IT-Symposium 2005 07.04.2005
www.decus.de 1
3A07:Infrastruktur-Überwachung gegen
physische Schäden
IT-Symposium 2005
Robert KrauseBkom Business Kommunikationssysteme GmbH
Kirchheim bei München
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 2
Physische Bedrohung
Physische Ursachen von Netzwerk Ausfällen
Umgebungsbedingungen:• Temperatur• Luftfeuchtigkeit• Luftströmung• Feuer
Menschliche Faktoren:• Unberechtigter Zugriff• Unbeabsichtigte Fehler• Fahrlässigkeit• Rechtswidrige Handlungen• Nichterkennen der Ursachen
Stromversorgung:• Überlastung
IT Überwachung
PhysicalThreats
Digital Threats• Hackers• Systems S/W• Viruses• Network Bottlenecks
Quelle: Fleishman-Hillard Research
IT-Symposium 2005 07.04.2005
www.decus.de 2
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 3
Umfrage-Ergebnis*
Über 50% der Befragten waren im Vorjahr von mindestens einem kritischen Netzwerkausfall betroffenHauptgründe für Ausfälle:
67% Umgebungseinflüsse und/oder Stromversorgung47% Menschliches Fehlverhalten
Wichtigste Faktoren für Betriebssicherheit:85% Erkennen, Analysieren und Vermeiden von menschlichem Fehlverhalten74% RZ-/Raum-Absicherung74% Einhaltung von Temperatur-/Feuchtigkeits-Grenzwerten
* Fleishman-Hillard Survey of 150 US IT Managers – June 2001
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 4
Physical Security…beobachten, fühlen, informieren, aktivieren…
IT-InfrastrukturAbsicherung von EDV-Räumen und RechenzentrenErkennung möglicher Schäden durch UmweltfaktorenReduzierung von Ausfallzeiten durch Früherkennung, Analyse und rechtzeitige Korrektur der Ursache
Objekt- und GebäudeschutzNicht genügend Personal zur SicherungBereiche vor unberechtigtem Zugang / Zugriff schützen
ProduktionÜberwachung von kritischen Prozessen„Augen und Ohren“ an unbeaufsichtigten Standorten
IT-Symposium 2005 07.04.2005
www.decus.de 3
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 5
Wie sicher ist ihr Unternehmen?
Unzureichende KühlungWassereinbruchUnbefugter ZutrittMenschliches Fehlverhalten
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 6
Einsatzmöglichkeiten
IT-Symposium 2005 07.04.2005
www.decus.de 4
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 7
Einsatzmöglichkeiten
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 8
Einsatzmöglichkeiten
IT-Symposium 2005 07.04.2005
www.decus.de 5
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 9
Sicherheitssysteme
INTRANET /INTERNET
WallBotz™Serverräume, Verteilerräume
RackBotz™19”-Schrank
NetBotz CentralZentrale Verwaltung,
Konfiguration, Speicherung, Auswertung
INTEGRIERTE SENSOREN
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 10
Komplettsysteme
NetBotz 420 – Rack & Wall Models
Exterior of 320 models appears the same as 420 models, except no USB or compact flash ports.
IT-Symposium 2005 07.04.2005
www.decus.de 6
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 11
Komplettsysteme
NetBotz 420Midrange physical threat monitoring appliance provides integrated monitoring with moderate expandabilityUp to 4 additional sensor pods or output control podsCan add a 2nd camera with Camera Pod or CCTV PodOptional 802.11b or GSM/GPRS network connections
NetBotz 320Entry-level physical threat monitoring appliance for small, enclosed areas
Both 420 and 320 have:Integrated sensors for temp, humidity, dewpoint, airflow, audio level, door switch, camera motionCamera resolution 640x480,up to 20 frames/sec4 external sensor ports (expandable on 420 by adding sensor pods)10/100 Ethernet network connectionWall- or rack-mountable models
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 12
Modulare Systeme: WallBotz 500Modular design:
Base StationCamera Pod 120Sensor Pod 120
WallBotz 500 comes with 1 each docked Camera Pod 120 and Sensor Pod 120Additional Camera Pods and Sensor Pods can be connected via USB ports
Original Pods can be undockedCCTV Adapter Pod lets WB 500 utilize images from CCTV cameras Network connections
10/100 Ethernet standard802.11a/b/g wireless LAN via PC cardGSM wireless modem (PC card)Dial modem/PPP (PC card or USB)
SSL encryption of alert transmission and live view
IT-Symposium 2005 07.04.2005
www.decus.de 7
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 13
Wireless Kommunikation
GSM Service von T-Mobile und VodafoneUnterstützte GSM Modem Karten
Option International GlobetrotterSierra Wireless AirCard 750
UMTS in Vorbereitung
