Garland Technology ensures complete packet visibility by delivering a full platform of network TAP (test access point), inline bypass and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
Monitoring tools thrive off the data they are given. We are all familiar with the phrase — you cannot protect or troubleshoot what you cannot see.
Proper data access or visibility is critical. Many times this is pushed to the last step in the deployment process. Some assume there is an available SPAN port that will power the analyzer, threat detection or performance monitoring tools being incorporated. Instead of an afterthought, don’t forget the base — visibility is the foundation of your solution.
As you may know, there are two basic visibility choices for delivering packet data to out-of-band tools. Either accessing that data directly from a switch-port analyzer (SPAN) or through a network TAP.
Network TAPs are purpose-built for visibility. That’s what they do. Widely considered best practice, TAPs offer important advantages over SPAN — they are more reliable, don’t impact the performance of the network device, and do not drop packets. But the bottom line is they provide complete packet visibility. Tools can’t function properly if they aren’t receiving all the physical layer errors, supporting jumbo frames, the complete header and payload that network TAPs provide.
Virtual environments are trying to catch up but the concept is the same. Your tools need that packet level data to ensure the latency and performance issues are not passed on to the end user experience. Luckily, tapping virtual environments are even easier to add than you may think.
Oversubscribed tools are costing you money, either dropped packets are missing potential threats or by having to purchase more tools to compensate for the high traffic demands. Determining which data is needed comes into play here, allowing you to filter out the traffic you do not need to monitor or duplicated traffic that is burning unneeded processing power — allowing you to focus on high value traffic.
Filtering out irrelevant network traffic that tools don’t need to inspect is commonplace for network packet brokers. Did you know you can filter layers 2-4 from a TAP? The customer I was referring to earlier who was having VoIP latency issues installed filtering TAPs that copied only VoIP traffic directly to their monitoring tools. This cut down on additional processing and oversubscription issues they were experiencing to properly monitor.
This is also very useful in troubleshooting high bandwidth critical 1G or 10G links that may be running at 50-60% utilization. Just TAP into the link, and filter out what you don’t need. If you are incorporating network packet brokers (NPB), this further reduces ports usage, further extending the life of your NPB.
Adding a purpose-built deduplication solution reduces the processing load to security or monitoring tools by removing duplicate packets, and extends the life of the tools by reducing traffic volume which can typically make up over 50% of network traffic.
Network TAPs and packet brokers have many advantages over SPAN as far as packet quality but there are even more network architecture options to help reduce complexity and provide the speeds and feeds your tools need to get the job done right.
In certain network segments where network access or SPAN retention is an issue, network TAPs can create 1:3, and 1:5 copies of tapped traffic and 1:3, 1:4, 1:5, and 1:7 SPAN port copies to various tools. TAP regeneration allows you to extend your visibility reach.
Similar to packet broker aggregation, consolidating on the TAP level can streamline smaller networks as well as feeding into a packet broker for even further traffic aggregation. Taking in 2:1, 4:1 TAP links and 8:1 SPAN aggregation links, reduces the ports needed on your monitoring tool or packet brokers.
Packet Broker Aggregation and Load Balancing
Feeding your TAP links into packet brokers for traffic aggregation and load balancing improves ROI by reducing administrative overhead, improving performance, while improving tool collaboration and data sharing, reducing the cost of the overall visibility solution by utilizing those lower speed tools.
Better Visibility and Optimization Improves MTTR and Troubleshooting
Now that you have instrumented the proper visibility fabric of TAPs and packet brokers, ensuring no dropped packets or blindspots. Optimized the speeds and feeds that are grooming the traffic for your monitoring and security tools. Now you are able to focus on what the initial goal is — securing and monitoring your network.
This improved visibility and higher tools performance leads to lowering mean time to resolution (MTTR) and Troubleshooting, enabling better:
IT teams rely on tool performance to ensure the network is running properly through security and performance analytics, ultimately leading to a good end user experience. Scenario’s like our VoIP latency customer are all too common. So keeping in mind these 3 visibility tips will not only provide complete packet level data, leading to improved monitoring and security tool analytics, but also save budget through extended reach and usage of lower speed tools.
Looking to get more out of your existing tools, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.
Chris Bihary, CEO and Co-founder and of Garland Technology, has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance and security through the integration of network TAP visibility.