Protect Your Network from Physical Security Breaches

When it comes to protecting the network, we hear a lot about firewalls, virus protection, encryption and other cybersecurity measures. While preventing digital attacks is critical in today’s digital world, data center and network managers also need to ensure that the network is physically secure.

With physical access to the network, anyone can accidentally or intentionally disconnect mission-critical networking equipment or connected devices. Sophisticated criminals could also gain access to unprotected spaces and connections for the purposes of carrying out cyberattacks or installing malware, viruses or ransomware. Let’s look at some of the various ways to physically protect the network.

Secure the Network Spaces

Switches, servers and other network equipment should be kept secure within data centers and telecommunications rooms with locked entrances. While standard door locks can help, they aren’t much good if everyone has a key. Implementing video surveillance and access control systems is a much better method of physically securing these spaces. Surveillance cameras have become far more sophisticated with built-in technologies like facial and voice recognition, motion detection, 360-degree and long-range visibility, and even behavioral analytics. Networked IP-based surveillance systems can even integrate with access control systems that limit access to authorized personnel via proximity cards, PIN or biometrics.

V-Lock

In larger data center spaces where only specific groups of individuals should have access to certain equipment or connections, it may be wise to bring physical security down to the cabinet level. This is especially ideal for colocation data centers that need to provide customer access to specific cabinets. Cabinet-level security can also help save space in colocations by eliminating the need to place cabinets within secure cages.

Advanced cabinet-level physical security systems can protect a single cabinet or groups of cabinets. For example, Siemon’s V-Lock Cabinet Door Security System is available for standalone cabinets or in a bus and node system for protecting multiple cabinets in a row. The system includes a variety of handles that can be accessed via proximity cards, PINs or biometrics or a combination thereof.

Secure Critical Networking Ports

While physically securing network spaces can go a long way in preventing authorized access, sometimes within these spaces themselves there is a need to secure specific network ports to prevent accidental or intentional disconnects or the connection of unauthorized devices.

While the primary benefit of solutions like automated infrastructure management (AIM) and data center infrastructure management (DCIM) systems is to manage and control the network to ensure performance and uptime, these systems can also monitor physical network activity. For example, Siemon’s MapIT G2 AIM solution features smart patch panels and patch cords with sensor technology that can detect and alert in real time any disconnect of individual copper and fiber ports or any unauthorized devices attempting to connect to the network.

LockIT

For those seeking a lower-cost option for securing specific network ports, tamper-proof patch cords and outlet locks are simple and easy to use. Siemon’s LockIT™ system includes patch cords that can be freely inserted into patch panel outlets but require the LockIT Cord Key for removal. The system also includes secure RJ45 outlet and LC fiber adapter locks for preventing access to unused ports. Brightly colored in yellow to easily identify secured ports, the locks fit into any standards-compliant RJ45 outlet or LC duplex fiber port and require a key for removal.

Secure the Edge Connections

When physically securing the network, it’s important to not forget about the outlets and devices at the edge of the network-many of which are accessible to the general public. Think security cameras, wireless access points, digital displays, point-of-sale, kiosks, vending machines and even networked lighting fixtures. Not only is it often critical for these devices to stay connected to the network, but the outlets to which they connect can be a gateway for sophisticated hackers to access the entire network.

Secure Edge Connections

For devices like security cameras, lighting fixtures, video displays and wireless access points that are not expected to be moved or rearranged after deployment, sometimes it may make sense to eliminate outlets altogether. Using a standards-based Modular Plug Terminated Link (MPTL) configuration where the end of network cable is outfitted with a modular plug and connected directly into a device eliminates the use of an outlet and connecting the device with visible patch cords that can be easily disconnected. After all, actually seeing the patch cord and the outlet may increase the temptation for someone to tamper with the connection, especially in schools and other public spaces. Siemon’s Z-PLUG™ Field Terminated Plug is ideal for facilitating MPTL connections. It can be easily terminated onsite to any twisted-pair network cable rom 22 to 26 AWG for quick direct connections to devices. Its shorter plug design with rounded edges and ability to eliminate the boot and latch protector also makes it ideal for connecting to devices with limited space.

Siemon’s LockIT system can also be deployed at the network edge where devices are connected to outlets via patch cords. LockIT secure RJ45 outlet and LC fiber adapter locks can prevent access to unused outlets in public spaces, while LockIT cords can help prevent disconnect of devices like security cameras, point-of-sale terminals, self-service kiosks, digital displays and even medical equipment in publicly-accessible spaces like schools, retail stores, transportation hubs, hospitality venues and hospitals.