<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
Skip to content

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

One Link, Multiple In-Line Security Appliances—What Can Security Architects Do?

The days when firewalls alone could defend corporate networks are long gone. 

Today, security architects are realizing that the most productive way to protect enterprise networks is to deploy active, in-line security appliances at the edge of the network for active blocking.

The problem is that there are many impressive specialized security solutions—but none of them can cover 100% of your security needs. Now, you need 3 or 4 security solutions, but how do you deploy that stack? A bypass TAP worked when you only had two in-line appliances between a switch and a router, but security needs are surpassing this use case.

Luckily, you can use the EdgeLens® to chain the edge and support 4 active, in-line devices for active blocking. Here’s how.

What Happens When a Manager Needs More In-Line Appliances than You Can Handle?

Imagine a scenario where you have two connections at the edge and a couple of connection to a DMZ or web server. You might have a bypass TAP here to hook up an intrusion prevention system (IPS), but management comes in and tells you that you need a DDoS appliance on that link, too. It won’t be long until you’re adding an SSL decryptor and data leakage protection solution as well.

With so many active, in-line security appliances to deploy on one link, you have a couple of options:

  • Plug the router into the DDoS, which plugs into the SSL decryptor, which plugs into the IPS, and so on. But just imagine the management nightmare trying to troubleshoot a problem on that in-line appliance string.
  • Use SPAN ports to connect all of these devices. From a connection standpoint, this might work. However, we’ve talked at length about the limitations of SPAN ports, which are magnified in this scenario.

These two ineffective connectivity strategies leave security architects needed a new answer. 

New Call-to-action

1G/10G Chaining the Edge—
The EdgeLens Use Case for  Multiple
In-Line Devices

Having all of these appliances stacked on a single link is a security architecture challenge that many professionals haven’t faced and, as a result, don’t have a strong strategy for. Chaining the edge with the EdgeLens network packet broker is the most efficient way to ensure network visibility and uptime in this situation.

The following EdgeLens use case is geared toward large, high-traffic enterprises (for example, in the retail or financial services industries):

Chainging with Multiple In-Line Security AppliancesHere, you see a 24-port EdgeLens setup sitting between a router and a switch at the network edge. This solution allows security architects to chain four in-line security appliances at the network's edge.

The EdgeLens supports bypass mode for each in-line security appliances. which enables network troubleshooting and guarantees network uptime even in this complicated use case. In this scenario, if there are network performance issues, each appliance can be moved from active, in-line to passive, out-of-band to identify the problem area.

Managing the Increasingly Complex Network Edge

The new network reality is a hybrid network supporting internal business apps and cloud-based solutions—all of which function at the network’s edge. If you want to manage and secure these applications and solutions, you need a more efficient way to connect in-line and out-of-band devices.

To learn more about the new world of network edge management, download our free white paper, Managing the Edge of the Network: A New Necessity for Security Architects.

Written by Chris Bihary

Chris Bihary, CEO and Co-founder of Garland Technology, has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance and security through the integration of network TAP visibility.

Authors

Topics

Sign Up for Blog Updates