October is National Cyber Security Awareness Month (NCSAM). NCSAM’s purpose is to promote a collaborative effort between government and industry to raise awareness about the importance of cyber security.
In support of this national initiative, Passive Optical LAN can drastically improve the physical LAN’s defensibility, enabling consistent protection policies that are centrally managed – all while reducing human error and increasing network stability.
The greatest proof of Optical LAN’s ability to tighten an enterprises’ cyber security posture by reducing a companies’ attack surface, is best illustrated by how OLAN reduces network points of vulnerability.
For example, let’s start with a copper-based legacy corporate LAN design that connects 4,032 Gigabit Ethernet from eighty-four 48-port workgroup switches and one distribution/aggregation switch. The process to harden this enterprise network to ensure secure operations would need to address:
- 85 IP addresses to protect
- 85 Switches to secure (Security Technical Implementation Guide, STIG)
- 85 Switches to provision
- 85 Software loads to maintain
- 85 Physical equipment provisioning ports (CLI access)
Now let’s compare that to a modern Optical LAN architecture supporting the same 4,032 Gigabit Ethernet connections, from either eighty-four 48-port closet-based ONTs (e.g. ONT248) or a thousand 5-port deep fiber ONTs (e.g. ONT205) – in both cases you’d only need one OLT (e.g. OLT6) and one software defined networking management (e.g. Panorama PON Manager). In this case, providing the utmost secure LAN where security policies and procedures are implemented consistently, with fewer human errors and across a more reliable network would require:
- One IP address to protect
- One OLT to secure (STIG)
- One OLT to provision
- One Software load to maintain
- One OLT provisioning ports to secure
The math is easy. That’s eighty-four (84) fewer network points of vulnerability.
Now understanding that 80% of network outages are caused by humans, and 30% of security breaches are caused by humans (both through deliberate malicious and inadvertent accidental actions), you can see by the above example that the OLAN with centralized intelligence and software defined networking management is going to have fewer human touches which directly improves network security, reliability and operational efficiencies.
Last and not least, with a deep fiber Optical LAN design you can reduce, or eliminate, telecommunication rooms which means those rooms, and doors, no longer require expensive security and problematic access control.