What are the security risks associated with fiber optic networking? Are there any differences between one vendor's offerings and another's? We're considering a vendor that offers fiber optics that can bend around short-radius curves without losing signal, but are trying to learn more about any packet security implications. Can you advise?
Ask the Expert!
Have questions about network security? Send them via email today! (All questions are anonymous.)
Fiber optic networking has the reputation of being immune to eavesdropping attacks, but this is an undeserved reputation. Fiber connections are susceptible to tapping, bending and splicing attacks, which gives an attacker access to packets traversing the connection. While eavesdropping on fiber connections is more difficult than their copper counterparts, attackers with sophisticated skill sets and equipment may be able to do so. In addition, the significant amounts of data carried over a high bandwidth fiber connection present an attractive target to an attacker.
When using fiber optics, light is sent at specific intervals to and from the transmitter and receiver. If, by chance, the light is not transmitted or received on these predefined wavelengths or intervals, it is possible that the physical cable is being tampered with by hackers snooping or injecting malicious traffic. While there are sophisticated analysis techniques that can detect some types of fiber tampering, these are difficult to implement and not at all foolproof.
There are a few things you can do to help secure your data while using fiber optics. One approach you can follow is to provide strong physical security for your fiber optic connections. This is sometimes easy when you are running cable on property that is fully under your control, but can be much more difficult when you are traversing shared environments. If you're unable to provide a completely trusted physical connection, consider the use of encryption technology to logically protect data crossing the fiber connection.
Finally, keep in mind that regardless of the vendor(s) you use, it is the nature of the technology itself, rather than any specific implementation, that is vulnerable. Fortunately, as with many emerging technologies, careful planning can mitigate much of the risk.
Editor's note: SearchSecurity.com expert Mike Chapple contributed to this article.
Dig deeper on Monitoring Network Traffic and Network Forensics
Related Q&A from Matthew Pascucci
Matthew Pascucci discusses virtual security gateway appliances and whether they are a virtual data center necessity or just an overhyped product.continue reading
Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses.continue reading
When designing a secure network segmentation, monitoring, logging and encryption should be a priority. Matt Pascucci explains in this expert Q&A.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.