New Standard Enhances Physical Security for Networks
“Many functions, processes and systems of intelligent buildings are entirely dependent on network infrastructure, which must run smoothly and above all be secure.”
As we transition into a smarter world, more buildings are becoming connected to improve overall efficiency. They incorporate new technologies, which manage everything from lighting, heating and energy, to security systems. Many functions, processes and systems of intelligent buildings are entirely dependent on network infrastructure, which must run smoothly and above all be secure.
Protecting information is a top priority for many organizations, businesses, government agencies, healthcare providers, data centers and manufacturing facilities, which increasingly rely on these complex networks.
There are plenty of tools to protect software from cyberattacks. However, physical interruptions may also have significant consequences. If someone disconnects a server, whether intentionally or not, a business which sells products or services online could quickly experience large financial losses, or serious data breaches.
Monitoring the security of the network’s physical layer, in other words, the connections, cables, and other hardware assets, will provide the system with physical security.
International Standard ISO/IEC 18598, for automated infrastructure management (AIM) systems, aims to deliver physical security for networks. The Standard was developed by a joint technical committee of the International Electrotechnical Commission (IEC) and the International Organization for Standardization (ISO), which focuses on the interconnection of information technology equipment. (For more information, please visit: https//webstore.iec.ch/searchform&q=18598, http://www.iec.ch/, and http://www.iso.org/.)
Hans-Jürgen Niethammer is involved in standards committees at national (German), regional (European) and international levels (ISO/IEC), for telecommunication cabling in office buildings and data centers. Niethammer was Project Leader of the ISO/IEC 18598 during its development and commented on some of its key points. “There are many advantages to this new standard, but I see two main ones. First, users of ISO/IEC 18598 now have a defined requirement list of features and functions that AIM systems must have in order to conform to this International Standard. Prior to this, there were a lot of systems out there that did some of the things on the list, but not all. So users couldn’t distinguish between their functions. This list gives end users who are thinking of adopting an AIM system a clear overview of what such a system has to offer,” said Niethammer.
The Standard also defines a mandatory software interface for AIM systems, which allows the integration of AIM system functionality into already existing business software applications like data centre infrastructure management (DCIM) or other AIM systems.
“This is the second main point for me. Previously, if a vendor stopped developing its AIM products, end users would be stuck, because they would not be able to continue using the product. But the new definition of this standardized software interface allows another vendor to take over, using the existing software interface to continue delivering the customer this service,” Niethammer added.
AIM systems can provide automated, easily accessible, current documentation that can improve system availability and facilitate solving problems quickly.
ISO/IEC 18598 specifies the requirements and recommendations for the attributes of AIM systems, which it defines as an integrated hardware and software system.
The hardware automatically detects the insertion or removal of cords using a combination of patch panels and controllers, and processes this as part of an automated infrastructure management system.
The software used includes either application programming interfaces or data exchange formats, which collect, store and allow the data from the AIM system to be shared with other systems. The Standard also includes documenting the cabling infrastructure, recording connectivity information, and allowing data exchange with other platforms.
Thanks to these software functions, the application of this Standard will allow IT managers to see all the physical connections in buildings, both locally and remotely. They will receive instant updates of changes, and reports on which devices are connected and where they are. By alerting managers to unscheduled changes, this extra layer of surveillance will allow them to quickly locate where the problem is and address it. IT managers will also be able to monitor and maintain network connectivity automatically and in real time.
Valid for Diverse Industries
This International Standard will benefit different industries in varied ways. Two examples of how the standard impacts ICT providers AND building management teams are noted below:
Example 1: ICT providers should make sure that their engineers get the clear list of requirements defined in this Standard, which must be put into their systems. So if a company offering an AIM system follows this list, then it will be, by definition, standard compliant.
Infrastructure network planners and designers, network operation managers, IT process managers, software integrators, suppliers of AIM solutions, and suppliers of management system software, will improve their systems by incorporating requirements of the Standard at the initial development stage.
Example 2: In the case of DCIM, the software used in AIM systems can enhance and automate the management and operational functions in building and data centres, thanks to the real-time information gathered for the cabling infrastructure. This includes asset and connectivity management, change and availability management and capacity planning.
Interaction between building management systems and AIM systems may improve the overall efficiency and security of the building. By having an accurate, real-time overview of how buildings are used, it is possible to find savings in areas including energy management, lighting, access control for employee time and attendance systems, and security.
The IEC is the global organization that publishes International Standards and supports all forms of conformity assessment for the millions of devices that use or produce electricity or contain electronics. IEC work covers all the building blocks of information technology: printed electronics, components, switches, cables, and wires. It ensures that devices and systems that are used in the home, office, medical facilities, manufacturing, and public spaces work safely with each other, everywhere in the world. IEC work also covers power generation, transmission, distribution, all renewable energy sources, energy storage, public and private transportation, components, the building blocks of information technology, the Smart Grid, and Smart Cities. For more information, please visit www.iec.ch.