest priority – sending copies of busy link traffic out a SPAN port can easily oversubscribe the port, resulting in lost packets. Additionally, network switches are managed devices requiring maintenance and an IP presence on the network. The SINGLEstream™ Aggregation Tap is transparent to the network and fault-tolerant, therefore it is more reliable and more secure.

Q: What happens to the link if the tap loses power - is this a power fault tolerant device?

A: All SINGLEstream™ Aggregation Taps are either inherently passive devices or have robust power fault-tolerance passive bypass systems. The SS-100 copper tap for 10/100 only and all of the fiber tap models feature “Never Breaks the Link” technology, meaning connectivity is never interrupted and the link never changes state, even when power is lost or being restored to the tap. Because power is required for the monitoring device to receive data from the tap ports, all models of the SINGLEstream™ Aggregation Tap come standard with a dual redundant power supply to ensure maximum uptime for network analysis and monitoring tools.

All Gigabit capable copper models – the SS-1200 and SS-2200 series, utilize a robust copper relay based power fault tolerance system that provides a passive bypass in the event of power loss. With the models it is recommended to set endpoint devices of the tapped link to Portfast or FastLearn thereby ensuring absolute minimum time for the link to re-establish itself when power is lost or restored.

Q: Where would I use an aggregation tap in my network?

A: Although ideal for Ethernet links where the total utilization is under 50%, the SINGLEstream™ Aggregation Tap may be used on any full duplex Ethernet link. The most likely locations on the network to deploy a link aggregation tap will be those in which probes or IDS devices need 24x7 visibility. These include the links between switches and critical servers, full duplex connections between routers and firewalls, and links between firewalls and a demilitarized zone (DMZ).

Q: Can I connect the output of a link aggregation tap to a matrix switch?

A: Yes – the output of a link aggregation tap may be connected to a matrix switch in the same manner as a SPAN port and the matrix switch can accept a mix of tap outputs and SPAN ports.

Q: Do aggregation taps forward VLAN tags through to the Monitoring tools?

A: Yes.

Dual Link Aggregation Taps

Q: Where would I use a SINGLEstream™ Dual Link Aggregation Tap in my network?

A: The SINGLEstream™ Dual Link Aggregation Tap is designed to tap two full duplex Ethernet segments where total aggregate utilization of full duplex traffic on both segments does not exceed 1 Gig. The Dual Link Aggregation Tap is ideally deployed monitoring is required for two segments that are “channeled” together, such as Cisco Ether Channel or Nortel Multi Link Trunking.

It is also effective when used in active/passive failover link pair scenarios where two identical network segments are set up for redundancy. If the active link fails – e.g. a firewall connection - the traffic fails over to the passive link. The Dual Link Aggregation Tap provides uninterrupted visibility to a single monitoring tool that can view traffic on both links.

Finally, asymmetric routing paths (used by routers) and load balancing (used by servers) are implemented to maximize bandwidth and performance. The SINGLEstream™ Dual Link Aggregation Tap can aggregate all the data from asymmetrically routed and load-balanced traffic on two network segments and allow monitoring tools with single receive interfaces to view all the data copied from both links.

Data Access Switches

Q: What is a VERSAstream™ Data Access Switch?

A: A Data Access Switch is a network device that allows connected network tools to access multiple points of interest in a computer network. Data Access Switches can combine data from multiple Ethernet network segments into one or more aggregated streams of data, perform port steering, and regenerate ports, so that multiple copies of data are available for multiple tools. The VERSAstream™ is Datacom Systems line of flexible “any-to-any” Data Access Switches.

With a VERSAstream™ a single connected network device, such as an intrusion detection system, protocol analyzer, or network probe can receive the aggregated data with just one network interface card (NIC). Network and security personnel are then able to monitor several network links simultaneously with as little as one monitoring tool. In many environments there are multiple areas of interest at the access layer or network edge that have either lower utilization or use lower speed data sources. The VERSAstream™ allows these data sources to be aggregated together and monitored by a single high speed or high capacity tool instead of multiple lower speed legacy tools. This reduces the overall number of tools needed and dramatically reduces the rack space required, while also lowering ongoing support and maintenance costs for monitoring tool software and hardware.

Q: Is the VERSAstream™ Data Access Switch an out of band or an in-line device?

A: The VERSAstream™ acts as a SPAN device. It aggregates network traffic from layers 2-7. Like most any IDS device or analyzer, it can be used in SPAN environments (by connecting it to the SPAN ports of a network switch) or In-Line environments (by connecting it to a network tap or link aggregation tap). However, unlike SPAN ports, the VERSAstream™ does forward VLAN tagging information.

Q: Why not just use a network switch to aggregate your data?

