<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.


Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.


The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners


Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.


Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.


Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Security Connectivity Report: Optimizing Network Design for Forensic Analysis

Malicious attacks can take an average of 256 days to identify while data breaches caused by human error take an average of 158 days to identify.

- Ponemon Institute’s Cost of Data Breach Study: Global Analysis

It goes without saying – the longer a security breach goes undetected, the greater the damage. As companies worldwide build out their incident response plans, many are investing heavily in forensic analysis solutions to better understand what systems were compromised in the event a breach occurs. Solutions like the FireEye Network PX Series Forensic Platform let security professionals quickly reconstruct the details of the attack and see what systems and records were compromised in the process.

As we all know from watching detective shows, forensic teams need to look at every shred of evidence to be effective. The same goes true for their InfoSec counterparts. If an IT forensic analysis tool doesn’t get all the network data – and years of it – it cannot possibly piece together what happened.

When beginning a computer forensic analysis and data capture project, security specialists must ensure that the appliance they use will be able to see every bit, byte and packet® of the traffic that flows in and out of the network. Therefore, a proper network design and connectivity plan is critical to ensure the success of the project.

Examine the Source

When it comes to collecting network data, most people believe that all sources of information are created equal. That idea just isn’t true in today’s busy networks. When traffic is routed from a live network element – even a switch – there is a good chance that the element itself will corrupt the transmission. They can change frame timing, introduce delays and/or drop packets, especially during unexpected traffic spikes. While it might not be a big deal in the grand scheme of network management, it can be a real problem if the lost or corrupted traffic held the key to deciphering the source of a breach.

Instead of getting traffic information indirectly from a network element – connect forensic appliances to the network itself. For example, a network TAP in bypass mode is a purpose built hardware devices that when inserted into the network will copy all the information that passes by it and send it to a separate appliance for analysis – all without altering it. While they are used to support firewalls and other in-line security devices, they are also ideal for ensuring that all out-of-band appliances receive 100% of the information that flows through it.

Choose your Network Entry Points

To quickly diagnose security issues, you need to collect data across your entire environment. When forensic analyzers are connected to the network at multiple points (in front of and behind the firewall; on either side of web servers; inside the datacenter), infosec professionals can compare the data to see where and how traffic changes from system to system. Armed with more information, forensic analyzers can spot and analyze suspicious activity – and hopeful shut down attacks before a theft can occur.  

Match the Network’s Physical Environment

When connecting forensic appliances, it is important to fit the network TAP to your environment’s exact specifications. Find out what type of cabling your network uses (copper or fiber) and the speed at which it runs (1G, 10G, 40G, 100G) and then choose the network TAPs that matches your configuration data.

The data capture element of a forensic analysis project works best when coupled with an optimized network design and connectivity plan. If you’re going to go through the effort of deploying a forensic analysis solution, why wouldn’t you do it right? Network TAPs represent a small percentage of the average security deployment project (5-10% max), however, their value to a security strategy is much higher. After all, if a forensic analyzer doesn’t see all the network traffic, it can’t solve the mystery or help companies limit their losses in the event a breach occurs.

If you’re getting ready to deploy a forensic analyzer FireEye and need help with network design, the designers at Garland can show you how to maximize visibility in the process.

IT security garland Technology tool deployment

Written by Chris Bihary

Chris Bihary, CEO and Co-founder of Garland Technology, has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance and security through the integration of network TAP visibility.



Sign Up for Blog Updates