Garland Technology ensures complete packet visibility by delivering a full platform of network TAP (test access point), inline bypass and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
In most parts of the world, power, water, and waste utility services can be taken for granted. Need to light up a room? Just flip a switch, and you have electricity. Hands need washing? Just turn the faucet, and there’s the water. Sink full of dirty water after scrubbing dishes? Just send it down the drain. No fuss, no hard labor.
It’s easy, right?
Not entirely. There’s a lot of work that has to be done behind the scenes to ensure that we receive the utility services we’ve come to depend on for our own well-being. We need power plants of all kinds – powered by fossil fuels, nuclear fuels, and renewable energies – to produce the electricity we use to control the temperatures of our homes and businesses and to operate the computers, control systems, machinery, and so many other things that improve our lives and support the economy. We need water utilities to provide us with water for drinking, washing, and other vital functions. We need wastewater management to help keep our homes, workplaces, and public spaces clean and protected from disease and contamination. If we want these benefits, we have to hire the people and build the systems needed to run the utilities and keep them in good working order.
Doing so is no easy task. It takes time, effort, and money – and inevitably, as profit and non-profit utilities invest time, energy, and money into their operations, they will always be looking for ways to conserve resources without compromising their service.
Mechanization and digitalization can help, but so can the internet. If utilities install connected information technology (IT) and operational technology (OT) systems and other sophisticated tools such as cloud computing, they can optimize their inputs even as they continue to provide output – that is, services to customers. What’s more, if they take advantage of sophisticated artificial intelligence (AI) solutions that analyze the data that their connected systems collect, they may even be able to optimize their services in ways that offer extra benefits to consumers.
But unfortunately, connection comes with vulnerability. High-tech solutions make power providers vulnerable to cyberattacks, as McKinsey & Company noted last November. Likewise, they represent significant challenges for water and wastewater utilities, as the Water Information Sharing and Analysis Center (WaterISAC) pointed out last December in the wake of the SolarWinds cybersecurity breach.
In the face of these threats, the U.S. government and European Union (EU) has concluded that utilities warrant protection, since they provide services that are difficult (and hazardous) to live without. Indeed, the Cybersecurity and Infrastructure Security Agency (CISA), a unit of the U.S. Department of Homeland Security (DHS), and the EU’s Directive on security of network and information systems (NISD) numbers power generation, nuclear plants, and water/wastewater among the 16 sectors designated as critical infrastructure.
But what kind of protection?
To answer that question, we’ll ask another: What do these utilities need to protect?
The answer to the question is: the OT and IT systems that support the operations of the utilities, along with the equipment and devices managed by these systems. This is no simple matter, since utilities have to operate multiple physical facilities in order to serve customers. Water companies, for example, must maintain reservoirs, collection points, purification facilities, storage tanks, pumping stations, and networks of supply pipes, as well as administrative offices. Similarly, transmission system operators (TSOs) have to keep long-distance transmission lines, substations, connections to both power plants and local distribution lines, transformers, other equipment, and administrative offices running. Meanwhile, utilities of all types usually operate facilities that are scattered across wide geographic areas. And to top it off, their customers expect reliable, 24/7 performance, even in adverse situations such as storms and droughts.
Utilities are, then, operating under conditions that present serious challenges for cybersecurity professionals. They operate multiple physical facilities, each with their own IT networks and industrial control systems (ICS), that are separate from each other. They are responsible for extensive infrastructure systems, some of which are outfitted with Industrial Internet of Things (IIoT) devices.
Additionally, like their counterparts in other sectors, they often rely on OT systems that have inadequate protections and are poorly integrated with IT systems. They may, for example, rely on legacy switch SPAN ports that aren’t secure, reliable, or available. They may lack appropriate traffic aggregation systems or require unidirectional connectivity. They may face different speed or media connections.
In other words, cybersecurity specialists who work for these utilities must be prepared to confront an environment with multiple points of entry for hackers and cybercriminals and varying levels of security among these points of entry.
So what’s the best way to safeguard these complex environments
Obviously, risk reduction is necessary. But for utilities, it’s important to make sure that the risk reduction solutions in use can detect threats in real time and with optimal operational visibility.
The necessity of threat detection is obvious. Security breaches happen, and they have to be identified and confronted. That’s why threat monitoring solutions are designed to detect all kinds of anomalies, ranging from malware to malfunctioning devices to neglected firmware updates. That’s why these solutions operate on a continuous basis, not just intermittently.
But why is real-time capability important? In the case of utilities, it simply isn’t optional. The stakes are too high, given the vital nature of the services involved, to risk interruptions in service. As such, cybersecurity teams need to be able to monitor adverse events as they happen, not later (Moreover, they ought to be ready for those adverse events before they happen, so their security strategy should include practice and preparation – that is, proactive mitigation and predictive attack scenarios).
And why is operational visibility so important? To answer this question, consider the fact that it’s a fundamental best practice in cybersecurity to have a system inventory of all the networked devices and ICS being monitored. That inventory allows cybersecurity teams to determine what facilities are connected to the network and who is active on the network. In turn, visibility solutions give cybersecurity teams a visual representation of that information. As we’ve mentioned before, you can’t secure what you can’t see!
But visibility solutions necessitate the implementation of fundamental best practices in visibility architecture. To achieve that, you’ll need to eliminate blind spots in the network so that ICS security tools can detect threats and anomalies and conduct continuous monitoring. After all, those tools can only do their job if they can carry out complete analyses of packet data visibility – and for that, you’ll need to deploy network TAPs, air-gapped virtual TAPs, and data diodes with your security and infrastructure strategy.
Are you responsible for keeping utility assets secure and unsure of where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.
Neil is a Systems Engineer at Garland Technology focusing on customer challenges with network visibility such as resilience, interoperability, and integration into data center topology. Wilkins is a seasoned network professional with 30 years of experience globally within the computing industry, in product marketing and technical support, for both the commercial and public sectors