Garland Technology ensures complete packet visibility by delivering a full platform of network TAP (test access point), inline bypass and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!
Network-enabled sensors and devices, part of the Internet of Things (IoT), can be a boon to industrial operations. They help Supervisory Control and Data Acquisition (SCADA) systems automate processes and collect data such as humidity, temperature, and air pollution.
Today, IoT products are cheap and plentiful, making them fairly easy to procure and deploy. Some IoT solutions offer risks that can't be ignored, however. Network security experts have significant concerns about IoT devices, especially when they’re implemented in an infrastructure setting such as a power grid.
There are two distinct network security challenges regarding IoT-enabled infrastructure. The first has less to do with IoT solutions and more to do with the systems that control vital operations, such as utilities.
SCADA systems were built to do things like keep the lights on, maintain the flow of natural gas, and ensure that crops receive water. They were not designed to withstand network security threats. Moreover, it’s quite difficult to add security solutions after the deployment of SCADA systems. The most common SCADA system protocols (MODBUS and DNP3) are inherently insecure, and to make the situation worse, one breach at any point in the network within a SCADA system allows a hacker free reign. The long equipment life of SCADA systems gives them high ROI, but that doesn’t mean that network security staff regularly monitors vulnerabilities.
Security isn’t built into the design of many IoT products, either. Consumer IoT solutions are a special risk. Take the Nest thermostat, for example. In 2014, an engineering professor from the University of Central Florida led a team of researchers which succeeded in jailbreaking the device by loading software through the thermostat’s USB port. The next year, security researchers at TrapX published a report on how a criminal could hack the thermostat and gain access to other “smart” devices in someone’s home.
The Nest thermostat is only one vulnerable IoT product. Cars, medical devices, rifles, baby monitors, refrigerators, and even the iconic Barbie doll were all targets of hacks in 2015.
There are plenty of hackers and criminals who would dearly love to hack into utility grids. Some of them have succeeded. Just days before Christmas 2015, two of Ukraine’s power generating facilities were hacked. Eighty thousand customers were left without power for approximately six hours. Some experts have attributed the attack to Russian-designed malware.
Industrial IoT (IIoT) networks create a convergence between IT and operational technologies (OT). This convergence brings with it serious security risks.
IIoT networks can span many miles and include hundreds, if not thousands, of data points. Each of these data points is vulnerable to threats which could cripple an IT network. And not all of these embedded technologies allow software updates or patches which would protect the rest of the network.
Organizations undertaking smart grid projects are aware of these security challenges. Such projects are regulated by the Federal Energy Regulatory Commission. However, you do need to think beyond security defenses. Simple, common-sense precautions like segmenting networks and implementing firewalls will prevent soft attacks. But really you must go beyond perimeter defenses and, ironically enough, that starts with a passive approach.
Industry and Infrastructure should not be a target. They can take security measures which will protect them and their unique environments. One such measure is implementing network elements that spot any anomalies and deviations from normal behaviors through passive, real-time monitoring. Simple, listen only devices like a passive network TAP copy the data and send it to an analyzer or deep packet inspection (DPI) solution to alert organizations of possible breaches. Of course, first you need to know your baseline traffic in order to determine what traffic is normal and what is not.
Passive network TAPs are essential to industrial Ethernet connectivity because they are purpose-built, un-hackable and capable of enabling network monitoring without affecting traffic flow. In the industrial Ethernet sector, the majority of organizations are still utilizing 100M and 10/100/1000M copper networks. In the use case of requiring copper, Garland has specialized copper aggregation TAPs that are listen-only. These TAPs were made specifically for lawful intercept cases and are the standard for FBI Surveillance Protocols.
According to Chris Sistrunk, TAPs are a great way to gain visibility into a network, both to look for evil, but to also detect misconfigurations and devices with firmware problems. Chris writes in detail in his blog, It's a TAP about the 4 Considerations when installing a TAP in ICS.
The use of passive network TAPs combined with innovative monitoring solutions companies can work towards defending themselves from a critical infrastructure attack like the one in Ukraine.
Jerry Dillard, CTO and Co-founder of Garland Technology, leverages over two decades in design and engineering to ensure maximum performance within today’s network environments. Dillard, the inventor of the Bypass TAP, continues to innovate network visibility solutions worldwide.