LiveWeek 4 May 2018

Community Team Member

Question: What does a TAP interface do and how does it work? 

Answer: TAP interface is used to get a copy of all traffic across the designated port, any interface can be a TAP interface except management. 


Screen Shot 2018-05-05 at 10.41.41 AM.pngWe need a bigger board -- you agree? 

Expanding on that answer...  A network tap is a device that provides a way to access data flowing across a computer network. Tap mode deployment allows you to passively monitor traffic flows across a network by way of a switch SPAN or mirror port.


The SPAN or mirror port permits the copying of traffic from other ports on the switch. By dedicating an interface on the firewall as a tap mode interface and connecting it with a switch SPAN port, the switch SPAN port provides the firewall with the mirrored traffic. This provides application visibility within the network without being in the flow of network traffic.


When deployed in tap mode, the firewall is not able to take action, such as block traffic or apply QoS traffic control. 



More about TAP Interface

For more information, take a look at Reaper's extensive coverage of this topic in

What's a TAP interface and what can it do?

Want to know more? Leave a question or comment in the comments section and come to Ignite! @reaper



palo alto networks firewall in tap mode.pngPalo Alto Networks firewall in TAP Mode (


Got more questions?




Register for Ignite and join us in Anaheim May 21-24


More like that?

Question:  What happened to the chicken who successfully crossed the road? 

Answer:  That chicken was properly secured -- by Palo Alto Networks! Don't you know it?



Screen Shot 2018-05-06 at 8.57.55 AM.pngBruh Chicken steps out in style, confidently secured by Palo Alto Networks! (Rooster`s Walk Cycle, by Nickita Kobets on Mar 23, 2017)


Got Questions? #GetAnswers

Ignite: What's in it for me?

Know more. Learn more. Share more.


Visit your Live Community in


Booth 304 at Ignite '18

May 21-24 | Anaheim Convention Center


What else are the ol' chickens up to these days?

HenBox: Inside the Coop

 HenBox apps masquerade as others such as VPN apps, and Android system apps; some apps carry legitimate versions of other apps which they drop and install as a decoy technique. While some of legitimate apps HenBox uses as decoys can be found on Google Play, HenBox apps themselves are found only on third-party (non-Google Play) app stores. Read more...




Testing before investing

Does your new firewall prevent successful ransomware attacks? No single security product can successfully prevent ransomware on its own. As there are multiple stages in the attack lifecycle, there should be multiple layers of defense to prevent ransomware attacks. There is no silver bullet, but you should test for this capability before purchasing a new NGFW. Read more... 



The Power of XML API!

Ask Questions Get Answers Join the Live Community