TAP -> TOOL
- Advantages of the Joint Solution
- Legacy Architectures
- Distributed Networks
- Proof of concept
- ICS Village video
- Full PDF Solution Brief
• Minimize risks to ICS/OT environments and maintain optimal device utilization by transferring the monitoring demands to systems and devices that are not critical to the infrastructure.
• Reduce network downtime and monitoring solution deployment time with easy inline deployment options that require zero configuration changes to existing infrastructure.
• Comprehensive asset visibility supported by virtual or physical appliance options for deployment within hybrid environments enabling detection of ICS/OT security threats regardless of the infrastructure used.
• Easy configuration and deployment options ensure that network infrastructure reliability is maintained and implementation costs for monitoring solutions are minimized.
Legacy ICS/OT networks were designed primarily with reliability and safety in mind, evolving business objectives have caused the underlying OT systems to keep pace over the past decade to support newer business requirements. When you start to push legacy equipment to transfer data outside of these proprietary systems, you open the industrial network to security vulnerabilities. The basic architecture below depicts a scenario where legacy networking devices are unmanaged switches (no SPAN option) or managed switches that lack the resources to support SPAN capabilities. Deploying Garland TAPs designed to support 10M/100M/1G between the two network segments will provide the Dragos Platform with at least a baseline amount of data to provide asset inventory, vulnerability management, and threat detection in a single application, making your cybersecurity teams more effective.
As ICS/OT environments get upgraded and modernized, the network switches include features that help support monitoring requirements. For example, port mirroring, also known as SPAN (Switch Port Analyzer), are designated ports on a switch programmed to send a copy of network packets seen on one or more ports to another port, where a monitoring solution can analyze the packets. The basic architecture below depicts a scenario where several site locations have SPAN capabilities; however, the physical location cannot support additional hardware due to space, power, environmental, or budget constraints. Deploying Garland's High-Density Aggregator Network TAPs will allow multiple sites to SPAN their traffic to a single aggregator. The TAPs will then send the data to the Dragos Platform to enable comprehensive asset inventory, vulnerability management, and threat detection view making your cybersecurity teams more effective. Depending on the physical and network configuration, it is also possible to leverage the port pair functionality of the Garland TAPs and implement the device inline, minimizing the load of the existing network devices, and the risk of SPAN packet drops.
Proof of Concept
With the changing cyber-threat landscape impacting how the management of ICS/OT environments occurs, the need for passive, real-time monitoring is more vital than ever, especially for infrastructures with an abundance of legacy equipment. As with any solution selection process, organizations must traverse through a series of requirements before making a final decision. To ensure that the comparison process for each solution is equal and addresses the essential goals, the basic architecture below depicts a scenario where a proof-of-concept, staging, pilot, or training simulator environment is set up. This environment provides managed switches that support SPAN and a replica of a production environment that mimics where the solution will ultimately monitor and protect. Deploying Garland's High-Density Aggregator Network TAPs allows consolidation of the traffic on the two networks, then sending that data to the Dragos Platform and another monitoring solution simultaneously. This configuration provides a side-by-side comparison of how each solution handles asset inventory, vulnerability management, and threat detection with the same data. It is also possible to leverage the port pair functionality of the Garland TAPs and implement the device inline, minimizing the load of the existing network devices, and the risk of SPAN packet drops.
ICS Village: Gaining Visibility Into Your Critical Infrastructure
Join ICS Village as they demonstrate how companies with industrial control systems gain visibility by deploying OT Security tools with Dragos and Garland Technology. Review how to overcome legacy equipment challenges, aggregate distributed networks, and how to launch a proof of concept design to quickly meet today’s requirements.
Webinar: Achieving Network Visibility in Your ICS/OT Environment
Learn how Dragos and Garland Technology can help you accelerate and mature your ICS/OT cybersecurity programs through asset discovery, streamlining, and complete packet visibility.
Jason Farmer, Solutions Architect at Dragos, Joshua Carlson, Senior Business Development Manager at Dragos, and Neil Wilkins, Garland Technology's EMEA Technical Manager will be discussing changes in ICS/OT environments that driving the need for increased visibility and how together Dragos and Garland Technology provide a simple, scalable, and easy to use solution.