The Necessity

As critical infrastructure and industrial companies invest in digital transformation to increase operational efficiency, cyber risks have become more prominent, resulting in unscheduled downtime, negative corporate brand perceptions and data & security concerns. 100% visibility is becoming a challenging task as the size and complexity of networks increase. Current cybersecurity strategies combine both inline and out-of-band solutions with a suite of active blocking and passive monitoring tools. Network TAPs provide best practices for providing packet visibility from commonly used switching devices to NETWORK AND SECURITY monitoring tools rather than SPAN connection. Threat detection, Intrusion Detection Systems (IDS) and forensics tools, as well as tools for network protection, can access complete packet data to analyze.

Why Garland?
"Visibility" Just Starts with Tracking from the Packet
Network TAPs (test access point) are hardware devices that allow you to access and monitor your network traffic by copying packets without affecting or compromising network integrity.
You Cannot Secure what You Cannot See
Whether deployed at the edge of the network, within a traditional data center or on-premises, IT security has a common theme. “Complete packet visibility for feeding cyber security tools”
OT / ICS Visibility
Deploying network TAPs throughout your industrial network area provides complete packet visibility for security solutions, improves uptime and eliminates the packet delivery problems that SPAN/Mirror ports inevitably present.
Eliminates Blind-Spots
A blind spot is a network-independent partition or device on your network that your monitoring tools cannot detect. Because you can't see or monitor these areas, it's impossible to know what's going on in them or to analyze data between specific network segments. The most effective way to prevent this is to leave no blind spots.
Benefits

Operational Visibility

Avoid Packet Losses to optimize your network

Complete network monitoring without any blind spots


Sectoral Advantages of TAP Structure in IT and OT Networks

The Energy Sector is one of the leading industrial critical infrastructures in the world. Network elements used here must be protected with one-way traffic. Thanks to the "data diode" function, inbound attacks from the control and management systems to which the elements are connected can be prevented.
The Finance Sector is one of the sectors that is at the center of cyber attacks today. Extremely important subscriber, account and commercial information is of vital importance. The damage that well-managed cyber attacks can cause to customers and institutions can be devastating. In such cases, the network must be monitored and analyzed 360 degrees. For this, the data collected by TAPs must be transported/transmitted to monitoring and analysis platforms in an organized manner, and this is provided by Packet Brokers.
Defense Sector literally means IT security, where the “Zero Trust” cyber security model and the “Enterprise Defense Architecture” (JEDI) etc. programs are taken into account. Efficiency, scalability, high performance and error-free monitoring in the network are essential, working in “tough conditions” when necessary. For this purpose, for example: "Military-Grade TAP for Rugged Environment" type Taps provide "bi-directional" traffic flow with a 10/100/1000 M copper connection without any packet loss.
In telecom networks, which were previously designed as "3-layer (Tier-3)", with the addition of aggregators, a "4-layer (Tier-4)" structure was created, and with normal and hybrid (copper/fiber) models, packet transfer can be achieved without interruption. By supporting relevant communication protocols, traffic is transmitted to surveillance platforms. Features include: - Load Balancing - Layer 2-4 filtering - GRE, VxLan, ERSPAN etc. Tunneling - Time Stamping, packet slicing, etc. features. - Features such as deduplication (removal of excess information) etc. are available.

IDS is a listen-only monitoring solution, it is placed out-of-band on the network infrastructure, it is not analyzing real-time traffic but is receiving a copy of the data. The two ways an IDS tool access this data is through SPAN / mirror ports on the switch or through the industry best practice network TAPs. SPAN is generally used for low utilization applications and are known to drop or alter packets, possibly masking threats. The network TAP creates full duplex traffic copies that pass physical errors and provide the flexibility to send this data to multiple destinations. If the IDS is processing many network segments, a network TAP and network packet broker are used to streamline the data to optimize security detection.

Modern IPS tools may have add-on options for internal or built-in bypass, which may be useful in some failure use cases but leaves open additional vulnerabilities like software failures and doesn’t provide the flexibility to sandbox, troubleshoot and optimize and the cost tends to outweigh the industry best practice of utilizing an external bypass. Bypass TAPs reduce network downtime with which allows you to easily take tools out-of-band for updates, installing patches, maintenance or troubleshooting to optimize and validate before pushing back inline. Designed to eliminate single points of failure within your network.
Join Our Garland Network

Resources

Solution Briefs

Wondering how it's done? Visit our resources page for complete solution summaries.

Summaries of Garland solutions

More

Technical Documents

Access the technical documents of the product you are interested in. Learn more for the Garland technical documentation.

Garland (White Papers) technical documents.

More

Videos

Garland Product videos are here. Learn more about Garlandtechnical videos and more.

We have compiled the Garlandvideos for you.

More