A network tap is a hardware device which provides a way to access the data flowing across a computer network. Computer networks, including the Internet, are collections of devices, such as computers, routers, and switches, that are connected to each other. The connections can utilize different technologies, such as Ethernet, 802.11, FDDI, and ATM. In many cases, it is desirable for a third party to monitor the network traffic between two points in the network, point A and point B. If the network between points A and B consists of a physical cable, a network tap may be the best way to accomplish this monitoring. The network tap has at least three ports -- an A port, a B port, and a monitor port. To place a tap between points A and B, the network cable between point A and point B is replaced with a pair of cables, one going to the tap's A port, one going to the tap's B port. The tap passes through all traffic between A and B, so A and B still think they are connected to each other, but the tap also copies the traffic between A and B to its monitor port, enabling a third party to listen.

Network taps are commonly used for network intrusion detection systems, network probes, RMON probes, packet sniffers, and other monitoring and collection devices and software that require access to a network segment. Taps are used in security applications because they are non-obtrusive, are not detectable on the network, can deal with full-duplex and non-shared networks, and will usually pass-through traffic even if the tap stops working or loses power.