Garland Technology ensures complete network visibility by delivering a full platform of network test access point (TAPs) and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
Palo Alto Networks Next Generation Firewall has a flexible deployment, meaning different methods of deployment will work. Our partner, Cloud Harmonics recently authored a blog for us on this topic.
In this demonstration video we dig a little deeper and show you how to deploy your NGFW in Vwire mode, which allows it to be active, in-line, while still invisible to the network.
Your Palo Alto Networks NGFW needs to be active-inline in order to do it’s job of blocking and preventing external threats.
Vwire mode is the most common and best deployment mode because you can see the direction of the network traffic and enforce security settings with real network data. Now, couple Vwire with a bypass network tap - this is the recommended best practice by Cloud Harmonics, Palo Alto Network’s US distributor.
Why is this a best practice?
One disadvantage of a NGFW is that there is no failsafe built into the appliance, meaning if there is a power outage or appliance issues your network is down. Bypass network TAPs by Garland Technology have this failsafe feature built into each one.
Figure 1 - Move new NGFW to in-line, active via the Network TAPs Bypass Mode, which has a built in failsafe.
Vwire mode deployment coupled with a bypass network TAP is a best practice because it benefits the entire lifecycle of an appliance, including: POC, validation & deployment, and troubleshooting - with only taking the mission critical network down once, at initial deployment.
A bypass tap is invisible to the network, during proof of concept (POC) it sees all directions of the traffic - as if it was inline, allowing the you to write policy because the traffic direction is known and is based on ‘real and observed data'.It takes away the headache of cutover and allows you to 'test your policy' by having the NGFW process traffic as an inline device, while providing the ability to put it back to virtual inline when troubleshooting potential problems - all without affecting production traffic.
With one-click your NGFW can go from in-line to off-line/out of band for POC, troubleshooting and for failover protection. Before you deploy your NGFW, consider your connectivity options - and what the best long term solution is for 100% network visibility and uptime.
Garland Technology is technology Partners with Palo Alto Networks and a founding member of the Fuel User Group. View our joint solutions and past webinars.
Mike is a Senior Hardware Engineer at Garland Technology.