Garland Technology ensures complete packet visibility by delivering a full platform of network TAP (test access point), inline bypass and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
In our recent blog about Zero Trust, we spoke about how the US government is rapidly transitioning to Zero Trust security architecture. This includes new guidance, reference architectures, and mandates from the administration and CISA for agencies to develop and meet the five “specific zero trust security goals,” by the end of September 2024.
Three out of four companies planned to switch to Zero Trust back in 2019, and although 2020 may have disrupted their plans, the events of the last few months have shown an increasing need for new security approaches.
Defense in depth was a characteristic of older security approaches—you’d have many applications performing overlapping jobs. Zero Trust doesn’t necessarily mean ripping out and replacing all your security tools, but many may be reviewing which approach is best for their goals. Now the goal becomes how to minimize the attack surface, improve data auditing and compliance visibility, and reduce network complexity and cost.
Let’s review how you can increase the effectiveness of Zero Trust by simplifying your approach.
One thing you may ask is, “how many of my security tools are designed only to mitigate threats that come in through the network?” You have your firewall, SIEM (Security information and event management), IDS (Intrusion detection system), IPS (Intrusion prevention system), DLP (Data loss prevention), and so on, all focused on an attacker who might try to jump in through an exposed port.
What’s equally likely to happen is that a user will connect their laptop to the network, and an attacker will send it a phishing email taking advantage of an unpatched vulnerability. From there it can move laterally, cleanly bypassing your perimeter.
The Zero Trust principle of “never trust, always verify” means that end-user devices, including personal computers and mobile phones, should also be looked at as a source of potential threat. Personally-owned devices should not be exempt from the policies that enforce Zero Trust—if anything, they should be trusted even less.
This concept also applies to those security tools in the stack. Production networks with out-of-band network performance, threat detection, and security monitoring tools process packet data moving between network segments like servers, routers, and switches, to ensure these endpoints are secure.
Providing this packet visibility through unidirectional data diode TAPs, ensures traffic between the network and an infected endpoint or monitoring platform, can’t move laterally by traversing back into the live network. In short, using a data diode TAP means that you can help enforce Zero Trust just by enhancing your visibility architecture.
If there’s a lesson from the section above, it’s that you can begin to implement Zero Trust security while keeping much of your existing security suite, and without purchasing much in the way of new tools or applications. As far as new infrastructure is concerned, the major emphasis should be on making sure that an expanded volume of data is made available to your existing security tools.
Zero Trust will inevitably require new tools, however, even if you’re starting small elements of Zero Trust—such as adaptive access, automation, AI, and micro-segmentation—will require new applications to support them. Can Zero Trust infrastructure truly be described as “simplified” if it requires these new tools? How will these new tools impact operating costs?
Good news on the cost front: reports from Forrester Research show that companies implementing Zero Trust can reduce their overall security costs by over 30%, even though the framework involves the potentially costly introduction of new security devices. How does this work?
The major benefit here is that many of the improvements introduced by Zero Trust security are labor-saving. A SOC using technology from one or two generations ago might need the full-time attention of three full-time personnel. You’d need a person to receive alerts, a person to filter out the false positives, and a person to mitigate the issues that weren’t false positives. All these changes with automation.
For example, part of your Zero Trust solution might take the form of an analytics tool that compares the traffic on your network to traffic in other networks. It then teaches itself to recognize “normal” traffic and alerts on any traffic that appears abnormal—such as a networked surveillance system starting to send DNS calls outside your perimeter. This kind of system can flag anomalies more accurately than your old three-person SOC team and will flag fewer false positives.
In addition, you can streamline or breathe new life into some portions of your existing infrastructure. It’s not that you’ll no longer need a firewall—you still will—but now you can leverage improved visibility performance, load balancing, and aggregation to better utilize these tools.
According to Microsoft Security Zero Trust Survey 2020, 35% of participants agreed ‘Simplifying security stack” as a key factor to improve overall security posture.
Today’s federal and enterprise security stack architecture incorporates many inline tools and out-of-band monitoring tools creating complex challenges for management, as well as reliability challenges by introducing many vulnerabilities for single points of failure (SPOF).
Simplifying the management of these tools, while reducing complexity and vulnerabilities are important factors for zero trust deployments.
Utilizing an EdgeLens Inline Security Packet Broker helps reduce those challenges by managing both inline and out-of-band tools from one access point, reducing complexity and SPOFs, while ensuring complete packet visibility.
Instead of relying on switch SPAN or external network TAPs for the various monitoring tools like Intrusion detection systems (IDS), forensics, threat hunting, packet capture, storage, and network detection and responses tools (NDR), that are placed around the network. You can now enjoy full packet visibility and ensure no dropped packets through unreliable SPAN or introducing additional SPOFs. This also reduces the number of security and performance tools needed, as you can aggregate and optimize traffic.
Some vendors accomplish this by deploying external bypass TAPs paired with network packet brokers. Garland integrates the Bypass TAP and packet broker in one elegant solution, providing unique capabilities and reliability, including tool chaining, load balancing, and high availability (HA).
Garland’s EdgeLens is designed to contribute to lowering the cost of security by helping to enable Zero Trust. It does this by managing the availability of the whole security stack—providing bypass, HA, and TAP visibility to your out-of-band security and monitoring tools. This helps keep your stack simple. You can use your security tools as inline devices, which is simplest while eliminating the risk of a costly outage. If your tools go offline for any reason the Bypass TAP functionality will automatically ‘bypass’ the tool, keeping your network up while you resolve the issue.
Looking to simplify your security tool deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.
Harry is Garland's Director of Federal Operations. With over 30 years of experience in sales, marketing, and channels, Harry brings a wealth of knowledge and expertise working in the Federal space to Garland Technology.