Optical network security: Inside a fiber-optic hack


This article can also be found in the Premium Editorial Download "Information Security magazine: Symantec 2.0: Evaluating their recent acquisitions."

Download it now to read this article plus other related content.

Optical Network Security Tools
A few vendors are developing tools that protect optical networks, offering intrusion detection and prevention at the physical layer. They identify and alert operators to optical events, including malicious intrusions, cable breaks, receiver overloads, weak optical signals, data-signal loss, transients and loss of power.

Opterna sells the

    Requires Free Membership to View

FiberSen-tinel System, a rack-mounted fiber IDS that offers passive real-time, protocol-agnostic monitoring for optical networks. Intrusions are automatically detected and shut down while traffic is simultaneously rerouted to an alternative path using artificial intelligence technology.

Another fiber IDS solution, Fiber SenSys from CompuDyne, has become popular in government and military installations, airports, oil refineries, electrical substations, nuclear power plants, water purification and storage facilities, corporate headquarters and manufacturing centers—even palaces—throughout the world.

Oyster Optics has been developing bleeding-edge technologies for optical network security and monitoring since 2001. Oyster Optics' vendor-neutral, protocol-independent solution reduces the risk of threats such as eavesdropping, corporate and government espionage, network disruption and terrorism.

At this point, these detection solutions notwithstanding, the only measure to prevent information from being pilfered off of optical networks is the encryption of transmitted data.

"I think we've seen large increases in the use of encryption over all network paths, including fiber- optics—and encryption defeats eavesdropping," says Gartner's Pescatore.

"In general, I think security has moved up a notch, and tapping into fiber for eavesdropping is still a more difficult way to get at information than many other paths," he says. "But, our advice to enterprises is to use encryption over all network connections where the physical security of access to the network, whether copper or fiber or wireless, cannot be secured."

Many organizations make the mistake of encrypting the data and the transmission, which is redundant. If the data is encrypted, there is no need to spend extra money to send it through a secured tunnel. The trend is leaning toward encryption at the data layer, which reduces the latency and overhead associated with transport.

This was first published in November 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: