<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

[Demo] Deploying an Active, In-line Security Tool

July 18, 2017

Watch our quick demo on deploying an Active, In-Line Security Tools!

In our recent Fuel User Group Webinar, Protecting the Core, we gave a demonstration on the ease of deployment and benefits of using a bypass network TAP with an active, inline device.

With a click of a mouse, you can very simply bypass the device, without taking down the network or losing data.

Why would you want to bypass your device and what are the benefits? Watch our 5 minute demonstration video to learn more.

In this short demonstration video, we will show you how to go from out-of-band passive mode to in-band, actively blocking mode with your in-line appliance.

You'll see how our forced bypass mode still collects all of the packets, while being mirrored to the monitoring ports of a NGFW. We'll take the link down and show you via our packet counter - no packet loss.

Watch the Demo Now!

The 3 Benefits of Installing a Bypass Network TAP During NGFW Deployment

1. Anytime and Anywhere Access to In-Line Device

With a remote control CLI/GUI interface, trouble-shooting issues just go a whole lot easier. No longer do you have to be onsite to figure out where a problem is occuring. With a simple, click-of-a-mouse you can take your active, inline device off-line and 'see' where the problem is - and still get all the data and traffic.

2. Quick Mean Time to Resolution (MTTR)

Identifying network vs. security issues can be a problem. By using a bypass network TAP, you immediately detemine if the issue is a result of the security tool. Simply take it off-line (breakout mode), if the problem stops - it's the tool. If the problem doesn't stop, look at other network causes.

3. Easy to Apply Patches and Maintenance

Imagine no more midnight madness maintenance and patch parties. The days of working off-peak hours to install patches and perform scheduled maintenance are long gone - at least for those companies with bypass network TAPs.

While this demonstration is focused on utilizing Palo Alto Networks NGFW, Garland bypass TAPs are vendor agnostic and can be used with any active, inline security tool.


To learn more about managing security appliances - while ensuring network uptime, read our free white paper, Managing the Edge of Your Network

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES