Locking Down Network Connections Guide

By: John Scanlan, Published on Apr 23, 2019

Accidents and inside attacks are risks when network connections are not locked down. Security and video surveillance systems should be protected against such attacks and can be done with relatively low-cost means.

free image

Inside this guide, IPVM explains how they work and what the tradeoffs are. To do so, IPVM bought and tested these locking devices. 

We include 3 video demonstrations, reviewing the methods, demonstrating how they are used, and give our recommendations.

********* *** ****** ******* are ***** **** ******* connections *** *** ****** down. ******** *** ***** surveillance ******* ****** ** protected ******* **** ******* and *** ** **** with ********** ***-**** *****.

free image

****** **** *****, **** explains *** **** **** and **** *** ********* are. ** ** **, IPVM ****** *** ****** these ******* *******. 

** ******* * ***** demonstrations, ********* *** *******, demonstrating *** **** *** used, *** **** *** recommendations.

[***************]

Why **** ****

***** *** ******* ********** to ******* **** ******* on ************ ***********, *** example:

  • **** *** ******* ********* / ******* ********** *********** from ***** ******
  • ******* ***** / ********** devices **** ********** ** the ************ *******
  • **** *** **** ******** NVRs *** ******* ******** Ethernet *****, ** **** point ** ***** *** anyone **** ****** ** network *****
  • ****** ****** *** ** in ****** ********** *********, such ** ********** ** a "*******" **** ** a ******* ** **** simply ******* **** * bullet ** *** ****** cable ****, ********* ** tools *** *************

Summary / ********

***** *** *********** ***** common ***** ** **** and ***** ***** ********** to ** ***** *** security *******.

******* ***** ***** *** **** ** **** the ***** ***** ** the **** ****. **** slide **** *** ******* plug ** * ***** cable, ******** *** ******* tab, ** ** *** not ** ********* ** remove *** *****. **** locks ********** ******* *** entire *** ** ******* potential ********* ** ********, while ****** ***** ** exposed, *** ********** ** break ** ********* ****** most ** *** *** engaged ** *** ****, so *** ***** *** still *** ** *******.

**** **** ***** *** **** ** ******* access ** ***** *****. They *** **** ****** ports **** ** ******** or ***** ***** *****, extending * *** **** the **** ******* ** a ***** ***** *** locked ** ***** **** a *********** ***. **** are ********* *** *******, to ******* ********* **** gripping *** **** **** tools, **** ** ******, to ******* ** ****** it.

*** ****/***** *****: *** ***** ***** *** used ** **** **** USB ****** **** *** USB **** *.*. ******* a ***** **** ***** disconnected **** ** ***. They *** ********* ***** component ******* **** *** piece ******* **** *** 

*** **** ********* *** cable, **** ******* **** wraps *** ***** ******** both **** *****, *** USB *****, *** *** device. **** *** ****** use *** **** ** cut ** **** *** cable.

Vote / ****

Manufacturer *******

******** ************* ******* ***** cable *** **** *****, of ******* ******, ********* *******,***** ***,** ********, **********.

***** ******* ***** ****** in *****, **** ~$* USD *** *** ****** cost ** ~$** *** serialized ******* ******.

***-********** ****** ******** *********** ********** *** **** available.

Securing ***** ******

******* ***** ***** ******* a ********* **** *********** being *********** ** ************ disconnected. ***** ***** ***** the ******* *** ** it *** *** ** depressed ** ******* *** cable **** *** ****/****.

***** *** **** ********* in ***** ***** ****** may *** ****:

  • ***** *****:***** ***** ***** ****** will *** **** **** most ****** ***** ***** if *** **** **** be ******* *******, ** the *****/****** ******** ** manufacturers ****** ****** *** the ******* ****** ****** it.
  • ****** ***** ******:****** **** ****** ****** boots *** ***** *** lock **** ***** ********, forcing *** **** ** be ******* ** ******* to **** *** *****.
  • ****** ****** ********:*******, ***** *** ****** not *** ****** ****, bullet, ** ***** ****** housings, *** ** ***** constraints. *** *** **** in **** ***** ***** a ****** ****** *** be ******* **** *** dome *** ********, *** this **** ********** ************ time.

