You can use multiple taps/spans against one monitor.

Relevant to all versions.

Yes. A Network Monitor can monitor either:

• One Endace measurement card (which can have 2-4 input ports, depending on model)

          Or

• Up to 3 Network Interface Ports (NIC ports). (More are possible, but Symantec does not recommend it).

In general, a Tap will present 2 ports of traffic, while a SPAN will present a single port of traffic.

Additional information

There are 2 types of traffic load to be concerned with: unfiltered and filtered traffic (the traffic actually being monitored). The limits on NICS/Ports/Endace cards are as follows:

* An Endace installation can handle more than 700 Mbps of unfiltered traffic.

* A non-Endace installation can handle up to 80 Mpbs.

* In each case, this amount of traffic is the total traffic presented to all monitored ports.

* In either case, the filtered traffic should be less than 20 Mbps of traffic (2 x 3 Ghz system) to 40 Mbps (4 x 3Ghz system)

These limits were determined by running tests with a lot of traffic (unfiltered) and a small amount of filtered traffic and validating accuracy on the filtered traffic.

See also: 

TECH219648:  Can I Use Two or More NIC Cards on a Host to Capture Traffic?