.png?width=40&height=40&name=search%201%20(1).png){kind=small}
Congratulations on the deal closing! You worked it for several months and convinced Customer A to install your MSSP Sensor. This Sensor’s objective is to plug into the customer’s IT network, capture packets, and allow the Security Operations Center to analyze the data to respond to any threats to the network’s security. Your MSSP solution is effective and competitive. You’re confident you’ll close more customer deals this quarter. After a few days, the winning glow starts to wear off as you pursue other prospects. Until...
Buzz! Your mobile rings. There is an issue with the deployment at Customer A. Your field engineer can’t complete the install. The plan was to use the SPAN port on the Switch in Customer A’s network to connect the MSSP Sensor. Unfortunately, the field engineer is at a stand-still because the SPAN port cannot be configured. It’s an older switch and the employee who configured it recently left the company and left zero notes to reference. (Not cool.) Failure to install means the accounting department cannot invoice Customer A. It also means you’ll be receiving a call from your boss shortly asking about the delay. Your sense of riding high has now turned into an unexpected headache. What are your options?
First, don’t cancel your Pickleball appointment. Second, talk to your field engineer about the pros and cons of connecting the MSSP Sensor to the network via a SPAN port on the switch. There are several disadvantages using a SPAN port to mirror packets from the network and send the copies of packets to your MSSP sensor. You encountered one disadvantage: inability to configure the SPAN port. There are others:
These downsides will create doubt that the MSSP Sensor has full visibility into the network. Any blind spots in the network are a risk. You made a promise to Customer A that your MSSP Sensor and the Security Operations Center (SOC) will protect their network 24/7 without fail. There is a solution MSSPs are turning to that is more reliable than SPAN mirroring and strengthens the promise of securing customers’ networks: network TAPs.
The only way to guarantee 100% of data packets are mirrored to an installed MSSP Sensor is using a network TAP. A network TAP is a purpose-built device that is placed between 2 network appliances like a Router and a Switch or a Router and a Firewall. The TAP allows network traffic to flow uninterrupted between the 2 connected appliances and simultaneously sends an exact copy of the duplex traffic to a network tool - like your MSSP Sensor. Network TAPs do not drop packets or duplicate packets or change the timing of frame interactions. Network TAPs are a network visibility best practice and will become your field engineer’s best friend. (In full disclosure: TAPs are awesome but will not help you improve your Pickleball game.)
A network TAP can help resolve the deployment issue at Customer A. Simply follow the instructions to connect the MSSP Sensor using a network TAP. First, stop looking for any notes on the SPAN port configuration, Second, connect the network TAP between Customer A’s Router and Switch. Third, connect the MSSP Sensor to the network TAP. With everything connected properly, the MSSP Sensor will automatically receive copies of packets of the network traffic via the TAP. This may sound like an oversimplification but it is rather straightforward to get started, and begin seeing network packets.
Now let’s say Customer A insists on using the SPAN port on their switch. And you’re leary about connecting through the SPAN port based on my convincing argument earlier in this blog. No problem. There is a network TAP that will help. A network TAP with SPAN or regeneration mode allows you to take one SPAN link and copy the traffic to multiple tools including your MSSP Sensor. This will enhance the SPAN deployment and provide the benefits that network TAPs offer. Including network TAPs as part of the MSSP Sensor deployment can help ensure the installation goes smoothly and you can begin protecting the customer’s network immediately with no delays.
If your field engineer has no desire navigating the world of network TAPs, no worries at all. Network TAP manufacturers like Garland Technology are here to help. Leveraging the products and expertise of Garland can help solve any network configuration at customers large and small. Garland has a full portfolio of modular, easy-to-use network TAPs, with a wide variety of speeds and media types to reliably feed wire data to the MSSP Sensor. Garland can help architect visibility into any network configuration. Garland’s “TAP to Tool” philosophy puts the emphasis on the partner’s tool, such as your MSSP Sensor. We help ensure the MSSP Sensor can plug into any network configuration.
One more insider tip before you close this browser tab and check your 401(k) balance: Garland can also help during the pre-sales stage of a deal. We offer a complimentary Design-IT consult with a Garland Engineer SE. Our team of SEs can help a MSSP team understand customer requirements and develop a connectivity solution that delivers total network visibility. A 15-minute conversation over a video conference is all that is needed to get started. After the call, Garland will send you a Visio diagram of the solution and any supporting materials explaining the benefits of the recommended network TAP. Your ultimate goal is to fully protect your customers. Network TAPs from Garland will help you fulfill this promise by enabling the connectivity and visibility needed for your MSSP to deliver its security goals.
Looking to ensure MSSP Sensor installations go smoothly every time (or trade tips on the perfect Pickleball serve), but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.