3A07: Infrastruktur-berwachung gegen physische Schden Robert - - PDF document

IT-Symposium 2005 07.04.2005 www.decus.de 1

3A07: Infrastruktur-Überwachung gegen physische Schäden

IT-Symposium 2005

Robert Krause Bkom Business Kommunikationssysteme GmbH Kirchheim bei München

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 2

Physische Bedrohung

Physische Ursachen von Netzwerk Ausfällen

Umgebungsbedingungen:

• Temperatur
• Luftfeuchtigkeit
• Luftströmung
• Feuer

Menschliche Faktoren:

• Unberechtigter Zugriff
• Unbeabsichtigte Fehler
• Fahrlässigkeit
• Rechtswidrige Handlungen
• Nichterkennen der Ursachen

Stromversorgung:

• Überlastung

IT Überwachung

Physical Threats

Digital Threats

• Hackers
• Systems S/W
• Viruses
• Network

Bottlenecks

Quelle: Fleishman-Hillard Research

IT-Symposium 2005 07.04.2005 www.decus.de 2

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 3

Umfrage-Ergebnis*

Über 50% der Befragten waren im Vorjahr von mindestens einem kritischen Netzwerkausfall betroffen Hauptgründe für Ausfälle: 67% Umgebungseinflüsse und/oder Stromversorgung 47% Menschliches Fehlverhalten Wichtigste Faktoren für Betriebssicherheit: 85% Erkennen, Analysieren und Vermeiden von menschlichem Fehlverhalten 74% RZ-/Raum-Absicherung 74% Einhaltung von Temperatur-/ Feuchtigkeits-Grenzwerten

* Fleishman-Hillard Survey of 150 US IT Managers – June 2001

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 4

Physical Security

…beobachten, fühlen, informieren, aktivieren…

IT-Infrastruktur Absicherung von EDV-Räumen und Rechenzentren Erkennung möglicher Schäden durch Umweltfaktoren Reduzierung von Ausfallzeiten durch Früherkennung, Analyse und rechtzeitige Korrektur der Ursache Objekt- und Gebäudeschutz Nicht genügend Personal zur Sicherung Bereiche vor unberechtigtem Zugang / Zugriff schützen Produktion Überwachung von kritischen Prozessen „Augen und Ohren“ an unbeaufsichtigten Standorten

IT-Symposium 2005 07.04.2005 www.decus.de 3

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 5

Wie sicher ist ihr Unternehmen?

Unzureichende Kühlung Wassereinbruch Unbefugter Zutritt Menschliches Fehlverhalten

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 6

Einsatzmöglichkeiten

IT-Symposium 2005 07.04.2005 www.decus.de 4

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 7

Einsatzmöglichkeiten

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 8

Einsatzmöglichkeiten

IT-Symposium 2005 07.04.2005 www.decus.de 5

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 9

Sicherheitssysteme

INTRANET / INTERNET WallBotz™ Serverräume, Verteilerräume RackBotz™ 19” -S chrank NetBotz Central Zentrale Verwalt ung, Konfiguration, S peicherung, Auswertung

INTEGRIERTE S ENS OREN

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 10

Komplettsysteme NetBotz 420 – Rack & Wall Models

Exterior of 320 models appears the same as 420 models, except no USB or compact flash ports.

IT-Symposium 2005 07.04.2005 www.decus.de 6

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 11

Komplettsysteme

NetBotz 420 Midrange physical threat monitoring appliance provides integrated monitoring with moderate expandability Up to 4 additional sensor pods

• r output control pods

Can add a 2nd camera with Camera Pod or CCTV Pod Optional 802.11b or GSM/GPRS network connections NetBotz 320 Entry-level physical threat monitoring appliance for small, enclosed areas Both 420 and 320 have: Integrated sensors for temp, humidity, dewpoint, airflow, audio level, door switch, camera motion Camera resolution 640x480, up to 20 frames/sec 4 external sensor ports (expandable on 420 by adding sensor pods) 10/100 Ethernet network connection Wall- or rack-mountable models

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 12

Modulare Systeme: WallBotz 500

Modular design: Base Station Camera Pod 120 Sensor Pod 120 WallBotz 500 comes with 1 each docked Camera Pod 120 and Sensor Pod 120 Additional Camera Pods and Sensor Pods can be connected via USB ports Original Pods can be undocked CCTV Adapter Pod lets WB 500 utilize images from CCTV cameras Network connections 10/100 Ethernet standard 802.11a/b/g wireless LAN via PC card GSM wireless modem (PC card) Dial modem/PPP (PC card or USB) SSL encryption of alert transmission and live view

