top of page

Monitoring and Security in Optical Networks


In April United Healthcare, the largest healthcare insurer in the United States was hacked.  The Change Healthcare network was locked down. Patient information was stolen.  Healthcare providers started having trouble verifying coverage and co-pays, pharmacists began struggling to fill prescriptions citing the lack of available information regarding their patients. According to testimony given by the United Healthcare CEO, this breach touches about one third of the population of the United States.  It is reported that United Healthcare paid a ransom of about $22 million to the hackers.


The hackers used stolen credentials in order to breach the network.  It is possible that two-factor authentication, which was not present on this network, could have prevented this major event.  The moral of the story is that even the largest networks have vulnerabilities that can be exploited.  Managing network vulnerabilities and persistent, diligent monitoring of networks should be a high priority for all organizations.  Optical fiber networks have some inherent security benefits over copper links.  Today, we will examine some advantages of fiber links.


Optical Fiber Benefits

There are many benefits of using optical fiber compared to copper links.  A few of these include:

  • Higher Bandwidth 

  • Longer Distances

  • Light Weight

  • Electromagnetic Immunity

  • Security

  • Reliability

  • Low Latency


Monitoring Optical Networks

Setting up monitoring and security tools on optical networks requires a different architecture than what is used for copper links.  While SPAN ports can be used to connect security tools to fiber optic links, there are some issues that must be addressed.  In order to achieve full duplex monitoring, two SPAN sessions must be configured.  One session for ingress and one session for egress.  Optical SPAN also suffers the same limitations as copper SPAN.  Some of those limitations include random packet drops during busy periods, inability to see layer 1 and 2 errors, and potential security vulnerabilities if not configured properly.  The safe, secure, complete and accurate option is to use optical TAPs such as Network Critical’s Passive Fiber TAPs.



Optical Security

As noted above, optical fiber links are immune to EMI disruption.  While copper links can be hacked without actually touching the cable, optical fiber must be physically cut and tapped in order to access live data.  This not only makes malicious intrusion more difficult to accomplish, it also makes it easier and faster to detect intrusions. Other environments where optical fiber is superior include explosive environments, oceanic links, video surveillance and co-deployment on electrical power right-of-ways.  


Developing a robust cyber security profile can be simple and cost effective when using passive optical TAPs that divide up the optical light budget between live traffic and mirror traffic being sent to a variety of security tools.  



Passive Optical TAP Portfolio

There are many varieties of optical fiber depending on the network application.  Distance, speed and bandwidth are important factors when choosing fiber cables.  It is also critical that fiber cables and equipment are compatible end to end.  When tapping a fiber cable to connect security and monitoring tools, the type of fiber and connectors used must be compatible with the network equipment and the selected tools.  Network Critical, therefore, offers many options for Optical TAPs.  In addition to common TAPs available in stock they provide specialized custom options for select applications.  Some of the benefits of using optical TAPs include:


  • Without introducing latency or a point of failure, Network Critical passive ethernet TAPs provide secure and simple access to live traffic in high speed production networks.

  • MPO and LC optical TAPs are optimized to ensure zero latency and offer a full range of split ratios including 50:50, 60:40 and 70:30 in both Single Mode and Multi-Mode fiber types.

  • These TAPs pass all full-duplex traffic ensuring a complete and accurate mirror of live network traffic being sent to tools.

  • Optical TAPs require no power and consume very little rack space with up to 16 fiber taps in a 1U frame.

  • Always on, optical TAPs are a physical mirroring of data which introduces no point of failure in links.  Always on, always safe.

  • Optical TAPs are invisible to the network.  They have no MAC or IP address.  Hackers cannot hack what they cannot see.

  • The wide range of Network Critical optical TAPs can safely connect to tools at speeds from 1Gbps to 10Gbps Multi-Mode fiber and from 1Gbps to 100Gbps Single Mode fiber.




As a result of the advantages listed above, the fiber optic network market is growing.  Along with this migration from copper to fiber, monitoring and security tools are increasingly offering optical interfaces. New cyber security tools, many using AI capabilities, have direct fiber interfaces.  These tools can monitor live traffic, block known anomalies and even predict potential malicious traffic.  When connected with “invisible” TAPs, these tools present a formidable opponent to hackers.  


In order to assist customers and prospective customers navigate the complexities of initiating fiber optic TAPs, Network Critical has optical network experts available to answer your questions, audit your systems and assist with choosing the correct fiber, connectors and splits to optimize tool connectivity.  For more information or to talk with an optical expert, go to www.networkcritical.com/contact-us.

1 Comment


Pamela John
2 days ago

Ensuring robust monitoring and security is paramount in today's complex optical network environment. MSP Columbus offers comprehensive Network Safety Authenticator services designed to safeguard your network infrastructure. Their advanced solutions provide real-time visibility, threat detection, and proactive protection against potential vulnerabilities. By partnering with MSP Columbus, you can confidently navigate the challenges of network security and maintain uninterrupted operations.

Like

BLOGS