At first glance, using and operating a device that sits on the active network, such as an intrusion prevention system (IPS), looks to be relatively safe, simple and problem-free but, upon closer inspection, you can see the risks.
As you may have already suspected, using a system like this adds a significant risk of errors occurring. Although these systems are equipped with appropriate internal bypass modules, they don’t protect your network from a software failure or a failure caused by an internal switch error!
Once this appliance begins to cause problems or doesn’t properly perform its intended functions, your entire line and even your entire network can be affected. In the worst case scenario, your IT infrastructure could suffer a critical failure. Bypass switches (taps), such as those available through Garland Technology, will come to your rescue. Using bypass switches (taps), you can proactively protect your network against such threats and risks, considerably increasing the availability of your IT infrastructure and also improving safety.
The operation of bypass switches is relatively simple. They can be smoothly integrated into your system to route traffic transparently to the security system for analysis. After the inline tool has reviewed your network data, it’s redirected back via the bypass switch to the active network. You’ll have eliminated a critical source of failure while benefiting from the additional advantages this solution can bring.
Garland Technology’s bypass switches allow you to operate your security appliance in HA mode. Using such a setup, the bypass switch sitting on the network sends the network data for analysis to your primary security tool. Should this tool fail, the traffic is switched over without delay or loss. The data packets are then forwarded to your secondary system to ensure your network is constantly analysed and continuously monitored since any signs of danger will be flagged up.
DThe bypass switch continuously monitors your connected tools through "heartbeat" packets. In the unlikely event that both systems connected to the bypass switch fail at the same time or aren’t available for various reasons, the bypass switch would switch your network link, depending on configuration, either to fail open (traffic is isolated) or to fail closed (traffic is switched through). These parameters depend on your individual network and can easily be adjusted via the management port.
Bypass switches (taps) also support the tap and aggregation functions so you can evaluate your data in conjunction with other analysers. This feature’s very helpful when troubleshooting network problems because you can pick out your network data without any increased effort and use tools such as APM, NPM, VoIP Monitoring as well as data loss and forensics tools for passive analysis.
Garland Technology’s bypass switches support the following functions: sticky, bi-directional heartbeat and reverse bypass. You can learn more about our glossary in our "Support" menu.
The graph below shows an HA network with redundant Internet connections, which can also be monitored and analysed even though redundant using the INT1G8TAP bypass switch with 4 security systems. This means you’re securing your network and HA in the best way possible.
When you have tools with multi-network interfaces, you can, for example, use them in HA mode in various locations. Many of our customers in the financial and insurance sectors use this setup with success.