Designed to redefine how you secure the edge of your network, Garland Technology is excited to announce the launch of our new, high density EdgeLens®, an inline security packet broker that is purpose-built to manage the network’s edge.
At Garland Technology our best-in-class Network TAP and purpose-built packet broker solutions provide an innovative, industry leading 360° view for modern visibility fabrics, in which the new EdgeLens plays a critical role.
Garland understands that the edge of the network continues to be complex in terms of the number of inline tools required to secure a company’s’ critical assets and infrastructure. The inherent problem with inline tools it that in the event of a failure, they can bring down the entire network, potentially violating corporate SLAs.
We developed the new, high density EdgeLens to solve this very problem. By offering multi-segment 1G/10G bypass links in a 1U space, it can facilitate complete lifecycle management of up to four inline appliances, while also replicating traffic for use with out-of-band monitoring tools. The EdgeLens also allows for policy verification, historical lookback, speed translation, full bypass functionality, and Garland’s fail-safe technology.
4 segment 1G/10G bypass: Out-of-the-box configurable for both SR and LR applications. The 4 segments of bypass allows for the management of 4 inline appliances, while maintaining network uptime through inline device installation, policy verification, firmware updates, and hardware refreshes.
Traffic replication to multiple monitoring ports: A copy of the live, inline traffic can be captured at both ingress and egress, and distributed to out-of-band tools like a Network Analyzer, SIEM, or Application Monitoring tool.
Historical Lookback: Looking at packets before and after they pass through an inline tool can provide Network and Security teams with the data they need for real time events correlation, change verification, and root cause analysis.
The EdgeLens is also capable of providing some packet broker functionality, with external TAPs from other locations in the network feeding monitor traffic into the available packet broker ports as ingress links. The EdgeLens can then take that traffic and provide filtering, aggregation, and load balancing for all of these incoming sources of traffic, distributing it out to many different network tools for full visibility.
Want to learn more? Schedule a quick demo of the EdgeLens® today.
If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.
If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.
While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.
Some of you may have noticed a flaw in the logic behind this solution! You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.
Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.
Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.
Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.