7 posts categorized "Garland Technology" Feed

Understanding Advanced Features in a Network Packet Broker (by Greg Zemlin)

Understanding Advanced Features in a Network Packet Broker

Network Packet Brokers (NPBs) have come a long way from their modest roots as data monitoring switches, though their intended application remains nearly the same.  The NPB is still primarily used as a device to maximize the performance of monitoring and security tools. The NPB’s most important features remain unchanged, these includes, 1:1, 1:N, N:1, and N:N port mappings, full L2-L4 filtering options, and configurable load balancing options.  In the pursuit of gaining a competitive advantage, vendors continue to add advanced features. This adds complexity in selecting the right product for your network.

Header image

The key to selecting the right Packet Broker is the understanding of each advanced feature and its alternatives.

Lets look at Deduplication, SSL/TLS decryption, and MetaData generation -  Important areas to understand!

Continue reading "Understanding Advanced Features in a Network Packet Broker (by Greg Zemlin)" »


Network Visibility - The Rise of the Aggregation Layer (by Greg Zemlin)

Network Visibility - The Rise of the Aggregation Layer

Sole reliance on SPAN ports for network visibility and monitoring has been on the decline for years. IT teams realize the inherent limitations of SPAN ports and have shifted in favor of the traditional 3-tiered approach to network visibility.

Tier 1: Physical Layer TAPs Network Test Access Points (TAPs) are hardware tools that allow you to access and duplicate network traffic. TAPs supply full line rate traffic and are never oversubscribed or rate limited. The egress traffic from the TAPs is then sent to NPBs.

Tier 2: Network Packet Brokers Network Packet Brokers (NPBs) are responsible for efficiently funneling data from network TAPs and SPAN ports to each tool. NPB’s were originally designed to replicate traffic for multiple tools while reducing the volume of traffic to each tool, ensuring each tool operates as efficiently as possible. This is typically done through a combination of aggregation, replication and L2-L4 filtering. The groomed, tool specific traffic is sent out for processing.

Aggregating Traffic

Tier 3: Tools Tools are responsible for processing and characterizing traffic of interest. Common tools are built for application performance monitoring, security, and data forensics.

Continue reading "Network Visibility - The Rise of the Aggregation Layer (by Greg Zemlin)" »


[Analysis] Full Duplex Capture in SCADA and Industrial Control Networks (by Thomas Tannhäuser and Alexander Pirogov)

Why SPAN Ports Should Not be Used in Security Solutions

Image-header

The convergence of IT and OT (Operational  Networks) in the context of Industry 4.0 has led to a crowded market of security solutions targeting the shop floor on different levels. While the security of the legacy IT systems was part of the initial planning of those systems, the industry now faces the challenge to integrate security solutions in legacy OT systems.

Continue reading "[Analysis] Full Duplex Capture in SCADA and Industrial Control Networks (by Thomas Tannhäuser and Alexander Pirogov)" »


LMTV LIVE | How to Create Scalable Visibility in your Data Center (with Chris Bihary of Garland Technology)



YouTube LIVE event start time: Wednesday, July 19, 2017, 9:30 AM PST


Garland170x200How do you scale your network infrastructure to support multiple monitoring tools - while ensuring 100% packet capture?

This is the problem we have been hearing in the last few years. Data centers (D1 & D2) and enterprise networks have many challenges and two of the big ones are providing the IT department anytime access to full-duplex traffic, while guaranteeing full packet capture. Now layer on top of that a stack of 1G legacy monitoring tools in addition to the migration to 10G/40G and 100G speeds.

Join us for to learn about the latest visibility solution from Garland Technology’s as they introduce and demonstrate their Passive Fiber Modular Chassis System, a flexible, scalable and affordable high density solution for managing up to 24 links in a 1U box at network speeds of 1G/10G/40G/100G.


Click to read other LMTV posts by contributors of LoveMyTool »


Are My Packets Lying? – Four Things To Look For In Packet Traces (by Chris Greer)

Blog-Are my Packets Lying

Packets don’t lie – well, most of the time.

Packets will tell you the truth unless they have been captured incorrectly. In those cases, packets can tell bold-faced lies.

When digging through trace files, we can come upon symptoms in the packets that may raise an eyebrow. These are events that look strange on the surface and may even divert our troubleshooting focus for a time. In fact, some of these issues have misdirected engineers for hours, if not days, causing them to chase down issues and events that simply did not exist on the wire.

Most of these examples can be avoided simply by capturing the packets from a tap rather than on the machine generating the traffic. Come on, you know you have needed a tap for a while! Just spring for one and capture correctly next time. By the way, when you do make that decision, check out our buddies at Garland Technology. They make great stuff and they are nice people too!

  1. Very large packets

Continue reading "Are My Packets Lying? – Four Things To Look For In Packet Traces (by Chris Greer)" »