Since virtually all attacks cross the network, security professionals need to make fast sense of what’s actually happening with their traffic. Easier said than done, however, given the challenges associated with:
Environments with high throughput traffic and limited data center space can find these challenges especially vexing and often settle for limited network visibility. They shouldn’t. An integrated solution from Garland Technology and Corelight can help organizations capture and analyze all of their network traffic at scale, reducing risk by dramatically accelerating both the speed and scope of security insights and operations.
Garland Technology’s compact, high performance network TAPs and Advanced Aggregators can reliably deliver a copy of network traffic to out-of-band Corelight Sensors, which transform the raw traffic into comprehensive network logs, extracted files, and custom security insights via the power of the Bro Network Security Monitor framework (aka “Bro”). The diagram below shows how the integration works:
Corelight Sensors add enterprise level functionality and support to the network analysis framework of Bro. Since the sensors come pre-loaded with Bro packages, you can have actionable traffic insights right out of the box. It's as simple as tapping a network link with a Garland Technology TAP and feeding the traffic to the Corelight Sensor.
The Garland TAPs ensure 100% failsafe packet capture, while the Advanced Aggregator allows for full control over traffic behavior through filtering, aggregation and load balancing. The Corelight Sensors can then extract and log all network traffic, organized by protocol, which makes it easy for SOC/DFIR team to investigate and resolve any security incidents.
High Speed Scalability
[Interested in learning more about the Garland Technology + Corelight Joint Solution? Watch our latest webinar]