Wireless LANStandard 802.11a/b/gCisco Aironet 802.11a/b/g AdapterNetgear WAG511 Dual Band AdapterD-Link Air Xpert DWL-AG650 Tri-Mode Dual Band
Serielle KommunikationXircom Modem (PCMCIA), USB Multitech Modem
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 14
CameraResolutions: 160x120, 320x240, 640x480, 800x600, 1024x768, 1280x1024
Maximum 640x480 if connected to 420Frame rates: 1,2,3,4,5,8,10,15,20,30 frames per second
Slower rates: 1 frame every 2 sec, every 3 sec, low as every 30 secMaximum 20 frames/sec if connected to 420
Standard lens can be replaced with otherCS-mount lens (e.g. zoom, wide-angle)
Microphone Internal microphone can record audioMicrophone jack for external microphone
If external microphone plugged in, internal mike turns off
Microphone supported by 500 onlySpeaker / Headphone jack
Play local audio alerts through speakerAudio alerts supported by 500 only
Door switch jack
Camera Pod 120
IT-Symposium 2005 07.04.2005
www.decus.de 8
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 15
CCTV Adapter Pod 120
Enables customers to:use existing CCTV camerasuse specialized CCTV cameras, e.g. day/night, wireless
CCTV camera connects to either BNC, RCA, or S-Video input on CCTV Adapter Pod
1 CCTV camera per adapter podNTSC, PAL, or SECAM video source input formatConverts analog video source to digital
Images up to 640x480 resolution, depending on sourceSupported on 500 & 420
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 16
Sensor Pod 120
Integrated Environmental Sensors:
Temperature sensorHumidity sensorDew Point sensorAirflow sensorAudio sensor
4 External Sensor Ports
IT-Symposium 2005 07.04.2005
www.decus.de 9
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 17
External Sensor – 4-20mA Pod
4-20mA current loops provide current to power sensor and for measurement readingValue of physical parameter being measured is converted to the 4-to-20 scale, with 4 representing zero and 20 the high end of the rangeNetBotz 4-20mA Sensor Pod supports up to four 4-20mA sensors
Sensor loops connect to screw terminal ports on bottomEach port can provide 20mA to its sensor loopFor 3- and 4-wire sensors, there is an additional port on the side for supplemental loop powerConnects to USB port on 500 or 420
0-5V sensors (or monitoring ports from equipment) also supported with External Sensor – 0-5V Sensor Cable
Connects to external sensor ports on Sensor Pod, 420, 320
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 18
Flexibel erweiterbar
4 portUSB Hub
4 portUSB Hub
4 portUSB Hub
4 portUSB Hub
4 portUSB Hub
4 portUSB Hub
Maximum Configuration• 4 Kamera Pods (1 docked, 3 undocked)• 17 Sensor Pods (1 docked, 16 undocked)
IT-Symposium 2005 07.04.2005
www.decus.de 10
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 19
Mögliche Leitungslängen
510m 510m
METERS 0 25 110 510
FIBER 500M POD EXTENDER
CAT5 POD EXTENDER
USB REPEATERKABEL
Externe Sensoren (Temperatur, Flüssigkeit, Strom, Partikel, etc…)
bis zu 4 Anschlüsse pro Sensor Pod, max. Distanz zum Sensor Pod 30 m
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 20
Hardware Add-Ons
External Temperature & Humidity SensorsFluid Detector
Detects liquids via activation of contacts on bottom of device
Amp DetectorsMonitors electric current consumption on circuitsVersions
U.S./Canada: NEMA 120V outlet types 5-15, 5-20, L5-20, L5-30, and 208V type L6-30European, UK/Ireland, South Africa modelsHi-Current 200 & 600 amp models, single or three-phase, for power distribution panels
Particle SensorMeasures presence of dust, smoke, or other particulates in sensitive equipment spaces (concentrations as small as 1 micron)Supported on NetBotz 500 only
External TemperatureSensor
Fluid Detector
Amp Detector(30A twistlock model) Particle Sensor
IT-Symposium 2005 07.04.2005
www.decus.de 11
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 21
Hardware Add-Ons
Third Party Dry Contact SensorsGlass break, vibration, condensation, gases, moreConnect to Botz or Sensor Pod with NetBotz Dry Contact Cable
Distance limit for external sensors is 115 feet from Botz or Sensor PodExtension cables in 15, 25, 50, 100-ft lengths (Standard or Plenum)
Camera Pod Enclosures2 models: Basic enclosure and enclosure with heater & blower
Wide Angle and Varifocal Zoom replacement lenses for Camera PodPod Mounting Kit
Mount Camera Pod or WB500 base station in cabinet; also allows mounting Camera Pod from drop ceiling
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 22
Schalten: Output Relay Pod
