Tool catches saboteurs on camera

Trusted insiders who attempts to sabotage IT networks could face a new security system that catches them red-handed.

Trusted insiders who attempts to sabotage IT networks could face a new security system that catches them red-handed.

ITT Industries has introduced a real-time asset-management application that is currently being deployed throughout a major financial institution, which it declined to name due to contractual and security reasons.

According to Jonathan Blitt, president of the ITT Industries Network Systems & Services division, the LANSense product integrates physical security with network security and enables administrators and security personnel to isolate and identify the source of network anomalies or failures.

LANSense is a non-proprietary, intelligent and self-documenting network asset-management system that integrates third-party network management systems with the management of copper and fibre structured cabling installations. It can also be integrated with camera monitoring systems that can capture an image of whoever is working at the patch panel at the instant a failure occurs.

"It actually rests in the data communications closet," said Blitt. "If a plug is pulled out of a patch panel, the system is set up so that it can snap a picture of that person, or an audio alarm can go off, or it can send a page or an e-mail with a picture attached."

ITT can install special patch panels that have a small metal strip above each port, referred to as a "ninth wire", that carries an electrical current. When something is moved, it breaks the current, sending a signal to a database.

"Each computer has its own heartbeat, and that heartbeat identifies a user's authorised space," said Blitt. When something is changed at the patch panel or access is attempted at a physical location that is different from what is in the database, the system searches in real time to see if that activity is authorised, he said.

Gary O'Neall, chief Internet officer at PlaceWare, an online conferencing provider, said he agrees that merging physical and network security is a value add-on. O'Neall, who once worked in the intrusion-detection field, said he regularly found open ports and configuration errors that made tracing operational problems difficult.

Keith Morgan, chief of information security at Terradon Communications Group, a content management company, said having such a system in place is a good idea.

"I can think of hundreds of cases throughout my career where an error in the wiring closets, or someone intentionally or accidentally disconnecting a patch cable has caused downtime," said Morgan. "I remember one case where an engineer brushed against some cabling in a wiring closet, disconnecting our entire Internet pipe. He had no idea that it had happened, and it took us quite some time to nail down."

Read more on Network software