Full Network Vulnerability Scanning and its Importance

Security scanning of critical devices should be standard practice on networks, but what about other devices such as TAPs, Network Packet Brokers (NPB) and Bypass switches?

Network vulnerability scanning and remediation is very important to the security posture of your network.  The ability to proactively scan and identify current or potential attack vectors in the network should be included in the security policy.  The question to ask is “what devices/systems get scanned and how often?”   Many businesses tend to target their security scans on devices or software that’s most critical to their infrastructure.  These devices or software apps can include, but are not limited to, web applications, databases or mainly wherever sensitive information is stored.  This approach saves money, time, and network resources. However, there is a risk of exposure from vulnerable devices or software that are deemed less mission-critical, thus, they are not scanned.

Security scanning of critical devices should be standard practice on networks, but what about other devices such as TAPs, Network Packet Brokers (NPB) and Bypass switches?  All managed devices on the network should be scanned periodically for security vulnerabilities then profiled to note any changes made to the device.  Even small changes to the device’s configuration could be a sign of a larger breach or problem.  Network TAPs and NPBs are often deployed to manage connections and to feed data copies to tools for monitoring purposes.  These monitoring tools include but are not limited to Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Deep Packet Inspection (DPI) or metadata analytics tools.  Many of these systems are deployed in disparate network security solutions.  So, if an NPB or TAP were to be compromised, a nefarious actor could put in place changes that could shield the monitoring tools from detecting a cyber-attack. In addition, if this same network TAP or NPB is a part of a network security solution, then they should not be excluded from vulnerability scanning.

Managed network TAPs and NPB’s should always be scanned not only by the end-user, but also by the manufacturer.  Payment Card Industry (PCI) standards require at least one annual network vulnerability scan.  In practice however, it is best to scan quarterly and if the resources allow, even monthly.  If any vulnerabilities are found, please contact the manufacturer to patch issues out.  Since 2018, Datacom Systems has adopted vulnerability scanning to its suite of managed TAPs and NPB’s, quarterly.  Enterprise-grade vulnerability scanning tools keep us up to date on any vulnerabilities that the managed TAPs or NPBs may have and allows for proactive remediation of any issues before these units are deployed in the field.  For more information about our TAPS and NPB’s please visit us here.

Recent Posts


How to Troubleshoot Fiber Network TAPs

Network Taps are a crucial part of the tool kit used by engineers responsible for network security, performance, and capacity management. Taps are robust devices that rarely ever exhibit issues, but as with any network equipment – it may occasionally be necessary to troubleshoot them. In some cases this is an inherent part of a multi-layered process of elimination, but in certain circumstances the process might begin with the Tap itself. The following procedures are presented with Datacom Systems fiber Taps* in mind, but the general principles are applicable to all brands of Taps.

Read More »

We'll be Glad to Help You

For the latest information, product updates, and to check the status of your service agreement, please contact our support team