Interestingly enough, the promiscuous mode of VMware vSwitches and vNICs has long been the source of misinformation and controversy. It even bit the SE in the Network Instruments seminar, who commmitted the same mistake that many others have made. It would seem that the vSwitch under VMware can be set in an all-or-nothing promiscuous mode, but the more secure solution is to set up port groups and only set specific groups to promiscuous mode. Otherwise, promiscuous vNICs will be privy to network conversations they have no business hearing. The misconception that you can only set the entire vSwitch into promiscuous mode is the cause of a lot of confusion around VMware security.
Note that vTaps are not a separate product, but rather an extra doodad in the Network Instruments probe product line. Each probe and its vTaps require a separate license, but the license allows you to place vTaps in as many places as you need visibility, regardless of whether the traffic is on a virtual network or physical network. Most of all, vTaps are a lightweight way to see inside a virtual environment without impacting its performance and behavior. Let your external tools aggregate the data off the vTap and combine them with the data coming from physical taps.
Naturally, a virtual tap works only if the virtual switch can be put into promiscuous mode. VMware can be set up for either all ports or just certain port groups. Alas, Windows Server 2008 Hyper-V doesn't have this capability yet, though some Hyper-V users clearly want it.
The Network Instruments folks have a long history of leading the pack in capturing and analyzing network-level data in amazingly fine detail. My favorite tool is where Observer displays both halves of a TCP conversation with timing. The Network Instruments Virtual Tap (aka vTap) is yet another sharp blade in the Network Instruments Swiss Army Knife that is the Observer platform.
Test Center virtualization reviews: