Passive Optical LAN removes KNOWN network security gaps. Optical LAN presents a smaller network attack surface, and is ideal for zero trust architecture, as it requires less human touch to manage.
Optical LAN can reduce thousands of points of vulnerability in a network
Recent history has far too many high-profile worst-case scenario examples of network data breaches, which are driving CIOs and IT pros to invest in transforming IT infrastructure and ensure that corporate info is secure, protected and highly available. This is why a many studies rank security as a top 10 technology priority for businesses.
Tellabs Optical LAN solutions play vital roles in providing a more secure LAN where security policies and procedures are implemented consistently, with fewer human errors and across a more reliable network. Optical LAN ensures a zero trust environment with a significantly reduced attack surface.
Tellabs also offers security solutions for infrastructure and asset protection based on alarmed fiber and fiber sensor technology.
- Fiber cabling is inherently more secure than copper cabling
- Global policies ensure consistent and repeatable error-free procedures
- Bi-directional encryption protects connectivity between OLT and ONTs
- Zero trust architecture with significantly reduced attack surface
- The simple ONTs do NOT store user nor network information locally
- STIG-, HIPAA- and PCI-compliant plus deployed in military networks.
Industry leading network security across the cabling, electronics and management
Lessen security impact on employee and business
There are real costs associated with data breaches. The LAN equipment and infrastructure are possible entry points for malicious activity. It is best for CIOs and IT pros to have a proactive data breach response plan, and with a proactive, highly secure Tellabs Optical LAN in place, CIOs and IT pros can benefit from lower loss costs, better KPI reviews and even lower insurance premiums. All of the above can also lead to a less stressful, more productive and healthier work environment with a highly secure LAN.
Improve element management security
A secure LAN starts with the Tellabs Panorama PON Manager, which is the element management interface for the Optical LAN. Within the Tellabs PON Manager, role-based access for users is established through strict authentication and authorization . This is where secure passwords are assigned and managed. Based on IT staff credentials, privileges are defined for what a user can view and modify. Then the activity of the IT staff can be tracked, which helps root cause analyses during trouble-shooting and can help with junior IT staff training.
Greater defensibility for Optical LAN system-wide
Tellabs Optical LAN’s system-wide security and intelligence is managed centrally by OLT and, ultimately, Tellabs PON Manager. From an end-to-end system-wide standpoint, Tellabs Optical LAN provides powerful security measures at the physical layer, and the data layer, as well as users and subtended devices levels. This is inclusive of supporting best-in-class NAC policy managers, such as ForeScout CounterACT, Juniper Unified Access Control (UAC), Cisco Identity Services Engine (ISE), HP/Aruba ClearPass Policy Management and Microsoft Network Policy Server (NPS).
Fiber cabling is inherently more secure
The optical plant, also known as the fiber cabling infrastructure, can make significant contributions to overall security. Fiber optic cabling is more secure than copper cabling. Fiber is not susceptible to interference nor does it introduce interference. With fiber, you have no cross-talk, no EMI, no RFI and no EMP. There are also options for armored, alarmed and monitored fiber cabling.
Best in class ONT security
The ONTs are inherently secure as well. Our ONTs are designed with no local management access. This is done because there are few needs for human touches at the ONTs. The ONTs are basically simple optical-to-electrical terminals. ONTs are highly secure and reliable, which ultimately helps improve security. Furthermore, Optical LAN has centralized intelligence and management; neither user nor network information is stored in the ONTs. Finally, the connectivity to the ONTs has industry leading bi-directional AES128 Encryption with churning key every minute for ultimate security – that’s two-way encryption securing the downstream and upstream traffic!
Reduced Attack Surface (shrinking the implicit trust zone)
Optical LAN significantly reduces the network’s attack surface. An attack surface is the sum of the network points of entry where malicious actions can occur. Optical LAN eliminates these known security gaps by having only one management interface (one IP address) for the total network. A traditional network might have hundreds management interfaces (IP addresses) located at unsecure switches haphazardly positioned. Furthermore, statistics confirm that most security lapses are due to human error, and because OLAN has far fewer network access points to secure, your probability of human error and data breaches are greatly reduced.
A Zero Trust Environment
Zero Trust is a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside network boundaries. Tellabs Optical LAN is an ideal architecture for networks following Zero Trust model because it follows the principals of:
- Granular access and least privileges
- Policy enforcement point
- Shrinking implicit trust zone (reduced attack surface)
- Secure communications
- Secure access
- Monitoring access
Exceed military, HIPAA and PCI requirements
The U.S. Federal Government and the Military were the early adopters of Tellabs Optical LAN due to its ability to improve network security both at the electronics and across the cabling infrastructure. Today, other industry verticals such as Healthcare (HIPAA), Education, Retail (PCI), Transportation, Gaming/Casino and Financial, are looking toward Optical LAN for the same security benefits.
Looking for more information?
If you still need additional details, and even greater technical explanation, then click on the “Download Overview” button below to access our comprehensive security solution overview.