MICROSENS Management Modules Make Optical Networks Secure

Particularly if the transfer of sensitive data is concerned, it is important to protect the network configuration against unauthorised and unwanted access attempts. The two new MICROSENS modules even offer several options to fulfil this task: All access attempts to the configuration are made over secure, encrypted protocols, such as SSH, HTTPS, or SNMPv3. Each access attempt requires the login to the system with valid user authorisation. The user model permits the assignment of permissions on several authorisation levels, in analogy to SNMPv3. In addition, the integrated RADIUS client allows centralised user authentication. Moreover, MICROSENS also supports TACACS+ and the use of access control lists.

According to the modular concept of the MSP 1000 platform, MICROSENS also offers two variants in the context of the network management modules: The NM3 module with a 4-port Gigabit Ethernet switch allocates one slot in the chassis. The NM3+ accommodates six Gigabit Ethernet ports in total, one USB extension port, and two potential-free digital inputs and outputs. Due to the additional interfaces, it allocates two module slots. Both modules can be connected to a console over a serial RS-232 connection.

In addition to the protection against manipulation, MICROSENS modules also offer a high degree of failsafe performance. Both the NM3 and NM3+ modules offer two SFP slots. As a particularly advantageous feature, they permit the combination of the management systems of several MSP 1000 platforms. They can be interconnected in cascaded mode and also in a fail-safe ring topology. If a node breaks down, the network management re-routes the traffic and ensures that all other nodes remain reachable in an almost uninterrupted mode. On the hardware end, an integrated protection mechanism additionally detects and prevents undesired network loops (loop protection).

If a component has to be replaced nevertheless, the system state of the management module can be transferred easily. The complete information, such as configuration, scripts, firmware, or optional MAC addresses, is stored on a removable microSD card, which can also be used in another system without making any modifications and without the necessity of central interference via the management software.