1. Technical Field
The present disclosure relates to assemblies and methods for securing a fiber optic network cassette assembly.
2. Background Art
Many transactions take place everyday over the Internet, increasing a need for secure Ethernet communications. Typically, network security is handled in an Ethernet's layers 2-7, providing packet encryption and decryption algorithms up to 256 bit, which is generally considered virtually unbreakable by mathematicians and programmers alike. Although these security techniques have generally been successful in preventing a non-physical security breach, they do not prevent physical tampering or access to secure data channels. For example, encryption and decryption algorithms do not prevent a person internal to an organization from gaining physical access to secure data channels from which said person is restricted. A person having a low level security clearance can sit at another person's workstation who has a higher level of security clearance and thereby access data or information restricted from said individual.
To combat security breach, companies and military bases alike promote isolated networks in the premise environment starting at the data center or main computer room. The use of keying connectors at the user workspace or computer terminal is rapidly becoming the preferred method used to prevent personal connectivity or access to a secure network.
In a keyed connector scenario, an environment, such as a secure finance center at an insurance company or the Pentagon, is universally equipped with keyed fiber optic adapters at each user workstation. It should be known to one having ordinary skill in the art that the term “adapter” is interchangeable with the term “coupler” and refers to a device that creates a connection between two fiber optic ferrules, each containing a light carrying medium of fiber. An adapter typically contains a ceramic or phosphorous bronze alignment sleeve and a number of features that provide for latching the connector into the adapter. A MT-RJ adapter, however, does not use an alignment sleeve as the fibers are aligned by precision pins and holes on the mating connector ferrules.
In a non-secured environment, a user of a network is typically provided with a generic patch cable to attach a laptop or desktop to a network. Thus, the generic patch cable can generally interface with any available port in a building. In a typical secured environment, a network designer isolates the networks by providing a different connector configuration to each of the network security levels. For example, a user is given a patch cable commensurate with the user's assigned security level. If the user attempts to insert the given connector on the patch cable into any adapter other than one designed for it, the connector will not fit and a network connection will not be made. A network connection will only be made when a matching connector and adapter are mated. These keyed connectors are typically color coded indicating different security levels.
To secure a network system, the infrastructure in the data center must be connected correctly, tested and then secured such that the network cannot be reconfigured intentionally or by accident. A reversal of security level in a data center can be more damaging than a breach at the workstation outlet. Thus, rather than a single user gaining unauthorized access to a secure channel, a number of unsuspecting users will unknowingly breach security by connecting to an incorrect network. Moreover, for example, in a private business or military application environment, an analyst being provided “read only” access can inadvertently be connected to a “read and write” network and unknowingly disrupt data and/or sensitive content.
Typically, data center security systems utilize a front side removal of a cassette to facilitate moves, adds and changes (MACS). A common mechanism is to use a plunger grommet design to secure a cassette in a drawer face. Other methods, such as Nordx's (Belden CDT) technology, use a molded quick-release feature on the front side of a cassette for easy access. In a typical cassette assembly of a secured Ethernet network, a keyed solution on a front side of a cabinet is only effective if a rear connector cannot be switched. For example, a switching of a network connection of a fiber ribbon at the connection interface (typically via a MPO connection) is possible in a number of ways. A first and most simple method of switching may occur by opening the rear side door of the cabinet and simply unplugging one connection and plugging in a more secure network in the same port. This weakness can be somewhat obviated by adding a lock to the rear of the cabinet.
A second method for compromising security includes opening the front of the cabinet and sliding the drawer outward to expose the rear of the cassette, thus, allowing for the connections to be changed similar to the first method described herein. Although fixing the drawer in place will prevent certain security breach, without some degree of tray movement, accessibility of front connections is limited and inconvenient for network administrators and/or designated individuals. A third method for breaching security includes accessing the cassette itself from the front of the tray, removing it from plunger grommet features in the drawer face, pulling it toward the user, disconnecting the MPO connector and switching connections as in the first method described herein.
Accordingly, a need exists for a cassette system capable of preventing physical security breach accomplished by switching network cable connections. These and other disadvantages and/or limitations are addressed and/or overcome by the assemblies and methods of the present disclosure.