<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
Skip to content

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Fewer Surprises Make Better Technology Deployments

Summary

Gift giving, like new IT & OT network technology deployments, can go sideways when the surprises are disappointing. This blog discusses common surprises we the Garland engineering team hears from customers in the field when relying on SPAN mirroring for copies of packets sent to out-of-band tools.

Intro

I remember it clearly. Christmas 1982. I was 6 years old. I wanted only one gift from my parents that year: Masters of the Universe Castle Grayskull

As the big day grew closer, I knew exactly what was in that large box under the tree. I just knew it. It was the precise shape, size, and weight of the Castle Grayskull box.


Finally, Christmas morning came.

Tearing off the wrapping paper with the fury of Battle Cat’s roar, I was dismayed to find the exact opposite of Castle Grayskull.

That day, I became the unexcited owner of a new winter coat (the one with the furry hood that makes your neck itch nonstop). Sadly, the famous fortress on Eternia remained just a wish.

But, a winter coat wasn’t what I wanted. I wanted the most famous playset of all time! I spent the next couple of weeks disappointed. Even depressed.


Disappointment is tough, whether you're 6 or 60.

When managing an OT and IT network, surprises are the last thing you want, especially when deploying a new Packet Capture, NDR, or OT security sensor on your network.

Tons of time and resources are invested into identifying and reviewing options before purchase. So when deployment goes awry, you’re left wondering, “Why am I not getting what I wanted?”


Network switches are a common source of surprises.

If you’re using a SPAN port on a network switch to create and send copies of network data to your Packet Capture, NDR, or OT security sensor, you may be in for a surprise ... just like I was in 1982.

Mirroring packets off a SPAN port can quickly turn a deployment into a disappointment. As the big day grows closer, you may uncover one of these scenarios:

The existing switch is unmanaged.
The existing switch is already configured and re-configuring it is not an option.
The SPAN mirroring port is bi-directional and may become a point of vulnerability.

All three will delay an installation - some longer than others.

TAP-vs-SPAN-Everything-You-Need-to-Know-CTA

Even if existing switches are available or new ones are in stock and ready to ship, there’s a laundry list of issues with relying on SPAN ports to feed your tools:

They don’t receive all of the data - specifically jumbo frames and packets with errors.
They can cause network delays, latency, and timing issues.
They can alter the time relationships of frames, spacing, and response times.
They are bi-directional and therefore create a risk of traffic flowing from the out-of-band security or monitoring tool back into the network. (Particularly frustrating if you are trying to adhere to regulations like NERC CIP.)

Network TAPs and Data Diode TAPs are a more reliable way to connect tools to an OT or IT network. They can quickly get an installation back on track and help avoid disappointed stakeholders.

What is a TAP?

A TAP is a physical device that sits between two other network appliances (like a switch and router). Traffic flows full speed through the TAP while it simultaneously copies the packets and sends the duplicates off to security and monitoring tools / sensors for further inspection.

Still shopping for a stocking stuffer?

Our mini Field TAP is about the same size as a deck of playing cards. We also offer portable and modular TAPs (and Data Diode TAPs) that fit perfectly under Christmas trees, beneath Hanukkah displays, and neatly within server racks.

Don’t disappoint your engineers this year with another well-intended winter coat.😀


Glossary

NERC CIP: The North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) Standards - NERC CIP v5.

Network TAP (Terminal Access Point): A network TAP is a purpose-built hardware device that allows you to access and monitor your network traffic by copying packets without impacting or compromising network integrity.

Port Mirroring: Also known as SPAN (Switch Port Analyzer), are designated ports on a network appliance (switch), that are programmed to send a copy of network packets seen on one port (or an entire VLAN) to another port, where the packets can be analyzed.

Eternia: The fictional planet where He-Man and Skeletor square off in epic battles of good versus evil.

New call-to-action

Written by Jason Drewniak

Jason Drewniak is the Vice President of Marketing and Business Development at Garland Technology in the Buffalo, New York office. His experience building brands and delighting customers covers a variety of tech-forward products like computers, toys, and beer. At Garland he is responsible for educating network stakeholders about the "Garland Difference!"

Authors

Topics

Sign Up for Blog Updates