Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Corelight

A Joint Solution with Garland Technology

Ask About The Joint Solution

Complete Network Traffic Analysis and Visibility at Scale

Since nearly all cyber attacks must cross the network, extracting security-relevant data from network traffic is essential across a wide range of security operations including incident response, threat hunting, and threat detection. Finding a way to reliably and cost-effectively capture all traffic and transform it into usable security data, however, can be challenging, especially in environments with limited data center space and high throughput traffic.


Garland Technology and Corelight have partnered to offer an integrated solution to this problem via Garland Technology’s compact, high performance network TAPs and aggregators that can deliver a complete copy of network traffic to out-of-band Corelight Sensors, which transform the captured traffic into comprehensive network logs, extracted files, and custom security insights via the power of the open-source Zeek Network Security Monitor (formerly known as “Bro”).


Both companies draw on deep, historical domain expertise to deliver best-in-class technologies: Garland Technology was founded by the inventor of the first Bypass TAP and Corelight was founded by the inventor and key developers of open-source Zeek.

Perimeter Deployment for Network Security  Monitoring and DNS Visibility

Many security teams today have limited to no security visibility into their DNS traffic at the perimeter, leaving them blind to attackers who hide in DNS traffic and use it to establish malicious C2 server communications, deploy malware, and exfiltrate sensitive data. For lean security teams, Garland Technology’s Copper TAP and Corelight’s AP 200 Sensor provide a fast, affordable way to capture DNS traffic and get quick, comprehensive
insights into potentially malicious DNS activity.


Garland Technology’s Copper TAP provides complete network visibility by passing and capturing all live wire data to active, inline security devices. Corelight’s AP 200 Sensor then transforms the captured traffic into protocol comprehensive logs, including rich DNS logs that provide critical security context missing from typical DNS server records, such as the content of the response. Corelight can also fork and filter the logs so you can send a complete copy of the logs to a SIEM for incident response, while sending a separate, DNS-only stream to a security analytics tool like the Real Intelligence Threat Analytics (RITA) to detect threats
like DNS tunneling and send those alerts on to your SIEM.

unnamed
Co-Location Deployment That Scales with Your Network

A Co-Location Deployment That Scales with Your Network

The scalable design of multi-network environments with satellite locations allows for easy deployment and management of remote sensors along with other monitoring and inline devices. At the primary location, Garland’s SelectTAPTM: Fiber Modular Chassis is tapping multiple links, sending traffic through the PacketMAXTM: Advanced Aggregator for aggregation and the PacketMAXTM: Advanced Features box for deduplication.

The remote location of Garland’s Edgelens® sends traffic back to the primary’s Advanced Aggregator using GRE tunnels to load the traffic to the two Corelight AP 3000 devices.

Network Visibility in the Public Cloud

Garland Technology provides traffic capture in the cloud, so corporate traffic in private and publc cloud environments including AWS, Google Cloud Platform, and Azure can be captured via the Garland Prism. The cloud traffic is transmitted to Garland, and then streamed to a Corelight Sensor to be transformed into logs, extracted files, and security insights.

Corelight Cloud Hybrid-111918

 

Corelight

Corelight offers a suite of network traffic analysis sensors that use a specialized version of the open-source
Zeek Network Security Monitor to ingest network traffic and transform it into rich network logs, extracted files,
and security insights. Corelight Sensors are available in both physical (1U) and virtual form factors (VMware and
Hyper-V), sized to support a range of network throughput speeds at 2 Gbps, 10 Gbps, and 25 Gbps.

Key Capabilities
  • All network traffic logged for security operations - Corelight Sensors extract over 400 fields of data from network traffic in real time across 35+ protocols from Layer 3 to 7 (HTTP, DNS, SSL, and much, much more. ) The logs provide nearly the fidelity of full traffic at less than 1% of the file size. Logs are organized by protocol with fields extracted specifically for SOC / DFIR teams so that they can make fast sense of their network to threat hunt and resolve incidents more efficiently.
  • Actionable traffic insights, Out-of-the-box - Corelight Sensors come preloaded with the Core Collection, a set of Zeek packages curated and certified by Corelight for performance and stability that provide specific threat detection, data enrichment, and operational insight capabilities, such as identifying port scanning behavior or extracting URLs from email bodies for filtering.
  • Zeek, made easy for the enterprise - Compared to open-source Zeek sensors, Corelight Sensors take minutes not months to deploy, provide up to 10x peak performance gains, and come packed with additional enterprise functionality and support from the creators and maintainers of Zeek.
Corelight200

Corelight Webinar

 

Corelight solution

 

TAP into Technology | Security

Leading the Way in Network Security
Building A Zero Trust Visibility Architecture

Building A Zero Trust Visibility Architecture

In response to rapidly evolving cybersecurity threats, Zero Trust, a concept that emerged over 15 years ago, is now a strategic priority for government network agencies. Following reports from the

How an MDR Service Provider Selects the Best Visibility Vendors

How an MDR Service Provider Selects the Best Visibility Vendors

As more organizations use managed detection and response (MDR) services, Garland Technology decided to find out how an MDR Service Provider selects the best vendors to partner with. Sherri Lloyd,

How to Troubleshoot the Network Part 2: Solving Network Forensics Problems

How to Troubleshoot the Network Part 2: Solving Network Forensics Problems

Part 1 in this two-part series on how to troubleshoot the network focused on the most common challenges you’ll face—connectivity, performance, and latency troubleshooting scenarios. And in a perfect