Locking Down Network Connections

Author: Ethan Ace, Published on May 02, 2012

Cameras and access control panels are gateways for hackers. Locating these devices throughout a building gives attackers multiple points of entry, many without any form of physical or network security. However, physical connections to the network may be secured with RJ45 locks. In this note, we look at these products, differing styles, and what sort of protection they may provide to a security network installation.

Overview

RJ45 locks are available for both patch cables and empty ports, operating on the same principle, but with some differences:

  • Patch cable locks slide over the cable and connector, extending beneath the modular plug's release tab. When engaged, the tab cannot be pushed down to remove the cable, without first disengaging the lock. Some locks completely obscure the entire tab to prevent potential tampering or breakage. Others leave it exposed, but attempting to break it typically leaves most of the tab engaged in the port, so the cable may still not be removed.
  • Locking plugs fit into unused RJ45 ports, whether on a wall plate, patch panel, or switch. When engaged, a small tab extends to lock the plug into place. Plugs are typically low-profile, to deter potential attackers from gripping the plug with tools, such as pliers or vise-grips to remove it.

Multiple manufacturers provide patch cable and port locks, of varying styles, including PanduitBlack BoxAMP, and RJ Lockdown. Pre-terminated patch cables equipped with locking connectors are also available. Both plug and port locks sell for a about $3-5 USB online, typically sold in bags of 10 or 25.

This zoomed image illustrates typical cable locks and locking plugs (Black Box shown), and their individual parts:

Removal Tools

Locks which require proprietary tools are preferred if security is a concern. Some locks use standard allen or Torx bits, or even small flat blade screwdrivers, all of which are easy to come by, and thus provide only a nominal level of security. These may still be of use when security is not the main concern, but accidental removal is still a worry.

Proprietary removal tools are potentially a downside to using these locks. All technicians who may install or service a system must carry a tool with them, or have no way of removing the locks. A tool may be left with someone on site, as well, as a precaution, but this opens up the system to tampering. Over time, however, techs see the tool as another part of their toolbag, and this becomes less of an issue. Replacement tools are inexpensive or free, and normally ship with the locks at no additional charge.

This image shows one type of proprietary lock installation/removal tool, in this case Panduit:

Should You Use This?

Given their low cost, RJ45 locks are a reasonable investment in most applications. Even if security is not a concern, they may be used to prevent accidental disconnection of cameras, servers, and other devices. In installations which share a network with other services, this may be especially useful, as users may simply unplug a critical cable, mistaking it for another device.

A truly determined attacker will find a way to defeat these locks, though they provide a level of deterrence against less sophisticated vandals or accidental removal. If the lock doesn't use proprietary tools, it is simple enough to figure out what is needed to unlock it. Even if it does use proprietary means, breaking, cutting away, or drilling may still remove the lock relatively quickly, though will require more noticeable motions and less concealable tools. If all else fails, those truly seeking to gain access to a given cable may find a way to simply cut it and re-terminate it, which will go undetected on most networks. For these reasons, cable locks and plugs are recommended as only one layer of security to provide a modicum of deterrence and delay.

1 report cite this report:

Network Racks For Surveillance Guide on Mar 21, 2018
In this guide, we look at network rack infrastructure, one of the fundamentals of IP video surveillance. Inside, we cover: What is a rack unit...
Comments : PRO Members only. Login. or Join.

Related Reports

Last Chance - Save $50 - July 2018 IP Networking Course on Jun 21, 2018
Today, Thursday the 21st is the last chance to save $50 on registration. Register now and save. This is the only networking course designed...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...
Axis Releases First New Access Controller In 5 Years (A1601) on Jun 15, 2018
It has been 5 years since Axis 2013 entry in the physical access control market, with the A1001 (IPVM test). Now, Axis has released its second...
Security Sales Course Summer 2018 on Jun 14, 2018
Based on member's interest, IPVM is offering a security sales course this summer. Register Now - IPVM Security Sales Course Summer...
Access Control - Time & Attendance, Mustering and Mantraps Guide on Jun 13, 2018
Electronic access offers features that traditional mechanical locks cannot. While these features may not be as fundamental as keeping doors secure,...
Powerline Networking For Video Surveillance Advocated By Comtrend on Jun 08, 2018
Powerline networking, using existing electrical wiring, has been around for many years. Indeed, over the years, some video surveillance providers...
The Benefits of An Access Control Test Door on Jun 08, 2018
Security system dealers can benefit from having their own access control test door both for demonstrations and training. Inside, we explain the...
Ambitious Mobile Access Startup: Openpath on May 24, 2018
This team sold their last startup for hundreds of millions of dollars, now they have started Openpath to become a rare access control small...
Installing Box Cameras Indoors Tutorial on May 22, 2018
This tutorial starts our physical installation for video surveillance series, starting with Box Cameras, one of the oldest and most basic types....
Cybersecurity for IP Video Surveillance Guide on May 18, 2018
Keeping surveillance networks secure can be a daunting task, but there are several methods that can greatly reduce risk, especially when used in...

Most Recent Industry Reports

July 2018 IP Networking Course on Jun 22, 2018
  This is the only networking course designed specifically for video surveillance professionals. Register now. Lots of network training exists...
Installation Hardware for Video Surveillance - Indoor Fasteners on Jun 22, 2018
As part of our Installation for Video Surveillance series, in this note, we cover drywall anchors. A key part of installing security hardware is...
Hikvision ColorVu Integrated Visible Light Cameras Examined on Jun 22, 2018
When it comes to low light, infrared light has become the defacto standard in surveillance. But IR is limited to monochrome images, making colors...
'Secure Channel' OSDP Access Control Examined on Jun 21, 2018
Despite claiming to be better than Wiegand, OSDP's initial releases did not address the lack of encryption between reader and controller, leaving...
Most Wanted Improvements In Manufacturer Technical Support (Statistics) on Jun 21, 2018
5 key areas of improvement and 1 clear wanted support feature were voiced by 140+ integrator responses to: What improvement in manufacturer...
GDPR / ICO Complaint Filed Against IFSEC Show Facial Recognition on Jun 20, 2018
IPVM has filed a complaint against IFSEC’s parent company UBM based on our concern that the conference violates core GDPR principles on...
IFSEC 2018 Final Show Report on Jun 20, 2018
IPVM attended the IFSEC show for the first time this year. The Chinese took over the show, centered on Hikvision, flanked by Dahua, Huawei and a...
Mobotix Releases 'Move' Into 21st Century on Jun 20, 2018
For years, Mobotix stood resolutely against, well, every other manufacturer, selling it as a virtue: MOBOTIX equipment is designed with no...
Cybersecurity Startup VDOO Disclosing 10 Manufacturer Vulnerabilities Starting With Axis And Foscam on Jun 20, 2018
Cybersecurity startup VDOO has uncovered significant vulnerabilities in Axis cameras along with many others not yet disclosed. In this report, we...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact