Frequently Asked Questions
Q: How does Interceptor™ detect an intrusion into a fiber optic cable?
A: Interceptor launches a monitoring signal into a pair of fibers of the optical cable being protected, which turns the entire cable (up to 144 fibers) into a sensor. Specifically, when any component of the cable is abnormally handled, such as would occur during an intrusion attempt, the monitored fibers sense the disturbance and Interceptor reports the event.
Q: How does Interceptor distinguish between true intrusions and benign events that may cause nuisance alarms?
A: Interceptor incorporates a patented feature, which is referred to as Smart Filtering™ technology. This technology is used to enable Interceptor to “autoconfigure” itself, meaning that it learns the normal ambient state of the network to create a baseline of normal, routine, benign, non-threatening events such as the vibration caused by a nearby air conditioning unit, vehicle traffic, etc. While monitoring, these normal events are ignored. As a result of this technology, Interceptor has eliminated the false alarms which plague legacy alarmed carrier systems derived from perimeter security devices.
Q: What type of fiber does Interceptor require for monitoring?
A: No special fibers are required. Interceptor uses the standard communications fibers inside the cable to perform the monitoring, no matter whether they are dark (unused) or active (transmitting data). The Interceptor model is used to monitor dark fibers. The Interceptor Plus™ model is used to monitor active fibers.
Q: Does Interceptor protect a cable or just individual fibers?
A: For most cable designs, an entire 144-fiber cable can be protected by monitoring as few as 2 fibers within the cable. If ingress into the cable is attempted, the protected fibers will sense the disturbance and issue an alarm. The effectiveness of this is dependent upon the design of the optical cable itself. Some cable designs require monitoring on more fibers than others (for instance an 864-fiber cable). Based on extensive laboratory trials, Network Integrity Systems will recommend protection profiles according to your specific cable design.
Q: Is an Interceptor required at both ends of the cable run being protected?
A: In the case of dark fiber monitoring, a single Interceptor is required at one end of the cable. At the far end a simple, off-the-shelf optical loop back device is used in a patch panel to send the monitoring signal back to the Interceptor. For monitoring active fibers, a single Interceptor Plus™ is required at one end of the cable. At the far end, a Network Integrity Systems Remote Termination Unit (RTU) is required to separate the monitoring signal from the data signal. Click here for more information on Interceptor, Interceptor Plus or RTU.
Typical Installation For Dark Fiber Monitoring
Typical Installation For Active Fiber Monitioring
Q: How many separate buildings or drops can a single Interceptor provide a secure connection?
A: At a minimum, a single Interceptor can provide a secure connection to four separate locations. However, through some simple fiber concatenation methods (i.e. daisy chaining), a single Interceptor can provide secure connections to many separate locations. The exact numbers of locations a single Interceptor can connect vary as it is based on the specific network architecture of the deployment.
Q: Does the Interceptor have an impact on the bandwidth of the network?
A: None whatsoever. Interceptor is a physical layer device, and does not touch, process or verify the network data (IP or cell headers) or the National Security Information, therefore no bandwidth bottlenecks are created allowing full utilization of the network – up to 10Gbps and beyond.
Q: Is it necessary to perform an autoconfiguration before Interceptor can start protecting a network?
A: The Interceptor is set at the factory with a default profile that enables it to be placed into service and protect the network immediately. Once installed, the protection profile is optimized by performing an autoconfiguration while the unit continues to monitor. After the autoconfiguration is complete, the Interceptor automatically updates its configuration with the new values and continues to protect using the optimized profile.
Q: I have an application on Guam, which is a volcanic island that experiences minor seismic activity everyday/all day. Will this cause a false alarm?
A: As long as the “earthquakes” occur while the Interceptor is autoconfiguring itself, Interceptor will learn their signature and ignore them while monitoring for true intrusions. Our suggestion is to pick an autoconfiguration duration long enough to experience a tremor.
Q: Am I required to contain the cables being protected by Interceptor inside of a hardened carrier system (i.e. rigid metallic conduit, EMT or commercial raceway)?
A: In some cases yes – more on that below. At a minimum, Interceptor permits you to install the conduit above the ceiling, or below the floor since the requirement for periodic visual inspections is eliminated when Interceptor is used – therefore the conduit doesn’t need to be visible and accessible with the further benefit of improving the facility aesthetics. In the case of an outside plant (building-to-building) deployment, using Interceptor eliminates the need to encase the underground duct banks in concrete.
In some cases, Interceptor when used to protect Interlocking Armored Optical Cables, allows you to eliminate the rigid metallic conduit system altogether permitting those cables to be carried in existing conveyance (wire basket, ladder rack) or as suspended cabling (on D-rings, J-Hooks, etc.) to drastically simplify and reduce the cost of installation. Click here for more information.
