How Optical LAN can remove 84 points of vulnerability from your network

by | Oct 30, 2019 | Blog

Improve network security and access controls

October is National Cyber Security Awareness Month (NCSAM). NCSAM’s purpose is to promote a collaborative effort between government and industry to raise awareness about the importance of cyber security.

In support of this national initiative, Passive Optical LAN can drastically improve the physical LAN’s defensibility, enabling consistent protection policies that are centrally managed – all while reducing human error and increasing network stability.

The greatest proof of Optical LAN’s ability to tighten an enterprises’ cyber security posture by reducing a companies’ attack surface, is best illustrated by how OLAN reduces network points of vulnerability.

For example, let’s start with a copper-based legacy corporate LAN design that connects 4,032 Gigabit Ethernet from eighty-four 48-port workgroup switches and one distribution/aggregation switch. The process to harden this enterprise network to ensure secure operations would need to address:

  • 85 IP addresses to protect
  • 85 Switches to secure (Security Technical Implementation Guide, STIG)
  • 85 Switches to provision
  • 85 Software loads to maintain
  • 85 Physical equipment provisioning ports (CLI access)

Legacy copper-based network 85 points of vulnerability

 

Now let’s compare that to a modern Optical LAN architecture supporting the same 4,032 Gigabit Ethernet connections, from either eighty-four 48-port closet-based ONTs (e.g. ONT248) or a thousand 5-port deep fiber ONTs (e.g. ONT205) – in both cases you’d only need one OLT (e.g. OLT6) and one software defined networking management (e.g. Panorama PON Manager). In this case, providing the utmost secure LAN where security policies and procedures are implemented consistently, with fewer human errors and across a more reliable network would require:

  • One IP address to protect
  • One OLT to secure (STIG)
  • One OLT to provision
  • One Software load to maintain
  • One OLT provisioning ports to secure

Optical LAN can remove 84 points of vulnerability from the network

 

The math is easy. That’s eighty-four (84) fewer network points of vulnerability.

Now understanding that 80% of network outages are caused by humans, and 30% of security breaches are caused by humans (both through deliberate malicious and inadvertent accidental actions), you can see by the above example that the OLAN with centralized intelligence and software defined networking management is going to have fewer human touches which directly improves network security, reliability and operational efficiencies.

Last and not least, with a deep fiber Optical LAN design you can reduce, or eliminate, telecommunication rooms which means those rooms, and doors, no longer require expensive security and problematic access control.

If you want more information about our Tellabs Optical LAN highly secure solutions, please connect with us on  FacebookLinkedInTwitter, Instagram, and YouTube.

John Hoover, Tellabs Marketing Director
John Hoover
Former Director of Marketing (Retired)
John Hoover, now retired, concluded his career as Marketing Director at Tellabs, where he held multiple roles over two decades working at the company. A veteran of the industry, John was instrumental in driving advancements such as early passive optical network deployments, video implementations, wireless innovations, and the adoption of enterprise Passive Optical LAN.