What are the security risks associated with fiber optic networking? Are there any differences between one vendor's offerings and another's? We're considering a vendor that offers fiber optics that can bend around short-radius curves without losing signal, but are trying to learn more about any packet security implications. Can you advise?
Ask the Expert!
Have questions about network security? Send them via email today! (All questions are anonymous.)
Fiber optic networking has the reputation of being immune to eavesdropping attacks, but this is an undeserved reputation. Fiber connections are susceptible to tapping, bending and splicing attacks, which gives an attacker access to packets traversing the connection. While eavesdropping on fiber connections is more difficult than their copper counterparts, attackers with sophisticated skill sets and equipment may be able to do so. In addition, the significant amounts of data carried over a high bandwidth fiber connection present an attractive target to an attacker.
When using fiber optics, light is sent at specific intervals to and from the transmitter and receiver. If, by chance, the light is not transmitted or received on these predefined wavelengths or intervals, it is possible that the physical cable is being tampered with by hackers snooping or injecting malicious traffic. While there are sophisticated analysis techniques that can detect some types of fiber tampering, these are difficult to implement and not at all foolproof.
There are a few things you can do to help secure your data while using fiber optics. One approach you can follow is to provide strong physical security for your fiber optic connections. This is sometimes easy when you are running cable on property that is fully under your control, but can be much more difficult when you are traversing shared environments. If you're unable to provide a completely trusted physical connection, consider the use of encryption technology to logically protect data crossing the fiber connection.
Finally, keep in mind that regardless of the vendor(s) you use, it is the nature of the technology itself, rather than any specific implementation, that is vulnerable. Fortunately, as with many emerging technologies, careful planning can mitigate much of the risk.
Editor's note: SearchSecurity.com expert Mike Chapple contributed to this article.
Dig Deeper on Real-time network monitoring and forensics
Related Q&A from Matthew Pascucci
Understanding the differences between sandboxes vs. containers for security can help companies determine which best suits their particular use cases. Continue Reading
Troubleshooting VPN session timeout and lockout issues should focus first on isolating where the root of the problem lies -- be it the internet ... Continue Reading
What sets web roles and worker roles apart in Microsoft's Azure Cloud Services? Here's a look at how they are different. Continue Reading