Our perception of cybersecurity focuses on attacks through firewalls to corporate entities across the internet. Still, we do not think of an attack directly via network equipment.
IP security and surveillance systems put physical network connections in both secure and unsecured locations. Unsecured locations provide ample opportunities for the would-be attacker, however secure locations must be viewed similarly. The attack could originate from an individual fully entitled to be within the secure area.
The threat to the network comes from a physical connection to the active network devices, or by removing an edge device and attaching unauthorized equipment in its place. Electrical Ethernet ports are based on industry standards, so connecting to these is simple. As every laptop today has such a connection, the probable weapon of attack is readily available.
Ethernet switches are offered as managed or unmanaged, where managed platforms have many features and allow the user to configure and remotely monitor the device. For security, managed units offer facilities to prevent unauthorized entry to the network. Unmanaged forms do not. Thus managed Ethernet switches should be used throughout the network.
It tends to be the case that the simplest features offer the best security, and with Ethernet managed switches, that persists. The ability to disable a switch port that’s not being used might seem an obvious security feature. Still, it is one that a lot of network operators fail to employ and may not even know exists on their devices. The rules, as you can imagine, are straightforward. If the port is not being used, disable it so no unwarranted party can plug directly into your network. If the port needs to be used for legitimate traffic in the future, then simply open it via the management system. And while we’re talking about the most straightforward features being the best, the default username and password of the device should be changed to a username and password commensurate with the security policy. No point in employing all this security if it could be changed by our attacker gaining access by merely reading the manual!
For active connections, ComNet’s Port Guardian feature can be used to shut a port, based on a loss of link being a potential attack. The feature can be further expanded to shut down ports if power is lost to the active device – just in case our attacker is smart.
We must secure access to the physical devices, so add a sensor on the door of equipment enclosures. An open door provides an easy target for any attacker and allows the elements to damage your enclosed equipment. And remember, it doesn’t just need to be active equipment. If the enclosure simply houses cable management, that provides an opportunity to break into the network. Secure enclosures are an absolute must in unsecured locations!
To conclude, managed Ethernet switches should always be used for maximum security and will provide remote configuration and monitoring. The managed device must be configured based on the security levels and operational requirements of the user. Those who ignore the basics of network security and opt instead for cheaper, unmanaged devices, are exposing their networks to the risk of hackers.”