I said that in my mind they are no different than any other Network gear. Here is an article explaining:Ĭhrisf7 molan greenbj Da_Schmoo spicehead-p0c4r These types of devices can be a VERY real security risk and they are what is being cautioned against on the network. However, Serial to IP converters have logic and a built in web interface used to program them. HDMI over IP extenders - maybe safe from a security standpoint but I'm not sure about all models of them. Copper to Fiber converters - no risk since there is no logic in them. Your not a Civilian setting comment leads me to wonder if this is government or military? if yes I suspect they are nervous about the Russia situationįor everyone saying media converters are not a network security risk, you are not taking into account ALL types of media converters. Of course knowing what is on your network and where is an important part of network security so there would be benefit to reviewing and documenting your setup. there are much better things you could be doing to improve your security stance. This really sounds like an Exec with a tinfoil had sending you on a fools errand. but that is true of absolutely every device on your network from client devices (computers, phones etc.) to network devices like switches and routers. Of course they could be malicious and load in firmware that also exfiltrates your data to them. If you buy media converters from reputable companies (depending on what we are talking about here) I don't see how they are a security breach.Īny piece of hardware that runs software could be lumped into security breach as you have to trust that vendor. They are sending you on a fools errand in my mind. I was afraid you would say this came from someone outside IT who knows nothing about what is going on or why they are demanding the change. We used to use Media Converters only for End stations too. We received the order after a meeting where some Cyber security ppl explained to the exec that Media Converters are a safety breach in the network. In your terms the order came from an "executive" and not an IT higher up, and since it's a not a civilian setting it's more of a "fulfil the order no questions asked" Haha its a bit problematic to explain but ill try.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |