[187598] in North American Network Operators' Group
Re: Shared cabinet "security"
daemon@ATHENA.MIT.EDU (Bevan Slattery)
Fri Feb 12 17:44:43 2016
X-Original-To: nanog@nanog.org
From: Bevan Slattery <bevan@slattery.net.au>
In-Reply-To: <1174560157.4947.1455310705910.JavaMail.mhammett@ThunderFuck>
Date: Sat, 13 Feb 2016 08:44:34 +1000
To: Mike Hammett <nanog@ics-il.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
In a past life we worked with our supplier to create physically separate sub=
-enclosures.1/2 and 1/3. Able to build in a separate and secure cable path f=
or interconnects to the meet-me-room and connection to power supplies.
Can be done and I think there are now rack suppliers that do this as standar=
d. Been out of DC space for a few years now.
[b]
> On 13 Feb 2016, at 6:58 AM, Mike Hammett <nanog@ics-il.net> wrote:
>=20
>=20
> That moment when you hit send and remember a couple things=E2=80=A6=20
>=20
> Of course labeling of the cables.=20
>=20
> Maybe colored wire loom for fiber and DACs in the vertical spaces to go al=
ong with the previously mentioned color scheme?=20
>=20
>=20
>=20
>=20
> -----=20
> Mike Hammett=20
> Intelligent Computing Solutions=20
> http://www.ics-il.com=20
>=20
> Midwest-IX=20
> http://www.midwest-ix.com=20
>=20
> ----- Original Message -----
>=20
> From: "Mike Hammett" <nanog@ics-il.net>=20
> To: "North American Network Operators' Group" <nanog@nanog.org>=20
> Sent: Friday, February 12, 2016 2:53:17 PM=20
> Subject: Re: Shared cabinet "security"=20
>=20
>=20
> I am finding a bunch of covers for the front. I do wish they stuck out mor=
e than an inch (like two).=20
> http://www.middleatlantic.com/~/media/middleatlantic/documents/techdocs/s_=
sf%20series%20security%20covers_96-035/96_035s_sf.ashx=20
>=20
> It looks like these guys stick out 1.5=E2=80=9D. That may be workable=E2=80=
=A6 http://www.lowellmfg.com/tinymce/jscripts/tiny_mce/plugins/filemanager/f=
iles/1717-SSCV.pdf=20
>=20
> I guess those covers are really only useful for servers. That really would=
n=E2=80=99t work with a switch\router. Switches and routers are going to be t=
he bulk of what we=E2=80=99re dealing with.=20
>=20
> I am finding locking power cables, but that seems to be specific to the PD=
U you=E2=80=99re using as it requires the other half of the lock on the PDU.=
=20
>=20
> I did come across colored power cords. I wonder with some enforced cable m=
anagement, colored power cables, etc. we would have =E2=80=9Cgood enough=E2=80=
=9D? You get some 1U or 2U cable organizers, require cables to be secured to=
the management, vertical cables in shared spaces are bound together by cust=
omer, color of Velcro matches color of the power cord? Blue customer, green c=
ustomer, red customer, etc. Could do the cat6 patch cables that way too, but=
that gets lost when moving to glass or DACs.=20
>=20
> I thought about a web cam that would record anyone coming into the cabinet=
, but Equinix doesn=E2=80=99t really allow pictures in their facilities, so t=
hat=E2=80=99s not going to fly. Door contacts should be helpful for an audit=
log of at least when the doors were opened or closed.=20
>=20
> Financial penalty from the violator to the victim if there=E2=80=99s an uh=
oh?=20
>=20
> I=E2=80=99m not trying to save someone from themselves. I=E2=80=99m not tr=
ying to lock the whole thing down. Just trying to prevent mistakes in a shar=
ed space.=20
>=20
>=20
>=20
>=20
> -----=20
> Mike Hammett=20
> Intelligent Computing Solutions=20
> http://www.ics-il.com=20
>=20
> Midwest-IX=20
> http://www.midwest-ix.com=20
>=20
> ----- Original Message -----=20
>=20
> From: "Mike Hammett" <nanog@ics-il.net>=20
> To: "North American Network Operators' Group" <nanog@nanog.org>=20
> Sent: Wednesday, February 10, 2016 8:59:08 AM=20
> Subject: Shared cabinet "security"=20
>=20
> I say "security" because I know that in a shared space, nothing is complet=
ely secure. I also know that with enough intent, someone will accomplish wha=
tever they set out to do regarding breaking something of someone else's. My c=
oncern is mainly towards mitigation of accidents. This could even apply to a=
certain degree to things within your own space and your own careless techs=20=
>=20
> If you have multiple entities in a shared space, how can you mitigate the c=
hances of someone doing something (assuming accidentally) to disrupt your op=
erations? I'm thinking accidentally unplug the wrong power cord, patch cord,=
etc. Accidentally power off or reboot the wrong device.=20
>=20
> Obviously labels are an easy way to point out to someone that's looking at=
the right place at the right time. Some devices have a cage around the powe=
r cord, but some do not.=20
>=20
> Any sort of mesh panels you could put on the front\rear of your gear that y=
ou would mount with the same rack screw that holds your gear in?=20
>=20
>=20
>=20
>=20
> -----=20
> Mike Hammett=20
> Intelligent Computing Solutions=20
> http://www.ics-il.com=20
>=20
> Midwest-IX=20
> http://www.midwest-ix.com=20
>=20
>=20