Q: What types of management or software tools are required to manage the Interceptor?
A: The Interceptor can be locally managed by serial console, and remotely managed by Telnet or Secure Shell (SSH). The INTERCEPTOR can be accessed via terminal programs such as HyperTerminal or TeraTerm
Q: Doesn’t the requirement to respond to alarms create an additional need for manpower?
A: Keep in mind that using Interceptor eliminates the requirements to conduct a daily visual inspection of the PDS. Therefore, the resources formerly used to perform the task of visually inspecting the PDS no longer have that responsibility or the associated time-drain. This also eliminates the need to provide manpower to inspect PDS systems during off-duty/weekend/holiday times as well. Finally, the need to visually inspect manhole lids on a daily basis for OSP deployments is eliminated.
Q: Who typically monitors the Interceptor and how do they receive the alarms generated?
A: Monitoring responsibility is established on an organization-by-organization basis. Typically it is performed by Security/Military Police, IT Help Desks or Network Operations & Security Centers (NOSCs). If Security/Military Police forces are used, then the Interceptor is usually integrated via dry contact interfaces into the existing building security system, which those forces routinely monitor. If monitored by IT departments or NOSCs, then the alarms are usually received via SNMP traps. Interceptor was designed to include most prevalent reporting methods, which affords the end-user maximum flexibility.
A key thing to remember is that Interceptor prompts you when to conduct an inspection, versus conducting them day-in-and-day-out whether a threat to the network exists or not. Therefore the use of Interceptor actually reduces the amount of manpower necessary to secure a network.
Q: Can INTERCEPTOR monitor for intrusions into the hardened carrier system (rigid metallic conduit such as EMT)?
A: While Interceptor was designed to improve upon legacy alarmed carrier systems derived from perimeter security technology by protecting the cable versus the cable pathway, it can be deployed in a manner that enables it to detect intrusions into cable carrier systems.
Q: Which organizations have deployed Interceptor?
A: Interceptor was developed beginning in 2003 in response to a government requirment for an improved PDS solution. Since then, Interceptors have been deployed across the globe and have recorded over 35 million channel hours monitoring US government classified networks.
Interceptor has been deployed by the US Air Force, US Army, US Coast Guard, US Marine Corps, CENTCOM, Department of Homeland Security, Defense Intelligence Agency, Department of Justice, DoD Department of Inspector General, Naval Surface Weapons Center, Naval Undersea Warfare Center, National Reconnaissance Office, SPAWAR, STRATCOM, The Pentagon, numerous large and small systems integrators, major defense contractors.
Q: What information do I need to provide to enable you to recommend a solution for monitoring my fiber network?
A: The necessary information is listed on the Client Network Configuration Questionnaire which collects all of the information required to determine the appropriate Interceptor configuration for your specific network. Click here to download a copy of the questionnaire.
Q: What do you mean by “Intelligent-PDS” ?
A: For years the government and military have been installing PDS that has remained relatively unchanged or improved. Yet most other systems throughout the buildings have seen tremendous innovations leading to more efficient, greener, safer and secure environments. Why shouldn’t PDS keep pace?
INTERCEPTOR is an Intelligent-PDS, in that it allows the owner to only dispatch a human being when necessary. It eliminates unreliable human processes, (periodic visual inspections) and uses modern technology to determine when an inspection is necessary. INTERCEPTOR is smart enough to discern between benign events and true threats.
Q: How does INTERCEPTOR provide Information Assurance Analytics?
A: As an Intelligent-PDS, the INTERCEPTOR Optical Network Security System has Information Assurance Analytics embedded in its protection schema and logical design. INTERCEPTOR records and logs detailed threat information and the associated alarms, allowing IA personnel to perform thorough analysis to identify emerging trends, as well as to optimize the protection provided by the INTERCEPTOR.
In addition, the intrusion signatures used by the INTERCEPTOR to identify threats to the network are continuously updated and expanded to ensure that any threat to the physical network can be identified and detected before the network is degraded or National Security Information is compromised.
Q: How much does INTERCEPTOR cost?
A: INTERCEPTOR is the most cost-effective solution for network security. The cost depends upon your application and is best measured by the cost of the device amortized over the number of drops it can support which is a variable number. This number is dependent upon the type of connectors used in the monitored loop as well as the drop’s proximity to enable system inspection when necessary.
With this in mind, for an inside-the-building application providing SIPRNet to individual users, the price for an INTERCEPTOR can cost less than $500 per drop. In a building-to-building application, INTERCEPTOR can cost as little as $4,000 per up-link .