Physical Security Concerns for LAN Management By Derek

Physical Security Concerns for LAN Management By: Derek Mc. Quillen

Physical Concerns n Choosing the correct site for constructing the LAN n External Security n Internal Security n Weather or Natural Disasters n Is it Real? n 6 steps everyone company should take to keep their network protected

What is a LAN? n Local Area Network n Network that covers a small area: – Such as a small office, school, or home network n Can serve anywhere from 2 to 1000 users

Choosing a Site n Must have the correct utilities to begin the setup, such as electricity n Keep away from high risk areas where natural disasters occur n Must be built in freestanding building not to close to other buildings or high traffic areas n Keep away from dry or fire hazardous areas

Choosing a Site (Ideal Distance Requirements) n The building must be at least: – 10 miles from any nuclear power plant – 2 miles from highway or railroad – 5 miles from any military base – 5 miles from any police station or fire station

Construction Barriers around the sites perimeters n Fire Rated walls around perimeter n Keep server room in the center of the building with higher walls n – So signal is difficult to get out n Keep all other equipment away from the servers: – In case an outside source needs to come in to repair something they can not gain access to the private information

External Security n There are many layers of security when it comes to external security – Outside Alarm – Surveillance Cameras – Invisible electromagnetic field around sensor cables – Keep staff and visitor parking away from delivery areas

External Security n Keep guards on duty at all times n Fingerprint Identification Readers – This prevents ID cards or Pin numbers for gaining access from being lost or stolen

Internal Security n Man guard watching server room at all times n Heat and smoke detectors installed all though out the building n Cooling system to keep all electronic devices from overheating and causing damage

Weather n Every network needs to have a Uninterruptible Power Supply (UPS) – In case the power goes out or any other weather related incident would occur n Also, back up generators also should be purchased by all company’s – Same reasons as above

Is It Real? n The previous slides show the most ideal ways to set up a network and keep it from being intruded. n This would be outrageously expensive and almost impossible for a company to afford. n So depending on the financial situation, companies can pick and chose the security features they think are important.

Six steps everyone company should take to keep their network protected n Lock the server room n Use rack mount servers n Protect your printers n Disable the drives n Pack up the backups n Don’t forget the workstations

Lock the server room n n The server room is the main component of the physical security of the network If access is gained to servers, routers, hubs, or switch the entire company is now in danger. So, when no one is in the area make sure the door is always locked. The best way to do this is to make the door lock no matter what when it shuts and a code or fingerprint access must be used to enter.

Use rack mount servers n Take up less room and are easier to secure n Easily locked into closed racks n Can be bolted to the floor – Making the unit nearly impossible to move

Protect your printers n Today’s printers store document contents in their own on-board memories n Recently printed documents can be accessed then n Again, keep bolted to the ground n If extra copies are printed – Do not just throw in the trash can § No one knows who can get a hold of the trash

Disable the drives n Disable or remove floppy disks, USB, or other external drives n Another way to disable the drives is to use a type of hardware called Disklock. – This is a piece that slides into the drive that can be locked in with a key and is not able to be removed without the key.

Pack up the backups n Keep all tapes or discs from the servers locked away in a safe place, not just laying around next to the servers n Don’t use flash drives, floppy disks, or external hard drives for backing up files because they are easily lost or stolen

Don’t forget the workstations n Disconnect computers that aren’t being used n Equip computers that must remain in open areas with smart card so that it’s difficult for unauthorized persons to log on n Keep cases closed so hard drives or other hardware can’t be stolen

Reminder n Network security starts at the physical layer. n If physical access is gained all the firewalls and software programs mean absolutely nothing.