** *** ***** ***** we *********** *** ************ and *** ** * patch ***** **** *** these ******.

Securing ****** *****

***** ***** ***** ***** secure ****** ** ***, unused ***** *** **** be *******. *** ***** below ***** ** ******* of ***** ***** ******* plugs, ***** *** **** to ****** ****** ******** ports, *.*., ****, ********, mispans, **** *****, ***** panels, ** *** ***** female **** **********.

************, ***** *** **** port ***** ***** *** single ***. *** *******, the ******* **** **** (developed ** ************ **** the ** ******** ******** Agency) ***** **** *** port *** **** ** destroyed ** ****** **. Additionally, **** **** *** a ******* ****** ******, which *** ** *******, making ** ******* ** a **** *** **** removed ** ********. ** tested *** ******* *** RJ45 **** ***** ***** below.

 PadJack SVE RJ45 Port Locks

** *** ***** ***** we *********** *** *** RJ45 **** ****, *** it ** *********, *** destroyed **** *******:

Securing *** ******

*******, ************ ****** *** also ** ******** ** connecting ******** ** * device *** *** *****. To ******** **** ****** USB **** ***** *** cable ***** *** ** used, ****** ** **** down ** ****** **** or ** ******* ** in-use ***** **** ***** removed.

** ******* * *** device **** ***** ******* or ***** ******* * USB **** *** ** used ** ****** *******, which *********** ******** ** a **** ***** ** plastic *** *********. ** the ***** ***** ** demonstrate ******** * ***** to ** *** ***** a******* *** ***** ****.

** ******** ** ********* devices **** ** ******** and ****, ****, *******, and ******* ******* **** likely **** * *** port ** ***** **** are *** ** ***. USB **** ***** ** port ******** *** ** used ** ******* ****** to *** **** *****, in * ******* *** that **** ******* ***** work.  ***** ***** ** a **** **** ** inserted **** * ****** USB ****, ****** ************ to ***** ******* *** key.  **** ***** ***** with ******** **** *** be **** ** ***** a **** ** *** ports **** *** ****.

USB Port Lock

Proprietary ******* *****: ****** ********, ***** ***********

***** ***** ******* *********** tools *** ********* ** security ** * *******. Some ***** *** ******** allen ** **** ****, or **** ***** **** blade ************, *** ** which *** **** ** come **, *** **** provide **** * ******* level ** ********. ***** may ***** ** ** use **** ********** ******* is * ****** ******* than ********.

*********** ******* ***** *** potentially * ******** ** using ***** *****. *** technicians *** *** ******* or ******* * ****** must ***** * **** with ****, ** **** will **** ** *** of ******** *** *****.

* **** *** ** left **** ******* ** site, ** ****, ** a **********, *** **** opens ** *** ****** to *********. *********** ***** are *********** ** **** and ******** **** **** the ***** ** ** additional ******.

No ***** *** ********** *********

* ***** ********** ******** will **** * *** to ****** ***** *****, though **** ******* * level ** ********** ******* less ************* ******* ** accidental *******. ** *** lock *****'* *** *********** tools, ** ** ****** enough ** ****** *** what ** ****** ** unlock **.

**** ** ** **** use *********** *****, ********, cutting ****, ** ******** may ***** ****** *** lock ********** *******, ****** will ******* **** ********** motions *** **** *********** tools. ** **** *** be ** **** ** ordering *** ******* ****. If *** **** *****, those ***** ******* ** gain ****** ** * given ***** *** **** a *** ** ****** cut ** *** **-********* it, ***** **** ** undetected ** **** ********.

*** ***** *******, ***** locks *** ***** *** recommended ** **** *** layer ** ******** ** provide * ******* ** deterrence *** *****.

******* Security *********

** ** ********* ** go ****** **** ******** security.  *** **** *********** on ******** ******** ****** check *** ***** ******* reports:

Comments (9)

******* **** *******-**-***** ******** is ** ***** **** monitoring ** **** ******* switches ** ****** *** time * **** ***** up. **** *** **** detect ***** ******* ******* into *** *******, ** well ** ******* **** might ** ********. ** obviously ****** ** ******** for ***** **** *** connected ** ******* **** office ***, ** ***** equipment **** ** ******** to ***** ***** * lot, *** ***** *** generally *** *** ***** you *** ******* ***** for ***** *******, ** they *** ******* *** in *** ****.

