TXOne Networks and Garland Technology
Network defense for OT environments is essential for protecting critical assets from cyber attacks that could disrupt operations, damage equipment or cause safety hazards. TXOne’s EdgeIPS helps to ensure the reliability, safety and availability of industrial processes and infrastructure by learning, monitoring, and protecting the trusted OT protocols that ensure the operations keep running with zero impact.
When paired with Garland Technology’s purpose-built Network TAPs, Network Packet Brokers, and Inline Bypass solutions, EdgeIPS deployments have enhanced fail-safe measures across fiber infrastructure or critical availability areas, as well as guaranteed network access to 100% of the packet level data for inline or offline implementation.
Joint Solution Benefits
- Purpose built, OT native technologies
- Support for over 6000 combinations of ICS protocols
- Comprehensive, scalable form factors, optimized for your network requirements
- Remove complexity, ensuring your program is as efficient and robust as your organization deserves
- Ensure availability with easy inline deployment options that require zero configuration changes to the existing infrastructure
- Eliminate single points of failure on the OT network
Garland EdgeLens Solution
Garland’s EdgeLens series is an advanced bypass TAP with built-in packet broker functionality that centralizes network traffic, making network tools more efficient by sharing network traffic with monitoring and security tools. EdgeLens provides visibility for a hybrid configuration of an active, inline network device and out-of-band tools, such as LiveAction. EdgeLens provides identical network traffic streams through the active inline device and to the capture engine of LiveAction LiveWire or LiveCapture. The benefits of both devices seeing the same traffic are:
• Correlated data for real-time monitoring and root cause analysis using network packets.
• Historical look back and playback of the network traffic.
• Validating and updating network policy changes and spotting anomalies.
• Network data recording for compliance and security forensics.
• Root cause analysis for application and network related problems.
TAP -> TOOL
Network TAP Benefits
- Provide complete packet visibility with full-duplex copies of network traffic.
- Ensure no dropped packets while passing physical errors and support jumbo frames without delay or altering the data.
- Support speeds from 10/100M, 1G, 10G, 40G, 100G, and 400G are available in single-mode and multi-mode fiber or copper ethernet.
- Available in Tap ‘Breakout,’ aggregation, regeneration, bypass, and advanced filtering.
- Passive or failsafe – Does not affect the network.
- No IP address or MAC address, and cannot be hacked.
SCENARIO 1: Fiber Bypass
Intelligent network visibility starts with using Garland Technology Network TAPs to copy full duplex traffic from the IT and/or OT network. Garland’s TAPs help overcome limitations that occur when SPAN/mirror ports are used, while providing data diode functionality to guarantee unidirectional traffic flow.
- In customer environments with a fiber infrastructure, a Garland Technology EdgeSafe Bypass TAP is installed inline between the firewall and the router.
- Utilizing its heartbeat packet technology, the Bypass TAP can check the status of EdgeIPS. As long as the heartbeat sent to EdgeIPS is received back to the TAP, traffic keeps flowing through EdgeIPS to filter the network traffic and ensure only trusted OT/ ICS protocols pass through to the OT assets. This protects the operation from malicious threats or human error that can jeopardize production or safety. If the heartbeat packet is not received, the Bypass TAP will effectively ‘bypass’ EdgeIPS, keeping the customer’s network link up and avoiding unplanned downtime.
SCENARIO 2: High Availability
- Customers looking for added resiliency and redundancy for critical links in their environment may look to deploy EdgeIPS in a High Availability (HA) deployment.
- Utilizing Garland Technology’s EdgeSafe Integrated Bypass TAP, deploying a HA scenario is simple to set up and configure, ensuring secure network continuity.
- By tapping just one link, the primary and backup TXOne EdgeIPS appliances can be connected in an Active-Standby deployment. Should the Active EdgeIPS appliance need to go temporarily offline for any reason, including planned downtime for troubleshooting, maintenance windows, and firmware updates, the Integrated Bypass TAP will automatically failover to the Standby EdgeIPS appliance, keeping your critical links up while you resolve the issue.
SCENARIO 3: TAP to Aggregation
- Garland Technology also supports when the TXOne EdgeIPS needs to be deployed in a passive, out-of-band scenario. For customers looking to deploy EdgeIPS in this manner, utilizing a Garland TAP-Agg solution ensures 100% of the network traffic passes to the EdgeIPS for building out OT communication polices to enhance security and operational resilience in live deployments.
- Garland Technology Network TAPs provide 100% packet data from any point in the network.
- Multiple tapped links send the copied traffic to a Network Packet Broker where the data is groomed through aggregation and load balancing before being sent on to the TXOne EdgeIPS.
- The TXOne EdgeIPS will retrieve the OT asset information and build out policies for the OT network traffic. The EdgeIPS can then be deployed inline with production environments to enforce trust lists and filter OT communications.
TXOne Networks offers cybersecurity solutions that ensure the reliability and safety of ICS and OT environments through the OT zero trust methodology. TXOne Networks aims to protect Cyber-Physical Systems by comprehending their operation and contextualizing them with security measures. We propose a framework to safeguard critical assets throughout their entire life cycle. To learn more, visit www.txone.com.
Schedule Your Network Solution Call Today
- How It Works
- Bypass TAP Benefits
- Full PDF Solution Brief
- How It Works
- How It Works
- How It Works
Bypass manages the availability of inline tools, preventing a single point of failure in the network by “bypassing” the device in the event it fails or needs to be updated. Reducing network downtime. Bypass is unique to the other TAP modes, as it is an inline use case not out-of-band.
• Keep up with Federal security mandates
• Expedited problem resolution
• Ability to pilot or deploy need security tools
• No maintenance windows
• Simple configuration ensures a quick set-up
• Zero subscription fees so O&M expenses don’t increase
■SOLUTION EDGESAFETM BYPASS TAP
• Install a Garland Technology Bypass TAP between Cisco Firepower and the network
• Bypass TAP manages the availability of Firepower at any time without having to take down the network
• Bypass TAP continuously checks the health of Firepower with heartbeat packets and the Bypass TAP will bypass Firepower to keep the network up-and-running in the event Firepower becomes unavailable
PROBLEM 1 PORT FAILURE | ||
■WITHOUT TAP • The network |
|
■WITH TAP • Uptime • Tool is bypassed while it is being updated |
PROBLEM 1 PORT FAILURE | ||
■WITHOUT TAP • The network |
|
■WITH TAP • Uptime • Tool is bypassed while it is being replaced |