Garland Technology ensures complete packet visibility by delivering a full platform of network TAP (test access point), inline bypass and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
Securing and monitoring your network is the ultimate goal. To accomplish this goal, teams utilize ICS security solutions designed to respond and manage threats in OT environments efficiently. To properly identify, detect, and respond to security threats and breaches, most ICS security tools focus on visibility, threat detection and monitoring, and asset visibility and management.
Implementing these security solutions, OT teams face complex challenges when it comes to architecting connectivity throughout these large and sometimes aging infrastructures that weren’t initially designed with network security in mind, including:
Fortunately these challenges have solutions. Optimized security and performance strategies start with 100% visibility into network traffic. And visibility starts with the packet.
A common access point for network visibility in OT environments has been from SPAN ports on a network switch. Many times an engineer will connect directly to intrusion detection systems (IDS), or network monitoring tools.
But today, in modern ICS networks there is a more reliable option to access network packets for security and monitoring solutions to properly analyze threats and anomalies - network TAPs.
Determining when you use SPAN ports or network TAPs comes down to a multitude of issues. And many times a combination of both is a visibility architecture reality. But there are some significant differences which affect the integrity of the traffic that is being analyzed, as well as the performance of the network traffic. Let’s review some of the pros and cons of each to help you decide what works best for your network.
A common visibility use case is to route mirrored traffic from a SPAN port on the switch to a security or monitoring tool. Port mirroring also known as SPAN (Switched Port Analyzer), is a designated port on a network switch that is programmed to mirror, or send a copy, of network packets seen on a specific port, where the packets can be analyzed.
The concept is simple enough — the switch is already architected into the environment. Just hook up your security solution. Done. But many times the simplest path isn't the best path.
High-level SPAN challenges include:
If dropping the packets isn’t an eye opener, did you know SPAN:
The SPAN concept may have sounded easy because it was available, but after weighing packet loss and altered frames, additional SPAN security considerations include:
The industry best practice for packet visibility are network TAPs (test access points). Network TAPs are purpose-built hardware devices that create an exact full duplex copy of the traffic flow, continuously, 24/7 without compromising network integrity.
Instead of connecting two network segments, such as routers and switches, directly to each other, the network TAP is placed between them to gain complete access to traffic streams. TAPs transmit both the send and receive data streams simultaneously on separate dedicated channels, ensuring all data arrives at the monitoring or security device in real time.
Following critical infrastructure’s guiding principles — you want your network to be built to last, while ensuring minimal to no network downtime. These concepts rest on the network infrastructure and visibility architecture. Incorporating best practices like network TAPs in your network will help you achieve these goals.
Looking to add OT visibility, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.
Chris Bihary, CEO and Co-founder and of Garland Technology, has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance and security through the integration of network TAP visibility.