A: A managed network switch that is capable of spanning VLANs can in theory be used to aggregate traffic. If all that is required from the switch is to aggregate traffic, this might possibly be a useful, albeit more costly solution. Until recently switches were not capable of reassembling asymmetrically routed packet streams thus an environment with asymmetric routing, load balancing, redundant or failover requirements would not have been an ideal candidate for aggregating with a network switch. You must pay special attention to your switch model to determine if that switch can provide aggregation.

Even if a switch can be used to aggregate traffic, it will lose packets due to oversubscription when the SPAN reaches 60% to 70% of maximum utilization whereas the VERSAstream™ is an application-specific device that will aggregate flawlessly up to a 100% full Gigabit line rate with no packet loss.

Finally, a switch requires relatively complex setup and management to function as an aggregator. The VERSAstream™ Data Access Switch requires minimal configuration through a very simple Command Line Interface. Knowledge of a complex IOS is not necessary. It outperforms networks switches that are used as aggregators and allows for multiple copies of the aggregated data to be viewed, making it a much more effective, reliable, useful, and less costly solution to aggregate your network traffic.

Q: Why are the VERSAstream™ monitor ports configurable to be either inputs or outputs?

A: IDS devices and other security tools need to monitor the network on a 24x7 basis. Additional tools such as protocol analyzers or other network management tools may also need to access the same data on a permanent or as needed basis. The number of links that can be aggregated without risk of oversubscription or packet loss on the tool is contingent on both the utilization levels and the throughput capacity of the tool itself.

The configurable feature of the VERSAstream™ allows the user to customize and change the ratio of links to tools on an as needed and evolving basis.

Q: Does the VERSAstream™ add significant latency to data copies going to the tools?

A minute amount of latency is added when packet copies are aggregated and/or regenerated by the VERSAstream™; it is minimal and measured in microseconds. Depending on what type of media conversion is done (media type of both input and output ports) and the nature of the traffic (packet size distribution and inter-packet gap) – this figure will range from as little as 1.62 microseconds up to a maximum of 13.82 microseconds.

Q: Where would I use the VERSAstream™ Data Access Switch in my network?

A: It can be deployed in a 10/100/1000 or Gigabit fiber environment. In enterprise networks, 10/100/1000 environments are typically the network edge (between internal routers and switches). Gigabit environments are typically distribution and core (between external switches, routers, firewalls). The VERSAstream™ is available in a wide variety of media combinations and can accept inputs from 10, 100, and 1000 Mbps devices, so it can be inserted into virtually any copper or fiber Ethernet environment, depending on the model. The VERSAstream™ will allow multiple devices to monitor the same links, so anywhere contention is an issue will benefit from this product, typically security environments or mixed environments using network analyzers and intrusion detection systems.

Q: Does the VERSAstream™ Data Access Switch support multiple speed inputs?

A: Yes. It will accept all or any combination of 10,100, and 1000 Mbps inputs into the network ports on models with copper inputs and Gigabit on models with fiber inputs. The outputs or monitor ports, are 10/100/1000 Auto and will negotiate to match the NICs of the tools in use. This allows an attached Gigabit device to receive aggregated data from any combination of 10, 100, and 1000 Mbps network segments.

Q: What if my network or existing monitoring tools are not the same media type?

A: No problem. VERSAstream™ models are available with a mix of copper and SFP ports also with all SFP based ports to allow complete flexibility for mixing media types.

Q: How can I keep from losing packets due to exceeding 100% utilization when aggregating?

A: The VERSAstream™ Data Access Switch can accept and aggregate up to 1000Mbps of data sustained at line rate. In a 10/100 environment, only 10 or 100 Mbps is coming into each port, so the VERSAstream™ will never exceed 100% utilization (e.g. 8 ports x 100Mbps = 800Mbps). In a Gigabit Ethernet or 10/100/1000 environment, it is possible to exceed 100% utilization if more than 1000Mbps of input is received at one time. To prevent exceeding 100% utilization, the sum of all the ports should never exceed 1000 Mbps, which can be achieved by connecting fewer devices to the VERSAstream™, pre-filtering the data, or by reducing the traffic load of the attached network segments. The VERSAstream™ also includes a 1 MB shared buffer memory to account for very brief spikes of utilization over one Gigabit.

Q: Are large buffer memories the right solution for oversubscription in aggregation devices?

A: The answer is nearly always no – because most network tools can’t capture at 100% of full line rate.

What does this have to do with tap buffer memory? It’s simple. The tap buffer memory begins accepting packets when the aggregation chip set becomes utilized at 100% of line rate and then streams it out to the tool at line rate once utilization levels have dropped back down to the point where the chip set is not 100% subscribed. But this release of data from buffer memory is at a continuous 100% rate until the buffer is fully released. As we have seen above – the ultimate bottleneck in any capture/monitoring scenario is the tool itself.

