Securing your network - don't overlook the physical layer

Securing your network - don't overlook the physical layer

Posted on

Security is now a key priority for any business. With regulations such as GDPR putting more onus on organisations to protect the data they hold on their networks - and the financial and reputational penalties for breaches higher than ever - it's vital that this is taken into account at every stage of network development.

While much of a firm's defences have been traditionally focused on the logical layers, the physical infrastructure has become an increasingly attractive target for hackers in recent years, and so must not be overlooked.

It was noted by CommScope that "whoever controls the routing infrastructure of a network essentially controls the data flowing through the network". Therefore, it's essential that firms focus closely on his area.

The firm explained that network infrastructure security generally falls into two categories - preventing unauthorised access by unauthorised persons, and preventing unauthorised access by people who do have permission to be on a property.

While physical cabling security such as keyed connectors, secure patch cords and port blockers can often be effective deterrents against unauthorised access, guarding against malicious insiders can be tougher. Therefore, CommScope highlighted several steps that enterprises can take to ensure their physical network infrastructure is as secure as possible.

Effective monitoring and detection

Implementing tools to monitor networks and alert firms to any unauthorised changes to the physical layer is an essential part of an organisation's defences. By using intelligent cabling, connectors and patch panels, such tools are able to automatically document all changes and alert personnel to new and non-scheduled connections, for example if an intruder plugs in a laptop to gain unauthorised access. 
 
Automated infrastructure management (AIM) systems can also integrate with other  intrusion detection systems and antivirus software to identify and communicate the exact physical location of rogue or infected devices by physical location, helping to minimise the cost and damage an attack can cause.

Protecting the wireless space

Wireless systems are also increasingly viewed as weak spots by hackers, with CommScope noting that newly-discovered vulnerabilities mean that systems that have long been considered secure now present weaknesses. Therefore, networking professionals will have to take particular care that their solutions are well protected.

CommScope said: "A good example is the WPA2 security protocol used by Wi-Fi systems. Using a weakness in the handshake between clients and WPA2 access points, intruders were able to break through encrypted connections."

The right cabling support

The latest cabling and connectivity solutions can also be deployed throughout buildings to help enhance monitoring and AIM systems in order to help spot unauthorised intruders. For example, today's Internet of Things-powered smart buildings can enable businesses to implement networks of IP security cameras and other sensors.

With the right use of Power over Ethernet (PoE) cabling to connect these devices, a business can easily position these wherever they are needed to provide optimal coverage without having to worry about planning for additional power or connectivity requirements.

A powered fibre or PoE network is also inherently more secure, as all connected devices draw their power from the switches, which are usually backed up by UPS batteries and generators. CommScope explained this means that in the event of a mainpower failure, the AIM system and all connected security devices will continue to function as a result of this centralised power structure.

Read more on Networks

Resource Hub

Designed to bring you the latest information - industry news, articles, calculators and tools

Visit our Resource Hub

Request Catalogue

Make sure to get a free copy of our latest catalogue featuring our products. Click on the button to receive your copy.

Click Here