physical security in data centers must be at least as important as … ›...
TRANSCRIPT
Presented by: Eduard Bodor
Data Center Solution Architect RAC CEE
Page 1 Confidential Property of Schneider Electric |
Physical Security in Data Centers must be at least as important as cyber security
Monitoring, video surveillance, management software should
not be forgotten when design or operate a Data Center
In this new digital era, at Schneider Electric,
we enable a world that is always-on
Our mission is to empower the digital
transformation of our customers by
ensuring their critical network, systems and
processes are highly available and
resilient.
IT, the foundation of the digital world,
where Life is On
REGIONAL
Large compute and storage
located closer to the user
Massive compute and storage located in remote areas
CENTRALIZED
LOCAL
Compute and storage where
data is generated and consumed
Computing architectures continue to evolve which introduces both opportunity and complexity at the same time
However, best practices seen in centralized and regional
data centers…
Page 4 Confidential Property of Schneider Electric |
Biometrics at doors Man-traps Security guards
Locked, organized racks Redundancy of critical
systems Monitoring at all times
Page 5 Confidential Property of Schneider Electric |
…are usually not at the localized edge…
There’s not a shortage of server rooms, branch offices, and wiring closets that look like this…
Poor cable management
Unsecured racks No redundancy
No monitoring
Lack of dedicated cooling
Power
Building
IT
• Chillers
• Air economizers
• Pump packages
• Variable speed drives
• Heat rejection systems
• Fire & security
• UPS
• Switchgear (MV, LV)
• Busway
• Panel boards
• Meters
• Breakers
• Transformers
• IT racks, IT pods
• Air containment
• IT room cooling units
• Access floor
• PDU’s, rack PDUs
• Environmental sensors
Life Cycle Services
Logical groupings of the data center are the building, power and IT
NetBotz Security and Environmental Monitoring
Confidential Property of Schneider Electric
Current NetBotz Product Suite (1/2)
Page 8 Confidential Property of Schneider Electric |
NBRK0570
NBRK0451
NBWL0455/456
NBRK0250
NBWL0355/356
Intelligent Appliances Pods Rack Access
Rack and Wall
Sensor Pods
CP160
CCTV Adapter Pod
4-20mA Sensor Pod
Wireless Sensor Pod
NetBotz 250 (NBACS125 &
NBACS1356)
Rack
Access Pod
There are four pillars of the NetBotz product line: Intelligent appliances provide all the compute, configuration, and storage capabilities, Pods rely on
appliances, and adding features to and scaling a Netbotz deployment, Rack Access Kits add security to an IT deployment by restricting user access
and maintaining audit trails, and Sensors are end devices providing a wide range of information about the environment.
Current NetBotz Product Suite (2/2)
Page 9 Confidential Property of Schneider Electric |
Sensors and Signals
Vibration
Wireless Temperature
& Humidity
Temperature
Smoke
Temperature & Humidity
Spot Fluid Beacon
Dry Contact Leak Rope
Door Contact
Particle Sensor
0-5 V Sensor
There are four pillars of the NetBotz product line: Intelligent appliances provide all the compute, configuration, and storage capabilities, Pods rely on
appliances, and adding features to and scaling a Netbotz deployment, Rack Access Kits add security to an IT deployment by restricting user access
and maintaining audit trails, and Sensors are end devices providing a wide range of information about the environment.
NetBotz 250 Appliance NBRK0250
Simple and affordable
environmental monitoring.
Unlocking the potential for wireless
sensors, supporting up to 47
wireless sensors per appliance.
