Packet broker
A packet broker may also be referred to as a tap aggregator or traffic aggregator.
They may aggregate traffic from taps or from port mirrors.
Unlike traditional switches, a packet broker will use specific configuration rules to direct packets - it will ignore the source and destination ethernet addresses in the packets, and it does not need to build a MAC address table of the devices connected to each port.
Packet brokers often include extra features that are useful for the monitoring and security tools. The most common additional features that are used by Beeks Analytics are timestamping the packets, and VLAN tagging, which is adding an extra VLAN tag to each packet (commonly used to indicate something about the source of the traffic, e.g. which port is was received on). Some packet brokers will add metadata to the packets in a header or trailer to indicate which port the traffic was received on, in preference to adding a VLAN tag.
Some switches can operate in both packet broker mode and regular switching mode.