WiMax Operator's Manual

More documents

Recommendations

Info

CHAPTER 9 ■ NETWORK SECURITY 189 compensatory changes in the output voltage. Constant voltage transformers are marginally more reliable than switched tap autoformers, but they also tend to be more expensive. A better solution is an uninterruptible power supply (UPS), which is always on and is series-connected between the wall power and the devices being powered. Carrier-grade UPSs are examples of active power-conditioning devices. Such a unit usually consists of an isolation transformer interfacing with the wall current, an array of rectifiers that transform the alternating current into direct current, a bank of storage batteries to hold the DC charge, and a set of high-frequency solid state switches that converts the DC back into 50- or 60-cycle AC. Higherquality UPSs have provisions for maintaining a steady output voltage regardless of input voltage and also perform power factor correction, a process that eliminates harmonics in the output of the UPS caused by reactive electrical loads associated with switching power supplies in computers, with cathode-ray tube flyback circuits, and with most electrical motors. The better UPSs produce a smooth sine wave output, and lower-quality units produce a coarse, stair-step waveform. Since stair-step waves are rich in noise and distortion components, they are undesirable. Some UPSs recently introduced into the marketplace utilize fuel cells either in lieu of batteries or to supplement them. Although generalizations must be made with caution in this area, it is safe to say that most types of fuel cells produce several times the amount of energy per kilogram as most types of secondary batteries, though the lowest energy density fuel cells and the highest energy density batteries almost overlap in this regard. Fuel cells are currently very expensive, minimally $5,000 per kilowatt, but prices may begin to decline in the near future. Fuel cell backup power may begin to become the norm toward the end of the decade. High-velocity flywheel generators are also beginning to appear in some central offices for providing highly reliable, though relatively short-term, backup power. The central office facilities may also use backup generators. In most cases, these will use ordinary diesel or gasoline reciprocating engines, but a growing trend is to use devices called microturbines, which usually run on natural gas. Microturbines are made by such firms as Capstone, Allied Signal, and Ingersoll-Rand, and they are derived from the turbine designs used in jet aircraft. Currently microturbines are much more expensive than diesel engines. Diesel generators should be routinely tested because often diesel engines will fail to start when they have not been operated recently. In all cases, backup power must come on automatically and instantaneously in the event of a power failure. The subscriber should experience no interruption of service whatsoever. Cyberwarfare Whole books have been written on the subject of software-based network sabotage, and they will continue to be written simply because hacker tools and utilities are continuing to evolve. In this section I can suggest only the rudiments of a policy for dealing with such attacks. Operators of public networks have a greater obligation to secure their operations against hacks and cybersabotage than do ordinary businesses because the public depends on the services they provide. Above all, the network operator is selling reliability, and system downtime attributable to hacks is intolerable. The problem in meeting security requirements on the part of a network operator is that network security is a full-time job. Network security officers in large enterprises must spend a considerable portion of their waking hours lurking around hacker Web sites simply to keep abreast of developments, and of course they must also familiarize themselves with the torrent
190 CHAPTER 9 ■ NETWORK SECURITY of security bulletins pouring out of various monitoring organizations. Security administrators cannot afford to fall behind in such matters because their systems are immediately at risk if they do so. Obviously, an ordinary information technology (IT) manager entrusted with the routine administration of the network who tries to do security in idle moments—which scarcely exist in that position in any case—is not going to be successful. A large, mature network will probably find it wise to hire a security administrator, but a small startup generally cannot afford to do so. The only solution then becomes the retention of a reputable security firm—in other words, the outsourcing of security. This is not necessarily a bad idea. Specialists in the field such as Computer Security Associates are thoroughly up on the latest hacker strategies and will undertake aggressive network defense, including legal action against attackers. Such services are not inexpensive, but simply hoping attacks will not occur and doing nothing may represent a false economy. It is a good idea to have such a network security company perform a security audit on the network infrastructure from time to time as well as provide routine updates on security software and response to individual problems. The audit should encompass not only the OSS and the vital databases but also the facilities themselves, including the central office and base stations. A word about overall security policy and securing the network against software attacks: Network operations staff should as a matter of policy not be permitted to download files either from the Internet or from privately recorded discs onto computers utilized in network management. It is also a good idea to attach individual firewalls to such computers to prevent the former practice. In any case, the policy should be explicitly stated and rigorously enforced. Trojan horses are a favorite weapon of hackers for gaining access to well-secured networks. Network operators should also be alert to the possibility of internal sabotage by disgruntled employees. Many security organizations have suggested that the majority of computer crimes are inside jobs. Finally, visitors should not be allowed free access to vital network elements or left unsupervised in their presence, and this applies to authorized maintenance personnel. Institutional paranoia is a good adaptive response for any organization running a vital services network. Attacks and Counterattacks Hackers have a variety of motives, and their ploys tend to reflect that fact. Some regard network intrusion as a harmless sport and do little or no damage after they have achieved access. Others regard sabotage itself as a sport and intrude in order to destroy. Others engage in industrial espionage, seeking to steal information and sell it for a profit. Still others are hired assassins seeking to wreck a network at the behest of a competitor. Yet another group intrudes primarily to steal software for redistribution. And a surprisingly large number of hackers seek to enter a network to use it as a launching platform for further attacks, thus disguising the ultimate point of origin of such attacks. In the case of public networks, hackers may attempt entry not to attack or compromise the access network itself but to breech an enterprise network attached to the public network. Or they may want to eavesdrop on private transmissions either out of voyeuristic motivations or for financial gain. The arsenal of tools used by experienced hackers today is enormous, much too large to be discussed in this chapter. Unfortunately, such tools are readily available as freeware at hacker Web sites, of which there are hundreds if not thousands. And the ready availability of such tools
Page 2 and 3:
WiMax Operator’s Manual Building
Page 4:
This book is dedicated to my wife.
Page 8 and 9:
Contents About the Author . . . . .
Page 10 and 11:
■CONTENTS ix Performing Site Surv
Page 12:
■CONTENTS xi Cyberwarfare . . . .
Page 16:
About the Technical Reviewer ■ROB
Page 20 and 21:
Introduction Broadband wireless has
Page 22 and 23:
CHAPTER 1 ■ ■ ■ Wireless Broa
Page 24 and 25:
CHAPTER 1 ■ WIRELESS BROADBAND AN
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32:
Page 35 and 36:
14 CHAPTER 2 ■ ARCHITECTING THE N
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
34 CHAPTER 3 ■ STRATEGIC PLANNING
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
64 CHAPTER 4 ■ SETTING UP PHYSICA
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
100 CHAPTER 4 ■ SETTING UP PHYSIC
Page 123 and 124:
102 CHAPTER 5 ■ STRATEGIES FOR SU
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 152 and 153:
CHAPTER 6 ■ ■ ■ Beyond Access
Page 154 and 155:
CHAPTER 6 ■ BEYOND ACCESS 133 Rou
Page 156 and 157:
CHAPTER 6 ■ BEYOND ACCESS 135 (Qo
Page 158 and 159:
CHAPTER 6 ■ BEYOND ACCESS 137 The
Page 160 and 161: CHAPTER 6 ■ BEYOND ACCESS 139 ins
Page 162 and 163: Figure 6-4. Wireless public network
Page 164 and 165: CHAPTER 6 ■ BEYOND ACCESS 143 sto
Page 166 and 167: Specialized Content Distribution Pl
Page 168 and 169: Beyond the Central Office CHAPTER 6
Page 170 and 171: CHAPTER 6 ■ BEYOND ACCESS 149 out
Page 172 and 173: CHAPTER 6 ■ BEYOND ACCESS 151 som
Page 174 and 175: CHAPTER 7 ■ ■ ■ Service Deplo
Page 176 and 177: CHAPTER 7 ■ SERVICE DEPLOYMENTS O
Page 196: CHAPTER 7 ■ SERVICE DEPLOYMENTS O
Page 199 and 200: 178 CHAPTER 8 ■ NETWORK MANAGEMEN
Page 208 and 209: CHAPTER 9 ■ ■ ■ Network Secur
Page 212 and 213: CHAPTER 9 ■ NETWORK SECURITY 191
Page 214 and 215: CHAPTER 9 ■ NETWORK SECURITY 193
Page 216 and 217: Index ■Numbers 2.4GHz to 928MHz b
Page 218 and 219: asic access and best-effort deliver
Page 220 and 221: ■D dark fiber, features of, 75-76
Page 222 and 223: harmonics, impact on AC power, 188
Page 224 and 225: challenges to, 85-86 and NLOS, 121
Page 226 and 227: PONs (passive optical networks), fe
Page 228 and 229: signal diversity, providing with ad
Page 230 and 231: ■V VDSL and entertainment service
Page 233: forums.apress.com FOR PROFESSIONALS
show all

WiMax Operator's Manual

Create successful ePaper yourself

Delete template?

Save as template?