Proximity Card Rack Access
125 kHz Access Control
(NBACS125)
13.56 MHz Access Control
(NBACS1356)
Rack Access Pods
(NBPD171)
• Stand alone appliance for two handles to
plug into (i.e. one appliance per rack)
• Supported Card types:
• MIFAREC4 – Mifare Classic 4 byte
• MIFAREC7 – Mifare Classic 7 byte
• MIFAREDF – Mifare DESfire
• MIFAREPL – Mifare Plus
• Leverages the Netbotz 250 as the rack
access appliance, allowing additional
environmental monitoring if desired
• NOTE: iClass cards will be supported by 2017
• Stand alone appliance for two handles to
plug into (i.e. one appliance per rack)
• Supported Card types:
• H10301 – Standard 26 Bit
• H10302 – 37 Bit w/o facility code
• H10304 – 37 bit w/ facility code
• CORP1000
• Leverages the Netbotz 250 as the rack
access appliance, allowing additional
environmental monitoring if desired
• Rack access pod that is daisy chained
off a Netbotz 570 or 455 appliance
• Supported Card types:
• H10301 – Standard 26 Bit
• H10302 – 37 Bit w/o facility code
• H10304 – 37 bit w/ facility code
• CORP1000
• Basement or 19” mounting
• Supports NetShelter SX, SV, and CX
• Supports up to 200 unique users
12
• Compact wireless sensors
- Temperature, Temp/Humidity
• Multiple mounting options
• Automatic network commissioning
• Supported by NetBotz 400 & 500 appliances
• Up to 47 sensors in a single network
Wireless Sensors
13
• Robust security algorithm protects against
malicious efforts to disrupt communication
• Adheres to the IEEE 802.15.4 specification
• White List Authentication and Commissioning –
Only “allowed” nodes may join the network
• 128-bit AES Network and Application Layer
Encryption – Application messages are not
decipherable without a network key
• 32-bit Message Integrity Codes – Packet
tampering and replay attacks can be detected
Wireless Security
Page 14 Confidential Property of Schneider Electric |
INFRASTRUCTURE
COLLECT CONNECT
Connect everything
from shop floor to
top floor
Capture critical data
at every level, from
sensor to cloud
ANALYZE TAKE ACTION
Drive action through
real-time information
and business logic
Convert data into
meaningful
analytics
EcoStruxure maximizes the value of data Translating data into actionable intelligence to enable better business decisions
CLOSE THE LOOP
EcoStruxure is our IoT-enabled, open, and interoperable system architecture
Connected Products
Edge Control (on premise software)
Apps, Analytics & Services (cloud-based)
En
d to
En
d C
yb
ers
ecu
rity
Page 16 Confidential Property of Schneider Electric |
We deploy EcoStruxure in a tailored instance for each of 4 key vertical end
markets -- Building, Data Center, Industry, and Infrastructure -- where we
have decades of deep domain expertise and applied experience.
Data Center
Edge Control Software • Local management and monitoring of data
center infrastructure, facility power and
cooling while adding redundancy with cloud-
based monitoring systems
Connected Products • EcoStruxure ReadyTM for simplified management
• Improves energy and operational efficiencies
• Increases safety
• Reduces risk
Apps, Analytics & Services across domains provides data
driven insights to drive optimal data
center resiliency & performance
The only leader with global competencies and specialized delivery in the
domains of Power, IT, and Buildings infrastructure, software and services
EcoStruxure Data Centers: bridging power, IT and buildings to reduce risk, increase efficiency and operational speed
Regional Application Centers provide local expertise across all
domains and regions to deliver a
tailored EcoStruxure solution Power
IT Room
Cooling
EcoStruxure Data Centers has the same 3 Layers, and 3 Domains of Expertise
Connected Products
Edge Control (on premise software)
Apps, Analytics & Services (cloud-based)
End
to
En
d C
yber
secu
rity
Page 19 Confidential Property of Schneider Electric |
EcoStruxure Architecture
POWER IT BUILDING Domains of Expertise
Page 20 Confidential Property of Schneider Electric |
for Data Center
POWER IT BUILDING Domains of Expertise
• Real-time local monitoring, incident
management, analysis, and asset utilization
• Offers redundancy to cloud-based
monitoring for mission critical applications
• Manage and operate all domains of IT,
mechanical and electrical rooms
Key features
All domains visible from user’s application of
preference – BMS, EPMS, or DCIM tools
Our edge control software provides the local monitoring, management & redundancy
IT Expert
Summary:
EcoStruxure Data Centers -
Innovation at Every Level
• Open Architecture of connected
products, edge control, and apps,
analytics and services
• Interoperable system across the
domains of IT, Power and Buildings
• Apps, Analytics & Services for mobility,
monitoring and insights
©2016 Schneider Electric. All Rights Reserved. Schneider Electric | Life Is On is a trademark and the property of Schneider Electric SE, its subsidiaries, and affiliated companies. 998-19757758_US