IT-Symposium 2005 07.04.2005 www.decus.de 7

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 13

Wireless Kommunikation

GSM Service von T-Mobile und Vodafone Unterstützte GSM Modem Karten Option International Globetrotter Sierra Wireless AirCard 750 UMTS in Vorbereitung Wireless LAN Standard 802.11a/b/g Cisco Aironet 802.11a/b/g Adapter Netgear WAG511 Dual Band Adapter D-Link Air Xpert DWL-AG650 Tri-Mode Dual Band Serielle Kommunikation Xircom Modem (PCMCIA), USB Multitech Modem

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 14

Camera Resolutions: 160x120, 320x240, 640x480, 800x600, 1024x768, 1280x1024 Maximum 640x480 if connected to 420 Frame rates: 1,2,3,4,5,8,10,15,20,30 frames per second Slower rates: 1 frame every 2 sec, every 3 sec, low as every 30 sec Maximum 20 frames/sec if connected to 420 Standard lens can be replaced with other CS-mount lens (e.g. zoom, wide-angle) Microphone Internal microphone can record audio Microphone jack for external microphone If external microphone plugged in, internal mike turns off Microphone supported by 500 only Speaker / Headphone jack Play local audio alerts through speaker Audio alerts supported by 500 only Door switch jack

Camera Pod 120

IT-Symposium 2005 07.04.2005 www.decus.de 8

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 15

CCTV Adapter Pod 120

Enables customers to: use existing CCTV cameras use specialized CCTV cameras, e.g. day/night, wireless CCTV camera connects to either BNC, RCA, or S-Video input on CCTV Adapter Pod 1 CCTV camera per adapter pod NTSC, PAL, or SECAM video source input format Converts analog video source to digital Images up to 640x480 resolution, depending on source Supported on 500 & 420

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 16

Sensor Pod 120

Integrated Environmental Sensors: Temperature sensor Humidity sensor Dew Point sensor Airflow sensor Audio sensor 4 External Sensor Ports

IT-Symposium 2005 07.04.2005 www.decus.de 9

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 17

External Sensor – 4-20mA Pod

4-20mA current loops provide current to power sensor and for measurement reading Value of physical parameter being measured is converted to the 4-to-20 scale, with 4 representing zero and 20 the high end of the range NetBotz 4-20mA Sensor Pod supports up to four 4-20mA sensors Sensor loops connect to screw terminal ports on bottom Each port can provide 20mA to its sensor loop For 3- and 4-wire sensors, there is an additional port

• n the side for supplemental loop power

Connects to USB port on 500 or 420 0-5V sensors (or monitoring ports from equipment) also supported with External Sensor – 0-5V Sensor Cable Connects to external sensor ports on Sensor Pod, 420, 320

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 18

Flexibel erweiterbar

4 port US B Hub 4 port US B Hub 4 port US B Hub 4 port US B Hub 4 port US B Hub 4 port US B Hub

Maximum Configuration

• 4 Kamera Pods (1 docked, 3 undocked)
• 17 S

ensor Pods (1 docked, 16 undocked)

IT-Symposium 2005 07.04.2005 www.decus.de 10

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 19

Mögliche Leitungslängen

510m 510m

METERS 0 25 110 510

FIBER 500M POD EXTENDER CAT5 POD EXTENDER USB REPEATERKABEL

Externe Sensoren (Temperatur, Flüssigkeit, Strom, Partikel, etc…) bis zu 4 Anschlüsse pro Sensor Pod, max. Distanz zum Sensor Pod 30 m

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 20

Hardware Add-Ons

External Temperature & Humidity Sensors Fluid Detector Detects liquids via activation

• f contacts on bottom of device

Amp Detectors Monitors electric current consumption on circuits Versions U.S./Canada: NEMA 120V outlet types 5-15, 5-20, L5-20, L5-30, and 208V type L6-30 European, UK/Ireland, South Africa models Hi-Current 200 & 600 amp models, single or three-phase, for power distribution panels Particle Sensor Measures presence of dust, smoke, or other particulates in sensitive equipment spaces (concentrations as small as 1 micron) Supported on NetBotz 500 only

External Temperature Sensor Fluid Detector Amp Detector (30A twistlock model) Particle Sensor

IT-Symposium 2005 07.04.2005 www.decus.de 11

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 21

Hardware Add-Ons

Third Party Dry Contact Sensors Glass break, vibration, condensation, gases, more Connect to Botz or Sensor Pod with NetBotz Dry Contact Cable Distance limit for external sensors is 115 feet from Botz or Sensor Pod Extension cables in 15, 25, 50, 100-ft lengths (Standard or Plenum) Camera Pod Enclosures 2 models: Basic enclosure and enclosure with heater & blower Wide Angle and Varifocal Zoom replacement lenses for Camera Pod Pod Mounting Kit Mount Camera Pod or WB500 base station in cabinet; also allows mounting Camera Pod from drop ceiling

