Need

As critical infrastructure and industrial companies invest in digital transformation to increase operational efficiency, cyber risks have become more prominent, resulting in unscheduled downtime, negative corporate brand perceptions and data & security concerns. 100% visibility is becoming a challenging task as the size and complexity of networks increase. Current cybersecurity strategies combine both inline and out-of-band solutions with a suite of active blocking and passive monitoring tools. Network TAPs provide best practices for providing packet visibility from commonly used switching devices to NETWORK AND SECURITY monitoring tools rather than SPAN connection. Threat detection, Intrusion Detection Systems (IDS) and forensics tools, as well as tools for network protection, can access complete packet data to analyze.

Sectors
Why Garland?
Visibility just starts with tracking from the packet.
Network TAPs (test access point) are hardware devices that allow you to access and monitor your network traffic by copying packets without affecting or compromising network integrity.
You cannot secure what you cannot see.
Whether deployed at the edge of the network, within a traditional data center or on-premises, IT security has a common theme. “Complete packet visibility for feeding cyber security tools”
ICS Visibility
Deploying network TAPs throughout your industrial network area provides complete packet visibility for security solutions, improves uptime and eliminates the packet delivery problems that SPAN/Mirror ports inevitably present.
Eliminates blind-spots
A blind spot is a network-independent partition or device on your network that your monitoring tools cannot detect. Because you can't see or monitor these areas, it's impossible to know what's going on in them or to analyze data between specific network segments. The most effective way to prevent this is to leave no blind spots.
Benefits

Operational Visibility

Avoid Packet Losses to optimize your network

Complete network monitoring without any blind spots


Benefits of a TAP Fabric in IT and OT Networks

Unidirectional, or one-way data flows, are often required in OT networks. These safeguard the network from external threats while also providing the out-of-band data necessary to monitor the network for cybersecurity purposes.

Garland’s Network TAPs have built-in Data Diode functionality. This sends unidirectional copies of the traffic to out-of-band tools for monitoring purposes, without any effect on the link between the two network elements. Since there is no physical connection between a Data Diode TAP’s monitoring and network ports, there’s no possibility of intrusion from the destination. These TAPs physically do not send traffic back onto the network, providing “no injection” TAP visibility for 10/100/1000M networks.

Many industrial environments are outdated in terms of IT infrastructure. If a company is looking to deploy cybersecurity tools to prevent threats, ransomware attacks, and breaches, there is often a struggle to gain access to the network traffic. Legacy switching fabrics often lack the ability to configure SPAN ports. Rather than upgrading the entire switching fabric and enduring the business cost of interrupting operations, organizations can add a TAP fabric with passive network TAPs at each location. It is a much more cost-effective solution. A TAP fabric allows you to deploy cybersecurity tools today, while also providing permanent access for more tools in the future.

One benefit of using a TAP fabric is the lack of impact on production. Since Network TAPs are typically passive and deployed out-of-band, they don’t have to be certified by whoever runs the plant, approved by whoever makes the control system decisions or endorsed by whoever certifies the changes to new hardware put in place. Customers are simply putting in a TAP, which is passive and out-of-band. It doesn’t have any impact on the live production network!

IDS is a listen-only monitoring solution, it is placed out-of-band on the network infrastructure, it is not analyzing real-time traffic but is receiving a copy of the data. The two ways an IDS tool access this data is through SPAN / mirror ports on the switch or through the industry best practice network TAPs. SPAN is generally used for low utilization applications and are known to drop or alter packets, possibly masking threats. The network TAP creates full duplex traffic copies that pass physical errors and provide the flexibility to send this data to multiple destinations. If the IDS is processing many network segments, a network TAP and network packet broker are used to streamline the data to optimize security detection.

Modern IPS tools may have add-on options for internal or built-in bypass, which may be useful in some failure use cases but leaves open additional vulnerabilities like software failures and doesn’t provide the flexibility to sandbox, troubleshoot and optimize and the cost tends to outweigh the industry best practice of utilizing an external bypass. Bypass TAPs reduce network downtime with which allows you to easily take tools out-of-band for updates, installing patches, maintenance or troubleshooting to optimize and validate before pushing back inline. Designed to eliminate single points of failure within your network.

JOIN OUR GARLAND NETWORK

Resources

Solution Briefs

Wondering how it's done? Visit our resources page for complete solution summaries.

Summaries of Garland solutions

More

Technical Documents

Access the technical documents of the product you are interested in. Learn more for the Garland technical documentation.

Garland (White Papers) technical documents.

More

Videos

Garland Product videos are here. Learn more about Garlandtechnical videos and more.

We have compiled the Garlandvideos for you.

More

Contact Us

*Name:

* Lastname:

*Company:

*Telephone:

*Corporate Mail:

*Job Title:

*Country :

* Sector:

*How Did You Find Us?:

*Your message: