Feature

From Network Computing Vol 18 No 06 November/December 2009

GRAEME STOKER OF SIEMON EXPLAINS WHY SECURITY AT THE PHYSICAL LAYER IS FOUNDATIONAL TO OVERALL SECURITY ANDOFTEN OVERLOOKED

Organisations are starting to define their own particular risk profile and this is a good thing. But in taking this crucial next step and responding with appropriate measures, some are overlooking the risk of a vulnerable network infrastructure. In an effort to increase security and minimise risk, network managers invest in complex software and processes that can be expensive, as well as coming with their own set of limitations and challenges at the application level. They may be sophisticated, but this approach could be likened to investing in a James Bond-style security laser grid and forgetting to pay the electricity bill. In the current economic climate, many are asking how much investment in network security is enough. The physical layer of network security is often overlooked and the most basic of practical and sensible measures left unconsidered, at best weakening, and at worse rendering useless, other expensivedefences.

Intelligent Infrastructure Management (IIM) is a good example of a straightforward approach to security at the physical layer. It identifies connections, status, and actions, and keeps a dynamic database of the network, providing an up to date, accurate map of your organisation's infrastructure. This database is constantly updated and it keeps a full log of moves, adds and changes relating to the physical infrastructure. The system will alert you in real time if, when, and exactly where on the network a security breach occurs.

IIM goes beyond knowing just the network address of devices connected to the network as it also detects the status of each connection. It works by tracking any physical layer changes, such as unauthorised removal of equipment or connection of unapproved devices (such as a third party laptop) and it also makes the location of the breach instantly identifiable, ensuring that remedial action can be swiftly taken.

IT attacks are not limited to sources outside of the organisation; various sources indicate that around half of all attacks are internal and often go undetected. There's also a risk from unwitting attacks, such as an employee plugging in a compromised laptop.

Consider an international organisation, a multi-building company HQ or University campus: with IIM, IT staff can determine exactly where an individual is - which building, which desk - and therefore can get to them fast.

IT directors are apportioning large tranches of budget to securing systems and ensuring their regulatory compliance. Those budgets are under pressure, often inadequate, but IT departments are quite rightly being asked to show clear investment returns.

IIM makes a sound business case: faster problem resolution, minimised business disruption, reduced downtime often from hours to minutes, and a new layer of security capability. IIM can help optimise your network. It provides asset management and can improve utilisation by identifying areas where there may be unnecessary redundancy, unnecessary power consumption, or a case for increased deployment. You can use your resources more smartly and possibly avoid capital expenditure by repurposing equipment. This efficiency and agility will have direct and positive impact on the bottom line.

Second Generation IIM systems have created greater bottom line benefits. IIM also helps you to make the most effective use of your support staff by integrating with your current network management software. This provides a comprehensive single picture of the whole IT infrastructure, in one place and in real time, effectively extending reach. The information kept by IIM systems is detailed, accurate and automatically recorded, adding traceability to assist with regulatory compliance.

Security is a constant battle. Clearly, IT professionals need to use the most effective tools and some are exceptionally sophisticated. But at times the obvious and deceptively simple things can make the biggest difference.

Feature