As telecommunications networks continue to expand, adding sites to reach underserved geographies and increasingly to support the rollout of 5G, ensuring the security of these sprawling networks becomes more complex. Securing hundreds of sites is difficult enough but protecting tens of thousands of sites — and the data of millions of people using those sites — is daunting.
The challenge is baked into network growth. To manage the growing number of sites and the increasing intelligence of modern networks, operators must have visibility across their networks and the ability to manage equipment remotely. But that hyper-connectivity also is a vulnerability, as every networked piece of equipment becomes a potential access point for bad actors.
We’ve been looking at some of the capabilities of the Vertiv™ NetSure™ Control Unit (NCU) in recent blog posts, and today I’m going to address some of the security features present in the NetSure™ NCU. Individually, these are not unique to Vertiv or the controller, but together they provide robust security in a system designed to deliver seamless visibility and insight.
To start, the NetSure NCU supports both HTTP and HTTPS protocols for sending data between a web browser and a website. The difference is HTTPS is encrypted and therefore far more secure. Most government, financial, and healthcare organizations shifted to HTTPS years ago due to the sensitive nature of their work, and it has become the standard for all commercial websites.
In the past, when systems were not routinely connected to the network, there was not a pressing need for the security of HTTPS. Either the system wasn’t connected to the network and the operator used alarm relays to be notified of alarm conditions or it was hidden behind firewalls or connected to protected networks. As security attacks became more sophisticated, even a system within a protected network could be vulnerable. Today, a crack at the edge can compromise the entire network.
The NetSure NCU also supports SNMPv3, the IETF-recommended version of the Internet Standard Management Framework enabling secure, encrypted machine-to-machine communications. SNMPv3 provides commercial-grade security and easy control of authentication, privacy, authorization and access control. Like HTTPS, it is the current industry standard.
Of course, there are other communications protocols used for various tasks and different types of data transmission. Infrastructure systems, such as AC and DC power and thermal management systems, must be protocol-agnostic. They support telecom and data center applications alike and must adapt to whatever protocol their users choose.
The NetSure NCU is not proprietary when it comes to communication protocols. It does not require a certain software to enable different types of communications. It comes preconfigured to support more than five commonly used protocols and can be updated to support others. Beyond that, the device itself has its own webpages, and users can see and use the system through those pages.
Managing user access is another challenge, and the NetSure NCU is equipped with RADIUS User Authentication to control that process. RADIUS stands for Remote Authentication Dial-In User Service, which is a clunky way of saying it allows operators to securely manage all usernames and passwords used to access the NCU from a central server. Rather than local authentication at each controller, which quickly becomes complicated across thousands of sites and involving multiple employees and vendors, RADIUS user authentication simplifies and centralizes access control.
All of these features contribute to data protection and peace of mind for security-focused operators. Is your network infrastructure as secure as it should be? If not, the NetSure NCU could help boost your protection.
Learn more about the advantages of advanced monitoring and control for DC power in our Vertiv™ NetSure™ Control Blog Series.