NEW YORK, Oct. 16, 2018 /PRNewswire/ -- Garland Technology, a leading provider of network and test access solutions, today announced a technology partnership with Corelight, provider of the most powerful network visibility solution for cybersecurity.
"Combining Corelight's network visibility technology with Garland Technology's network and test access platform provides our mutual customers with a best-of-breed solution for comprehensive security insights and defense for 100 percent of data traffic," said Frank Rubio, senior director of business development at Garland Technology. "This strategic partnership ensures seamless integration and provides a highly scalable and flexible network visibility solution for cybersecurity."
Using Garland Technology's high performance network TAPs and aggregators, to deliver a complete copy of network traffic to out-of-band Corelight Sensors, which transform the raw traffic into comprehensive network logs, extracted files, and custom security insights via the power of the Zeek Network Security Monitor framework (previously known as "Bro"), mutual customers receive the powerful benefits of a combined cybersecurity solution.
"Organizations are often faced with high throughput data but limited data center space which can make reliable and cost-effective network visibility a challenge," said Brian Dye, chief product officer for Corelight. "Together with Garland Technology, we are making it possible for our customers to effectively transform network traffic into security-optimized data to accelerate incident response and enable behavioral detection of modern threats."
Corelight and Garland Technology's joint solution, will provide organizations with a scalable way to capture all network traffic, reducing risk across the organization by dramatically accelerating both the speed and scope of security insights and operations. For more information, visit: https://www.garlandtechnology.com/corelight.
About Corelight
Corelight delivers the most powerful network visibility solutions for information security professionals, helping them understand network traffic and defend their organizations more effectively. Corelight solutions are built on the Zeek framework (formerly known as "Bro"), the powerful and widely-used open source network analysis framework that generates actionable, real-time data for thousands of security teams worldwide. Zeek data has become the 'gold standard' for incident response, threat hunting, and forensics in large enterprises and government agencies worldwide. Corelight makes a family of network sensors — both physical and virtual, at every scale — that take the pain out of deploying open-source Zeek by adding integrations and capabilities large organizations need. The Zeek project was initially developed at Lawrence Berkeley National Laboratory (LBNL), and has been supported by the US Department of Energy (DOE), the National Science Foundation (NSF), and the International Computer Science Institute (ICSI). Corelight is based in San Francisco, Calif. For more information, visit https://www.corelight.com or follow @corelight_inc.
ABOUT GARLAND TECHNOLOGY:
Garland Technology is an industry leader delivering network products and solutions for enterprises, service providers, and government agencies worldwide. Since 2010, Garland Technology has developed the industry's most reliable test access points (TAPs), enabling data centers to address IT challenges and gain complete network visibility. For more information or to learn about the inventor of the first bypass TAP, visit www.GarlandTechnology.com or @GarlandTech.
Full press release: https://www.prnewswire.com/news-releases/garland-technology-and-corelight-announce-technology-partnership-300731719.html
If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.
If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.
While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.
Some of you may have noticed a flaw in the logic behind this solution! You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.
Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.
Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.
Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.