Page History

...

• Access to the facility is an important factor affecting the communication recovery time and the equipment maintenance time. Access to the facility should be limited in time and for white lists of employees. Access lists must be up to date. If access lists are not up to date, it can be used, for example, by a dismissed employee whose name was not promptly excluded from the lists. Pay attention on the guards and locks in the places where equipment is located in order to prevent unauthorized access.
• A dedicated room. It is recommended to place data transmission equipment and points of connection to the infrastructure in a dedicated room, isolated from external factors. For example, it can be a room with a separate entrance and access for the company employees only or a machine room where the third-party company equipment is located.
• Cable route. The site must meet the requirements for the cable route installation and for access during the operational phase. General requirements adherence for cabling is an important factor in reducing the risks associated with link accessibility, which can be caused by cable damage or connection errors.
• Power. The site must have a connection point to with a stable power supply network. In accordance with the company technical policy, a backup line of electric power supply or an uninterrupted power supply system can be organized. Power supplies must be independent, i.e. there should be no single point of failure. For backup power supply systems, it is recommended to implement automatic switching schemes between sources, which will avoid communication interruption in case of the main power supply source failure.
• Grounding. Proper grounding can significantly reduce the likelihood of wireless devices failing in the the wireless device's failure in case of electromagnetic noises or lightning strikes.
• Climate systems. Reliable  The reliable network equipment operation depends on the external conditions: the device is guaranteed to function in the specified temperature range, pressure and humidity. The environment influence is random, therefore, in order to maintain a stable operation, the specified climatic conditions must be created artificially, it is recommended to install an air conditioner and a heater with the possibility of their automatic on / off. The climate systems in the high-rise part are impossible, therefore, for reliable operation in harsh conditions, the devices of the InfiLINK 2x2 / InfiMAN 2x2 families with an extended temperature range can be used. Such devices are equipped with a built-in heater, which turns on when the ambient temperature drops below a set threshold.
• Links. A  The network accessibility can be increased due to the by installing backup links installation.  Links The links must be independent, i.e. do not have the should be no single points of failure, for example, a wired communication channel can be the main one, and wireless can be the backup one.  Realization The realization of fault-tolerant schemes for automatic links link redundancy and aggregation using Infinet devices are described in the Link aggregation, balancing and redundancy article. Scenarios with the including mobile objects require a different reservation scheme, describer described in the Connectivity with mobile objects article.

Organization of auxiliary facility infrastructure

An important factor of a in site choosing is the ability to install auxiliary infrastructure elements, which will increase the availability of the communication system. Video surveillance and alarm systems are examples of auxiliary infrastructure. An alarm allows to quickly detect an unauthorized access to the object , and a video surveillance system will be useful in investigating incidents.

Equipment installation

Installation The installation work on the site should be guided by the general requirements and by the company's technical policy. Improperly executed, the installation can cause a violation of the entire network facility availability, the restoration of which may require a large time and financial resources.

In order to ensure the physical security, make the following settings for the wireless device:

• turn off the indicator lights on the device, it will increase its stealth;
• the unused ports of the wireless devices can be used by an attacker to gain access to the network, therefore, in order to eliminate the possibility of unauthorized connections, it is recommended to disable the unused network interfaces;
• devices based on the H11 hardware platform support the PoE-out function on eth1. An attacker can use it to power third-party equipment. If the PoE-out function is not used, make sure it is disabled.

Facility operation

Installation work The quality control of the installation is carried out at the stage of object the acceptance into service of the device. The acceptance procedure should be performed in accordance with the company's technical policy.

Ensuring the information security is a continuous process that requires monitoring and response to identified and emerging threats, therefore, it is necessary to carry out preventive maintenance of the communication facilities. Depending on the requirements established in by the company and the specifics of the network node, the list of preventive measures may vary. A common set of regular jobs includes:

• facility inspection to make a list of deviations from the technical policy requirements;
• cleaning on site;
• periodic testing of the backup systems: for links - scheduled work with the main channel turned off, for power systems - scheduled work with the main source turned off (additionally, uninterruptible power supplies and battery capacity testing).

Anchor
radio_security radio_security

...

Radio security

Wireless data transmission is performed in a shared environment, which brings a lot of possibilities for attackers. The security measures described below should be applied in a comprehensive manner, since measures protecting from one threat may not be effective against another.

...