The hardest TAP of all – attackers bite on granite here
New, specially hardened, High Security Network TAPs
according to IEC standard 62443 available
(Langen/Germany Oct. 7, 2021) NEOX NETWORKS, a leading solution provider and manufacturer for network monitoring and analysis solutions announces the availability of new, specially hardened TAP models for its PacketRaven product family.
What are Network TAPs and what are they used for?
Network TAPs (Test Access Ports) are used for secure and reliable tapping of network data. TAPs are looped into the network line to be monitored and forward the entire data traffic without interruption and without packet loss, while maintaining data integrity. TAPs are generally used to forward network traffic to an IPS, IDS, WAF, NDR, network packet broker, analysis system or security tool.
The often used and already existing SPAN/Mirror port on network switches, on the other hand, is unsuitable for professional purposes. Since it is not immune to compromise, it cannot guarantee unaltered data transmission without packet loss. This is a circumstance that attackers can easily exploit.
How secure are Network TAPs?
PacketRaven TAPs are among the most secure network devices on the market. One security factor of NEOX TAPs is the fact that they operate on OSI Layer 1 and therefore do not have an IP or MAC address. This means that they cannot be easily detected and compromised in the network.
In addition, many NEOX TAPs have a so-called Data Diode Function. This makes it technically impossible to access the tapped, active network via the monitoring port or to manipulate the network data there. This makes Network TAPs from NEOX Networks already in the standard version one of the network components that exclude an attack vector.
From very secure to extremely secure
For high-security areas according to IEC 62443 and critical infrastructures (CRITIS), however, even this is sometimes not enough, which is why NEOX Networks now also offers a specially hardened version of its TAPs. These TAPs are delivered pre-configured and do not allow any subsequent configuration changes. In addition, they are secured against unwanted or unnoticed opening by special screws and security seals.
And to top it all off, these NEOX TAPs also have a specially secured and encrypted firmware. By means of Secureboot, each time the TAP is started, it is checked whether the firmware to be executed has a valid signature and an authorised public key. If this is not the case, the TAP cannot be put into operation.
NEOX as an innovation hotspot
With the Hardened TAP, NEOX Networks now offers its fourth product innovation within a few weeks. Further innovations were the PoE-Empowered Network TAPs, the 100Mbit Fiber TAP for CRITIS areas and the new PacketFalcon Compact network forensics and packet capturing appliance.
Timur Özcan, Managing Director of NEOX NETWORKS, comments: “The demand for TAPs will grow strongly in the coming months. On the one hand, this is due to the generally increased security threats. But also due to paragraph 8a in the BSI law, which states that the information technology of critical infrastructures must take organisational and technical precautions to ensure the use of attack detection systems from May 2023. And to make this possible, TAPs are needed to access the data and provide the necessary data to the detection systems”.
If you are interested in seeing the new TAP models or the new PacketFalcon Compact Appliance, you will have the opportunity to do so at the upcoming it-sa trade fair in Nuremberg (Oct. 12-14, 2021). You will find NEOX Networks at the partner booth of LiveAction in hall 7a, booth 414a.