Datacom Systems recommends using matching the aggregate total of input data carefully to ensure that the throughput capacity of the tool is not exceeded. The flexible “any-to-any” feature of the VERSAstream™ Data Access Switch allows the user to reconfigure and change the ratio of input ports to aggregated output ports. As utilization levels on the network increase over time the inputs can be aggregated in smaller groups and additional monitor ports added to the tools to accommodate this growth.

Q: What tools will work with the VERSAstream™ Data Access Switch?

A: Any 10/1000/1000 or fiber Gigabit capable tool can be connected but use of 10/100 tools may lead to packet loss due to oversubscription. The VERSAstream™ is platform independent and will leverage analyzers, IDS, IPS, probes, etc. from any hardware vendor.

Q: How can VERSAstream™ Data Access Switch allow network management and security personnel to view data from a packet as it travels across the network?

A: Through appropriate placement of a VERSAstream™ Data Access Switch (by connecting it to network taps and SPAN ports throughout the network), traffic from various points in the network can be aggregated into a single stream of data, so that a network analyzer or intrusion detection system can see the end-to-end path of packets as they travel through the network. The implementation and setup to analyze the traffic must be done through the analyzer or IDS software. The VERSAstream™ Data Access Switch simply sends the data to the connected device.

Physical Layer Switches

Q: Can I daisy-chain matrix switches?

A: Yes. The maximum number of matrix switches in a daisy chain is four, (four matrix switches with sixteen segments each). A few specific models – the 4x16SY-SX in-line fiber switch and the 4x16SY-BT in-line copper switch – support daisychain stacks of up to eight switches for a maximum density array of four tools shared among 128 segments.

Q: How does a Datacom Systems matrix switch impact the network if there is a power outage?

A: Maintaining your network integrity is one of the primary design tenants of every Datacom Systems matrix switch, and extensive field testing and experience has confirmed no adverse effects to networks after a power loss. When power is restored, the switch will return to the last position selected prior to the interruption. SPAN style matrix switches are out of band devices and therefore have zero impact on actual network traffic if they experience power loss or restoration

Q: Do Datacom Systems matrix switches function as active devices on the network?

A: No. Our matrix switches are designed to remain transparent to network activity. They do not have IP addresses. Matrix switches with the built-in Switch Control Server or Ethernet control ports can be assigned an IP address if desired for IP network access to the device, but they may also be used with the traditional serial control method where the COM port of a protocol analyzer or PC provides control connectivity to the switch.

Q: How can I control my Datacom Systems matrix switch?

A: Each matrix switch ships with our custom switch control software called MANAgents included in the box. If the software is configured correctly it will allow you to control your matrix switch from any Windows based machine that has the console loaded. You can download the software and instructions for installing and configuring MANAgents here. In addition to this most network analyzer manufacturers have built the control for our switches directly into their API. You can download the most current API Update here.

Cables

Q: Are Datacom Systems cables available in custom lengths?

A: Yes. All of our Control and Common Cables are available in custom lengths on request for a nominal charge. Contact a Sales Engineer or Account Executive for recommendations regarding connectivity and maximum cable length.

Q: What is the maximum length my control cable can be?

A: The distance of the control cable is limited by the distance the network analyzer or monitoring device can be from the matrix switch. There are two connections between the switch and the analyzer - the Control cable, which connects to the COM port for Serial Control purposes, and the Common cable, which provides a data connection to the monitor card for the topology being analyzed. The total cabling distance is determined by calculating the total length of all cables (the primary cables, daisy chain cables and any additional cables between the matrixes switch Network ports and the data access points such as SPAN ports). When all relevant cable lengths are added together the sum must be equal to or less than the maximum allowable distance for the topology in use (e.g. the Common cables, Daisy cables and cables from matrix switch to SPAN port must not exceed 100 meters when 10/100 Ethernet on copper is deployed).

Q: What cables are needed to attach a Datacom Systems matrix switch to a network analyzer?

A: Typically, in the case where a matrix switch is designed for use with one network analyzer, one Control Cable and one Common Cable are needed. In the case where a matrix switch is designed for use with two or more network analyzers, enhanced "Y" style Control Cables are needed for every two control ports, and a Common Cable needed is needed for every common port. You will receive all the cables you need to attach your matrix switch to your network devices. If you have an existing matrix switch and need cables, contact an Account Representative or Sales Engineer for help.

Q: What cables are needed to attach a Datacom Systems matrix switch to the network?

A: Connections to the female ports on a Datacom Systems matrix switch are made with the patch cables appropriate for the specific network environment (e.g., Ethernet 10/100BaseT, Ethernet 1000BaseT Cat 5e, multimode fiber, single-mode fiber, etc.)