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 22

Schalten: Output Relay Pod

Output Relay Pod 120 WallBotz 500

USB-Kabel

Kontakte zum öffnen von Türen, Licht “AN” oder anderen Schaltvorgängen 16 Reed-Schaltkontakte (10W) einzeln steuerbar Steuerung und Spannungsversorgung über USB-Schnittstelle Manuelle oder automatisierte Steuerung der Schaltvorgänge Bis zu 4 REL-16s pro WB500

IT-Symposium 2005 07.04.2005 www.decus.de 12

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 23

Schalten: Power Control Pod

U S B

• S

e r i e l k a b e l

SERVER SWITCH

WallBotz 500

Schaltet Remote Systeme “EIN oder AUS” NetReach Power Control Unit

Bis zu 16 “Master” PCU’s können an einen WB500 angeschlossen werden Bis zu 9 “Satelliten” PCU’s an eine “Master” unit 230 VAC Version (RPS-10-EC)

19” Rackbefestigung 48V= Version verfügbar

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 24

Software & Alarmierung

Alarmierung über:

• EMAIL
• FTP
• HTTP Post
• SNMP
• SMS
• AUDIO

IT-Symposium 2005 07.04.2005 www.decus.de 13

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 25

Appliance Software Features

Sensor Thresholds & Alerts Set upper & lower thresholds for each sensor Enable/disable alerting for each sensor by day/time Sensor- or threshold-specific E- mail alert notification recipients Multiple thresholds per sensor, including rate-of-change Alert notification mechanisms: E-mail, SNMP, HTTP Post, FTP Alert Escalation 3 levels of escalation For each level, can customize number of alert repetitions and which alert mechanisms to use Alert if repeated failed logon attempts PPP/Modem support GSM wireless modem support Auto-upgrade software over Internet User-defined labels for dry contact sensors and values Short messaging for alerts sent to mobile devices Detailed sensor location information e.g., bottom 1/3 of cabinet Network flexibility – supports NAT, DHCP, Socks V4/5 proxy Set clock via NTP server Write log data to SYSLOG IP Filtering Customized Alert Text & URL

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 26

Alert Management

BOTZWARE ALERT POLICIES

ALERT PROFILE

• Alert Actions to Include
• Start n min. after Alert
• Repeat y times at intervals
• f z minutes

ALERT ACTIONS

• Notification Type
• Include Pics/Audio/Graphs?
• Severity Level Filtering
• Destination Addresses
• Alert Action Scheduling

THRESHOLDS

• Sensor
• TH Definitions
• Severity Level of TH
• TH-Specific E-mails
• Enable/Disable Schedule
• Associated Camera Pod

IT-Symposium 2005 07.04.2005 www.decus.de 14

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 27

Basic View for Handhelds

IT professionals can check on Botz from popular handhelds running Windows Mobile, Palm OS, and Blackberry OS’s including HP iPAQs, PalmOne Tungstens, Blackberrys Complete Basic View Sensor readings Live camera images Graphs Recent alerts incl attachments Simple navigation

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 28

Bewegungs-Erkennung

Bewegungsmelder Maskierung Empfindlichkeit (Änderung) Fläche der Bewegung Zeitstempel

IT-Symposium 2005 07.04.2005 www.decus.de 15

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 29

Software gesteuerte Funktionen

Schaltfläche in der Kameraansicht zur Aktivierung (z.B. Türöffner) Output Relay Pod 120 Power Control Pod

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 30

Alert E-Mail

E-mails can include graphs, pictures, and audio clips

IT-Symposium 2005 07.04.2005 www.decus.de 16

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 31

NetBotz Central

Administration und Konfiguration von NetBotz Appliances Skalierbares System, einfache Handhabung Grafische / tabellarische Darstellung aller NetBotz Appliances Speicherung der Video-, Audio- und Sensordaten Videoüberwachung

NetBotz Central Server (NetBotz Appliances)

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 32

NetBotz Central

Map View Table View Graph View Surveillance View

IT-Symposium 2005 07.04.2005 www.decus.de 17

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 33

Management Integration

Ipswitch WhatsUp Gold HP OpenView NNM for Windows

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 34

Links

http://www.netbotz.com Hersteller-Info und „Test Drive“ http://www.netbotz.com/library/Physical_Threat_Security.pdf Research Report

IT-Symposium 2005 07.04.2005 www.decus.de 18

IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 35

Fragen ???

Bkom Business Kommunikationssysteme GmbH Schwabener Weg 1 85551 Kirchheim b. München http://www.bkom-muc.de mailto:robert.krause@bkom-muc.de Telefon: (089) 159 23 65-0