Read Slide 1 text version

Advanced Physical Layer Management

Simon Hewitt Advanced Solutions Regional Director Molex Premise Networks October 2009

What is Advanced Physical Layer Management?

· · · · A management tool which enables 100% accurate information about the physical infrastructure to be recorded and reported 24/7/365. Enables increased management of connectivity onto the physical layer of the network Reports accurate information about connected devices Reports connections and disconnections of devices even when they are switched off

Managing Your Data Infrastructures

Building 1 Desk Desk Outlet Outlet APLM Switch in Switch in Closet Floor 1 Closet Floor 1 Telecom Telecom Closet Floor n Closet Floor n Service Service Demarcation Demarcation Data Centre Switches Switches APLM Servers Servers

Telecom Telecom Closet Closet

·

Monitors changes to physical circuits & connected assets, enabling Data Centre monitoring and TR remote management As IP invades everything, now you can monitor its physical location

·

The Next IIM?

· · · Evolutionary technology allowing everyone the benefits of IIM In addition APLM detects the physical connections and disconnections ­ at the work area Removes all the traditional barriers of IIM

The need for IIM still exists?

· The data communications industry and infrastructure owners still see the need for IIM. "I can't manage a network of this size and magnitude without intelligence in my physical layer" ­ Should it be a size issue? · We are seeing more and more specifications with intelligence as an option.

The need is growing

· In 2009 4.0 exabits (4.0 X 1018) of new information will be generated worldwide... ­ More than in the previous 5,000 years combined! Today, the amount of technical information being generated is doubling every 2 years... ­ By 2010 it is predicted to double every 72 hours! In 1984 there were 1,000 devices connected to the internet ­ In 1992 there were - 1,000,000 ­ In 2008 there were - 1,000,000,000 In the average company, the number of devices IT managers will need to track and support will grow by 79% between 2007 and 2012

·

·

·

Why hasn't IIM become the norm?

· · Most medium sized and larger organisations see the need! Traditional IIM systems have less than 1% market penetration why?

­ ­ ­ ­ Too expensive Too difficult/expensive to implement Too Difficult to use Often not technically sound!

APLM

Research has shown two things:

1. More people would consider intelligence in the physical layer...... 2. Those who do consider IIM would buy it ......

If.......................

APLM

· · · · · · Simple and intuitive dashboard/user interface More cost effective...including ongoing costs Easy to expand as the network grows Easy to change as the network grows Could be complementary to existing Layer 2 and above network tools Low system power consumption ­ specific data centre user

Benefits of APLM: Time Saving

APLM: Fault Finding

· 80% of network faults are caused by the physical connection

­ Someone inadvertently plugging the patch cord into the wrong switch port. ­ Someone accidently unplugging the patch cord from the wall.

APLM: Fault Finding Scenario

A user calls the helpdesk, with a computer not seeing the network connection

Goes to desk, checks physical connection at the wall; all OK

Helpdesk, refers to the switch management suite ­ confirms no network connection ­ no Surprise

Checks computer network settings, "pings the network", no reply . IT helpdesk walks to the TR and traces the patch cord to the switch- no easy task. Someone has inadvertently removed the patch cord from the switch.

APLM: Fault Finding Scenario

APLM shows this information from the support desk within seconds

APLM: Fault Finding All changes are alarmed via e-mail, SMS etc.

­ Know the phone call is coming before the ringing ­ Know the exact status of any patch panel port, switch port or work area outlet in real time

APLM: Cost of Downtime?

The cost to an organisation of a user being off line is a great concern.

· Productivity downtime in manufacturing is a huge cost ­ this can often be apportioned to physical network problems, manufacturing stops because a CNC machine lost connectivity · CAD user can't get access to their files And so on

Managing the Physical Layer - Anywhere

Police departments have multiple small networks with no IT people in any remote police stations Problems: · Fault diagnosis of connection problems (patch cord inadvertently unplugged) · No record of connected hardware · No audit trails · Make simple changes or diagnose simple network faults without expensive truck rolls.

Managing the Physical Layer - Anywhere

In today's climate IT managers are being asked to manage multiple networks in multiple locations with less and less skilled staff

Example: Corporation has a Data Centre in London with a redundant Data Centre in Washington DC, one IT Manager is being asked to manage both from the UK

APLM: Fault Finding - Anywhere

See all physical connections on the network from one location anywhere on the WAN

Cross-connect patch

Channel

Network Attached Device Horizontal Patch Panel

Network Equipment Equipment Patch Panel

Telecom Room

Work Area

Benefits of APLM: Security

Security: Assets Roles of the IT and Security Departments

The traditional focus of security within the IT department concerns authentication of users, monitoring traffic usage, and backing up of data ­ protection of "virtual" assets and "virtual" connectivity · Protection of physical assets is traditionally confined to the security department:

­ ­ ­ ­ Cabinet and Comms Room Security ID badges Security guards Cameras

What's missing?

Security: Assets Roles of the IT and Security Departments

Coordination with IT tools to track the physical connection of end devices in real time: ­ Protection from theft of equipment and the data on them through continuous monitoring of the physical connection of end-devices to the network, even if the end-device is turned off ­ Protection from inadvertent security breaches by well-meaning employees

Security: Assets

· · Wesley College, Australia: $120,000 laptops and other computer equipment stolen in expensive

San Jose Medical Group: Two stolen computers, with the loss of patient databases with social security numbers and medical information - subject to legal action from clients Home Office Minister's PC stolen from her office in Manchester UK, containing restricted information on defence and housing markets

·

Security: Assets

· According to a report from the Computer Security Institute/FBI Computer Crime and Security Survey, the theft of a single laptop results in an average loss of $89,000 ­ the value of the hardware is just a fraction of the total loss. A survey by "Kensington" put the average number of laptops stolen from medium and large sized companies at 11.65 per year.

