Garland Technology Solutions for the Public Sector
-
Network TAP
- A Network TAP is a purpose-built hardware device that allows you to access and monitor your network traffic by copying packets without impacting or compromising network integrity.
- The TAP allows network traffic to flow between its network ports without interruption, creating an exact copy of both sides of the traffic flow, continuously, 24/7, 365.
- The duplicate copies are sent out the monitoring ports of the TAP and are then used for monitoring and security analysis.
- Network TAPs are invisible to hackers because they do not have an IP or MAC address.
-
Network Packet Broker (NPB)
- A Network Packet Broker is a hardware device that provides a collection of monitoring tools with access to traffic from across the network.
- NPB receives data from a number of network links then acts as a broker, dealing the relevant data out to the connected monitoring tools.
- NPB has advanced functionality to aggregate, load balance, filter, and deduplicate traffic to improve tool efficiency and reduce CAPEX costs.
-
SPAN Aggregators
- A SPAN Aggregator is engineered to aggregate multiple SPAN/Mirror port inputs (from network Switches) to one (1) or more out-of-band cybersecurity or monitoring tools.
- Aggregation helps out-of-band tools see more of the network without needing to invest in multiple units of the same out-of-band tool.
-
Inline Bypass
- The Bypass TAP was developed specifically to resolve the problem of an inline security tool creating a point of failure.
- Bypass mode prevents inline devices from being a single point of failure and causing network downtime. Network downtime can be costly for organizations and add hours of work to already short-staffed security teams.
- In the event the device fails or if there is a power loss, the heartbeat packets that are sent from the bypass TAP to the inline device trigger the TAP to “bypass” that inline device.
- This leaves the network link up or triggers a failover to a redundant device.
- The heartbeats added to the redirected traffic have additional functionality: they allow the Bypass TAP to be aware of the health of an inline appliance.
-
Hardware Data Diode
- Hardware Data Diodes and Data Diode TAPs are useful and cost-effective solutions to help provide an additional layer of security in OT networks.
- There are situations where the use of SPAN/Mirror ports is still needed for visibility in an OT network.
- In these instances, it is best practice to connect the SPAN/Mirror port to a hardware Data Diode to pass the mirrored data onto the monitoring and security sensors.
- Using hardware Data Diodes eliminate bidirectional traffic flow ensuring that no data is passed back into the Switch Mirror port.