1 2 3 4A /B C/D
Output Relay Pod 120WallBotz 500
USB-Kabel
Kontakte zum öffnen von Türen, Licht “AN” oder anderen Schaltvorgängen16 Reed-Schaltkontakte (10W) einzeln steuerbarSteuerung und Spannungsversorgung über USB-SchnittstelleManuelle oder automatisierte Steuerung der Schaltvorgänge
Bis zu 4 REL-16s pro WB500
IT-Symposium 2005 07.04.2005
www.decus.de 12
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 23
Schalten: Power Control Pod
USB SerielkabelSERVER
SWITCH
WallBotz 500
1 2 3 4A /B C/D
Schaltet Remote Systeme “EIN oder AUS”NetReach Power Control Unit
Bis zu 16 “Master” PCU’s können an einen WB500 angeschlossenwerdenBis zu 9 “Satelliten” PCU’s an eine “Master” unit230 VAC Version (RPS-10-EC)
19” Rackbefestigung48V= Version verfügbar
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 24
Software & Alarmierung
Alarmierung über:- EMAIL- FTP- HTTP Post- SNMP- SMS- AUDIO
IT-Symposium 2005 07.04.2005
www.decus.de 13
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 25
Appliance Software Features
Sensor Thresholds & AlertsSet upper & lower thresholds for each sensorEnable/disable alerting for each sensor by day/timeSensor- or threshold-specific E-mail alert notification recipientsMultiple thresholds per sensor, including rate-of-change
Alert notification mechanisms:E-mail, SNMP, HTTP Post, FTPAlert Escalation
3 levels of escalationFor each level, can customize number of alert repetitions and which alert mechanisms to use
Alert if repeated failed logon attempts
PPP/Modem supportGSM wireless modem supportAuto-upgrade software over InternetUser-defined labels for dry contact sensors and values Short messaging for alerts sent to mobile devicesDetailed sensor location information
e.g., bottom 1/3 of cabinetNetwork flexibility – supports NAT, DHCP, Socks V4/5 proxySet clock via NTP serverWrite log data to SYSLOGIP FilteringCustomized Alert Text & URL
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 26
Alert Management
BOTZWARE ALERT POLICIES
ALERT PROFILE• Alert Actions to Include• Start n min. after Alert• Repeat y times at intervals
of z minutes
ALERT ACTIONS• Notification Type• Include Pics/Audio/Graphs?• Severity Level Filtering• Destination Addresses• Alert Action Scheduling
THRESHOLDS• Sensor• TH Definitions• Severity Level of TH• TH-Specific E-mails• Enable/Disable Schedule• Associated Camera Pod
IT-Symposium 2005 07.04.2005
www.decus.de 14
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 27
Basic View for Handhelds
IT professionals can check on Botz from popular handhelds running Windows Mobile, Palm OS, and Blackberry OS’s
including HP iPAQs, PalmOne Tungstens, Blackberrys
Complete Basic ViewSensor readingsLive camera imagesGraphsRecent alerts inclattachmentsSimple navigation
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 28
Bewegungs-Erkennung
BewegungsmelderMaskierungEmpfindlichkeit (Änderung)Fläche der BewegungZeitstempel
IT-Symposium 2005 07.04.2005
www.decus.de 15
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 29
Software gesteuerte Funktionen
Schaltfläche in der Kameraansicht zurAktivierung (z.B. Türöffner)Output Relay Pod 120Power Control Pod
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 30
Alert E-Mail
E-mails can include graphs, pictures, and audio clips
IT-Symposium 2005 07.04.2005
www.decus.de 16
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 31
NetBotz Central
Administration und Konfiguration von NetBotz AppliancesSkalierbares System, einfache HandhabungGrafische / tabellarische Darstellung aller NetBotz AppliancesSpeicherung der Video-, Audio- und SensordatenVideoüberwachung
NetBotz Central Server
(NetBotz Appliances)
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 32
NetBotz CentralMap View Table View
Graph View Surveillance View
IT-Symposium 2005 07.04.2005
www.decus.de 17
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 33
Management Integration
Ipswitch WhatsUp GoldHP OpenView NNM for Windows
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 34
Links
http://www.netbotz.comHersteller-Info und „Test Drive“http://www.netbotz.com/library/Physical_Threat_Security.pdfResearch Report
IT-Symposium 2005 07.04.2005
www.decus.de 18
IT-Symposium 2005 – 3A07: Physical Security Robert Krause – Bkom GmbH 35
Fragen ???
Bkom Business Kommunikationssysteme GmbHSchwabener Weg 185551 Kirchheim b. München
http://www.bkom-muc.demailto:[email protected]: (089) 159 23 65-0
Top Related