·

Would it not be better to know where your assets are and be aware when they are moved?

Monitoring End Devices

· · · Traditional network management tools can monitor virtual connections of devices ­ but only when they are turned on. Green initiatives ­ employees are encouraged to turn devices off at night and over the weekend. If an end device goes "off line" ­ is it a security issue or not?

­ What if it's a network printer? ­ Or an engineering work station?

·

Can you monitor whether these devices are physically disconnected, and send an alert if appropriate?

Employees are also an issue

52% of managers believe the majority of insider threat incidents are accidental

The Insider Threat

According to a recent poll of silicon.com readers, nearly twothirds (62%) of those surveyed said the biggest security threat to companies is malicious and/or incompetent staff.

Threats Often Come from the Inside

Actual Threats to Network

Virus 4% External Threats 2% Equipment Security 20% Dishonest Employees 10% Unhappy Employees 9%

Source: GRC/RCMP

Human Error 55%

Inside threats are often not malicious ­ but from good people doing bad things.

A story...

· The scenario: a college campus with 5 buildings, and a student whose lap top is infected with a Denial of Service virus

·

Student goes on line, the switch recognizes the threat, and shuts down the channel. Crisis avoided?

·

IT tries to locate the student by going to the TR to see which horizontal the particular switch port is connected to. Then check records to see what room the outlet is located in, only to find no one there, because...

A story...

· In the mean time the student figures the network must be down, and goes to the next floor to connect from there. When that doesn't work, he moves on to another building on campus; and repeat....

·

Roughly 5 hours later, the laptop and user were found and the problems were corrected. For the IT staff, this was 5 hours of pure chaos. And for the student, this was 5 hours of pure frustration.

Security: Data Protection

The data on a network is more valuable than the fixed assets themselves ­ By monitoring every connection and disconnection of every device, you can protect the data by knowing whether the newly attached device is a known or unknown device, and be sent alerts.

Security: The Improved Result

You can track events and be alerted instantly if: ­ ­ ­ ­ ­ The network printer is stolen over the weekend The CFO's PC is unplugged An unauthorised end-device is connected (such as a WAP) A VoIP phone is moved A horizontal cable is broken

And all of these events are logged in the database for investigation

Security: The Improved Result

Improve network security with advanced physical layer management tools

APLM - MAC Management

Standardising Work

· Inconsistencies across multiple sites create extra auditing and processes Standardising the way MAC's are performed across multiple site organisations will improve profitability through efficiency

·

A Group of New Starters

· An organisation has a group of new starters and needs to give them each a computer, a telephone etc...............

·

Or, a training organisation needs to get a training room ready for the delegates, all delegates need a computer............

Managing Moves

· Create work orders for connections and disconnection Lights to show unskilled "patch technicians" where to plug or unplug cables in a TR Create work area work orders with location details and maps......... from anywhere on the WAN

·

·

APLM ­ Asset Management

Asset Utilisation

· · · How many wall outlets are free? How many switch ports are available? Is this patch cord plugged into a device at the other end.

Often people are scared to remove patch cords in the TR, just in case it is attached to a switch.

Asset Management/Auditing

· IT manager/Finance need to audit the devices attached to the network annually Disaster Recovery ­ continued business resiliance APLM, reports all connected devices with MAC and IP addresses and the physical location at the press of a button

· ·

Consider...

· · · · · What is the current cost to audit fixed IT assets? How long does it take to audit IT assets, and how accurate is the information? How many people are employed to secure assets within an organisation? What value would a CIO put on knowing where the assets are located - on a global basis? Can the cost of insurance be reduced if you could prove to the insurer where everything is at any time, and that devices are continually monitored?

Summary

How Can using Advanced Physical Layer Manager Tools Help?

· · Focus on Layer 1 of the OSI model Built on technology that: ­ Detects the physical connection of end devices and switch equipment Automatically poll the newly-connected device to find out what it is, and confirms that it matches the intent ­ using no network bandwidth Coordinates the "virtual" ID of the device (IP address, MAC address, machine name) with a physical location ­ know precisely where in the building the device is located

· ·

How Can using Advanced Physical Layer Manager Tools Help?

· · Work remotely ­ monitoring connections anywhere on the WAN Sends alerts if critical equipment is suddenly unplugged from its outlet with information of what the device is and where it's supposed to be Sends alerts if a rogue channel is connected Provides auditing tools of who did what, and when

· ·

How Can using Advanced Physical Layer Manager Tools Help?

· · Provides current and accurate listing of all connected assets Augments traditional network management systems, which don't know physical office locations Creates work orders for unskilled staff for any network on the WAN Avoids expensive truck rolls

·

·

Advanced Physical Layer Management

· · · Improved Asset Management Enhanced Network Security Increased Productivity

Questions

Information

Slide 1

46 pages

Find more like this

Report File (DMCA)

Our content is added by our users. We aim to remove reported files within 1 working day. Please use this link to notify us:

Report this file as copyright or inappropriate

1338160