Upload
doandang
View
222
Download
2
Embed Size (px)
Citation preview
… Protecting Network Data
®
… Protecting Network Data
Fiber Optic Fiber Optic Network & Cabling Network & Cabling
Infrastructure Security Infrastructure Security Sensor SystemSensor System
… Protecting Network Data
Product ApplicationsProduct Applications
Physical Network Protection and Equipment Security• Protecting the Physical Layer of the Network• Protecting vital and sensitive information• Downtime, tapping, accidental intrusion• Alternative to Encryption (in select environments)
Data Centers & Server RoomsOptical Fiber Cable InfrastructureMilitary and DOD PDS (Protected Distribution Systems)
Classified Networks / SIPRNET
… Protecting Network Data
CertificationsCertificationsUnited States Air Force TEMPEST Certified• Technical Authority Approval (CTTA)• FD-208 sensor for PDS applications
Headquarters Air Force Communications Agency• Approved 21 March 2003
Air Force Manual 33-201• Protected Distribution Systems (PDS) and NSTISSI 7003
Department of Air Force Approval• for Priority Level 1 Facilities• Approved 3 April 2003
SPAWAR Approval – IA Pub 5239-22 U.S. Navy• 31 October 2004
… Protecting Network Data
System OverviewSystem Overview
Alarm System with Headend OptionSensor Cable immune to EMI, RFI, and lightningDetection Zones up to 5 kmInteroperability with Alarm PanelsHighly ScalableHighly-configurable control softwareLocal or email alarm notification
… Protecting Network Data
System ComponentsSystem Components
Specially configured Optical Fiber Cable & Connectors
FD-208 sensor (Alarm Processor Unit)
SMS 2000 Software (optional)
Intelligent Field Panel (502 or 508 controller) (Headend)
• Central connection and control point for all the hardware.• All system functions are controlled by this unit
… Protecting Network Data
How the Sensor Works…How the Sensor Works…Fiber optic sensing cable is glass.
• Inner conductor, called the core, conducts light
(No Data)
… Protecting Network Data
If the fiber optic cable is disturbed, the pattern of conducted light changes.
• Sensitivity to motion, vibration, or pressure
… Protecting Network Data
The Alarm Processor UnitThe Alarm Processor Unit
Allows direct or remote mounting of the electronics away from the fiber-optic sensing zone.
Models include:• Stand alone systems• Rack mount systems
… Protecting Network Data
The system uses optical fiber as a sensing cable to detect the presence of an intruder.
FD-208
FD-208 R
… Protecting Network Data
• Laser light from the APU transmits through the cable• The system detects shifts in the return light pattern
Max. 20 KM Max. 5 KM
… Protecting Network Data
Protected Distribution Systems (PDS)Protected Distribution Systems (PDS)
Wire or Fiber-Optic distribution system used to transmit un-encrypted classified NSI or military information through an area of lesser classification or control.
U.S. Air Force Regulations
U.S. Navy (via certifying authority)
U.S. Army and U.S. Marines
DOD Contractors; DHS
… Protecting Network Data
Benefits of Alarmed PDSBenefits of Alarmed PDS
Certified / meets PDS requirementsInexpensiveEliminates Need for Encryption (expensive, slow, key-based)Can be used on long runsEliminates inspection requirementImmediate intrusion detectionConfigurable Parameters• Eliminates Nuisance Alarms
… Protecting Network Data
Information AssuranceInformation AssurancePhysical SecurityPhysical Security
Addresses Layer One Network VulnerabilitiesStructured Cabling and Data CentersReliabilityUptimePhysical Intrusion (accidental or intentional)Physical Equipment and Wireless AP’s
… Protecting Network Data
Threat
Trojans, Viruses, Worms, Spyware, Key Loggers
Unicode Vulnerabilities
TCP Session Hijacking, DoS attacks, “Man in the Middle”
Port Scanning, NMAP
Router Password buffer attack, IP Spoof
MAC Spoof, ARP Cache Poisoning
Tapping, Cable Cuts, Cable Tamper, Backhoe, Accidental Intrusion
Security
Anti-Virus, Spyware detection and removal
Patches
Authentication, SSL, SSH, IPSEC, Kerberos, strong passwords
Firewalls, Scan Log d
Software updates & patches, restrict console port access
Physical Security (SecurLANoptions), Static ARP cache
SecurLAN, UPS Power Measures, Microwave Emission Analyzer
OSI Model
Source: SANS Institute *
… Protecting Network Data
Multiple FloorsMultiple Floors
?
?
SecurLAN installed in / on data conduit
Example:Organization
occupies floors 3, 4 and 9
… Protecting Network Data
Multiple BuildingsMultiple Buildings
SecurLAN installed in / on data conduit
… Protecting Network Data
Advantages of Using Advantages of Using Fiber Optic Sensors …Fiber Optic Sensors …
You can detect any unauthorized trenching, boring, core drilling or any other digging methods along your cable route.
… Protecting Network Data
You can detect any unauthorized intrusion at your MPOE/DEMARC, MDF, IDF or Network Operations Center.
… Protecting Network Data
The sensing cable can be deployed along a fence or buried under sod or gravel.
• Intruders compromising these barriers are detected
… Protecting Network Data
Response OptionsResponse OptionsOptical cutoff switch – Provides shutdown of all connections within the affected zone to deny access to sensitive data.
AC cutoff switch – An alternative method of network shutdown that cuts power to the router, hub, or PC denying access to sensitive data.
E-mail alert – Notify key personnel of intrusion attempts
Auto dialer – contact key personnel through pagers, cell phones, etc.
You name it – integrates with any system that accepts relay inputs (cameras, audible alarms, lights, etc.)
… Protecting Network Data
Product SummaryProduct Summary
• Versatile Applications of the Base Technology• IT Physical Security, Data Centers, PDS, Infrastructure
• Physical Layer LAN and MAN Protection• Fiber-Optic Sensitivity• Detects Movement, Pressure and Vibration• Nuisance Alarm Discrimination • Defined Zone Detection• Complimentary to Existing Security Systems• Customizable Response Options
… Protecting Network Data
For more information or to arrange a For more information or to arrange a demonstration, please contact:demonstration, please contact:
Ken RiveraKen Rivera -- 909909--628628--3445 x 113445 x 11
www.jmfiberoptics.comwww.jmfiberoptics.com