All network devices need to be in a physically secure
environment, whether in a locked data closet, a locked cabinet, or both. In most
cases, if routers and switches can be physically accessed, they can be
compromised. With Cisco devices, the only things required to compromise the
system are a console cable kit and a terminal system, which today can include
many palm-sized devices. Password recovery techniques are well known and easy to
implement.
While password recovery lets a person with less than CCNA skills
take control of the device, an equal fear should be the person with a
screwdriver who decides to take the device(s) and worry about accessing them
later. Cisco devices are typically hot items on web auction sites, often with
several thousand listings on any given day. While corporate data centers
typically have secure facilities, many small businesses and small branch offices
might rely on Telco closets for router placement. Before agreeing to place
devices in a Telco closet, consider that, in many cases, every building tenant
has direct or indirect access to that closet.
Other reasons for centralizing network devices into a single
room include facilitating environmental features like climate control (heating
and cooling), stable power with Uninterruptible Power Supply (UPS) backups,
secure access including locks and protection from over the wall or under the
floor access, and possibly increased human presence to provide a deterrent. If
the data room is busy with many people having access, it might make good sense
to put key devices into locked cabinets.
Sections
Comments (0 posted)
Syndication
