Network Integrity Systems recently published a white paper that addresses the advantages of alarmed carrier PDS. Below is a summary of the white paper. Go to https://www.networkintegritysystems.com/IA%20White%20Paper1.pdf for the full text.
With the explosion of SIPRNet and classified information systems throughout DoD and civilian government agencies, the potential vulnerabilities and resulting need for compensating measures to protect our National Security Systems has increased exponentially. With the amplified focus on Information Assurance, the Interceptor™ Optical Network Security System is being increasingly leveraged due to its ability to reduce the cost and complexity of network deployments while also significantly enhancing network security and information assurance.
- The Committee on National Security Systems and NSTISSI 7003 provide the overarching national guidance to all DoD and civilian agencies for the protection of wireline and optical fiber Protective Distribution Systems (PDS) used to transmit unencrypted National Security Information. Per NSTISSI 7003 “…the emphasis of a PDS should be placed on ‘detection’ of attempted penetration in lieu of ‘prevention’ of penetration.”
- Because of the emphasis on detection, Hardened Carrier PDS installations constructed of rigid metallic conduit require daily periodic visual inspections (PVIs) as the sole means to detect unauthorized access or tampering with the PDS.
- With the recent growth of secure networks, the requirement to perform PVIs places a severe strain on manpower and results in infrequent or potentially neglected visual inspections.
- To conduct the required PVIs, the PDS must be installed below the ceiling and in plain view. However, this makes the PDS obvious and readily accessible to any and all building occupants and visitors and ultimately more vulnerable to overt and covert attacks.
- To prevent unauthorized individuals from entering the PDS system via modular raceway, most agencies have established compensating measures such as the epoxying of all seams or through a more encompassing visual inspection that requires specialized training provided through a third party.
Alarmed carrier PDS solution:
- Alarmed Carrier PDS addresses the primary intent of NSTISSI 7003 (detection) by replacing the PVIs with continuous monitoring of the raceway. This results in substantial savings in manpower – but more importantly, it eliminates the risk that an intrusion into the PDS goes unnoticed due to infrequent or neglected human inspections.
- An alarmed system provides consistent and persistent protection, and only notifies personnel to perform an inspection in order to investigate potential suspicious activity.
- Since alarming the PDS eliminates the requirements to perform daily visual inspections of the PDS, the resources formerly used to conduct that task can be assigned to other activities.
- Since visual inspections are not required for an alarmed PDS, the rigid metallic carrier system can be placed in a non-visible location (i.e. below the floor or above the ceiling), which makes it much more difficult for a would-be intruder to gain access.
- Since the carrier is out of sight, simple EMT can be used versus more expensive modular raceway products.
- Unlike traditional alarm carrier systems that monitor attacks on the raceway, the Interceptor Optical Network Security System monitors fibers within the cables being protected, making the entire cable sensitive to abnormal manipulation and handling.
- When the threat level warrants it, some agencies and military branches deem as a compliant PDS, flexible interlocking armored cables monitored by an Interceptor, installed without a rigid metallic carrier.
- With the Interceptor PDS and Armored Cable solution, the network cabling, with its continuous protective armor, can now be run from point-to-point with no vulnerable access points at various junctions along the PDS.
An alarmed PDS offers significant advantages over a traditional hardened PDS by automating the inspections necessary to ensure that any penetration is detected, while still providing the robust physical protection of rigid metallic conduit capable of being placed out of sight. When conditions are acceptable, the expenses of a rigid metallic carrier system can be avoided altogether with the use of a monitoring system such as Interceptor and flexible interlocking armored cables, leading to tremendous cost savings and enhanced security.