***** **** ********** ** your ******* ******** ** report *** **** * port ***** **

** *** ***** ****:*** **** *** ******: Network ********

****, ** ***'** ******* on *** *** *** kind ** ******* ******, you *** ******** *** from *** ***** ** worrying ***** (** ***** aware **) ****** **** advanced **** ******** **********.

***, ***** **** ** the *** ******.

****** **, *** *** those ********** ** **** information ****** *** ***** ************, we **** * ****** here.

*** *** ***** **** would **** **** ***** years *** **** **** software ********* ******** * USB ******. *** ** looks **** * ***** drive ** ** **** be * ***** *****. Doh!

** **** **** ***** for *** ***** **** and **** **** **** for *** ******** ***.

******** ***** ******** ****

********** ******** ****** ****** ports ** * **** start, *** ******* *** ports ************** ** **** likely ** ***** ******. Using * ***** **** VLAN ** ****** ********* ports ** **** ** prefer ** **. **** system ***** ***’* ******* people **** ********** ******** patches, *** ** **** prevent ****** ** ****** ports.

*** - **** ****** and ******, **** ****** be **** ** * larger **** *** *** we ***** *** '******* Security *********' *******. ** the ********** ****** ** review *** *********** ********* unused *********** ** **** as ***. * *** have ** *** ***** hole *****.

**** *** *** *** issues **** ***** ********** to ******** *** / move / ****** / work ******* ** *** a **** *****?

** ****** *** ** to ****. ***** **** Unifi ******** ***** **** really ****. ** *** check ****** ************** ******* with *** ******. **** changes ** ****** ***.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...
Dahua OEM Directory 2019 on Aug 16, 2019
US Government banned Dahua OEMs for dozens of companies. The following directory includes 40+ of those companies with a graphic and links to...
Installation Course - Register Now on Aug 15, 2019
Register Now for the September 2019 Video Surveillance Install Course. This is a unique installation course in a market where little practical...
Hikvision OEM Directory on Aug 13, 2019
The Chinese government-owned and US-government banned Hikvision has become the world's largest video surveillance manufacturer and generally hidden...
Biometrics Usage Statistics 2019 on Aug 13, 2019
Biometrics are commonly used in phones, but how frequently are they used for access? 150+ integrators told us how often they use biometrics,...
Milestone "GDPR-ready" Certification Claim Critiqued on Aug 12, 2019
Milestone is touting that its latest XProtect VMS is "GDPR-ready" with a 'European Privacy Seal'. However, our investigation raises significant...
Hikvision Global News Reports Directory on Aug 11, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...
Hikvision 4K Camera Shootout on Aug 02, 2019
With their latest Smart Series 5 cameras, Hikvision is claiming cameras "fully loaded" with "state-of-the-art technology for high performance and...
Dahua Wiretapping Vulnerability on Aug 02, 2019
IPVM has validated, with testing, and from Dahua, that many Dahua cameras have a wiretapping vulnerability. Even if the camera's audio has been...
Responsibility Split Selecting Locks - Statistics on Jul 22, 2019
A heated access debate surrounds who should pick and install the locks. While responsible for selecting the control systems, integrators often...

Most Recent Industry Reports

Dahua 4K Camera Shootout on Aug 20, 2019
Dahua's new Pro Series 4K N85CL5Z claims to "deliver superior images in all lighting and environmental conditions", but how does this compare to...
ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Verkada People And Face Analytics Tested on Aug 16, 2019
This week, Verkada released "People Analytics", including face analytics that they describe is a "game-changing feature" that "pushes the...
Dahua OEM Directory 2019 on Aug 16, 2019
US Government banned Dahua OEMs for dozens of companies. The following directory includes 40+ of those companies with a graphic and links to...
Installation Course - Register Now on Aug 15, 2019
Register Now for the September 2019 Video Surveillance Install Course. This is a unique installation course in a market where little practical...
Axis Suffers Outage, Provides Postmortem on Aug 15, 2019
This week, Axis suffered an outage impacting their website and cloud services. Inside this note, we examined what happened, what was impacted...
Hikvision Scrutinized In The Netherlands on Aug 15, 2019
Hikvision is facing unprecedented scrutiny in the Netherlands, at the same time the US government ban has taken effect. This week, a Dutch...
Axis 4K Camera Shootout 2019 on Aug 14, 2019
Axis' 4K Q3518-LVE claims the "best video quality possible", with Lightfinder super low light performance, Axis' high end Forensic WDR, and...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact