Network Equipment

The world is interconnected by computer networks, which have become critical to the operation of a broad range of devices and services. Preserving the integrity and security of network equipment such as routers, switches and firewalls is essential to maintaining reliability and integrity of network services. Network infrastructure must implement strong protection mechanisms to defend against sophisticated attacks against infrastructure and connected devices.

Network equipment has some properties that are unique to network equipment, which include:

  • Always On: Network equipment is “always on” and thus subject to advanced persistent threats (APTs).
  • Long Life Cycle: Network Equipment often has a long life cycle, must stay operational in the network for years with little downtime and therefore uses modularity and redundancy to maintain availability.
  • Unattended Operation: Network equipment typically must boot and operate without manual intervention for a long time.
  • Device Identity: Network equipment requires a strong device identity to expose itself unambiguously to the management system.
  • Privacy Protection: Network equipment has an important role in protecting the privacy of users.

Network Equipment Work Group is focused on requirements and use cases, and is providing security best practices, recommendations and specifications to enhance security and privacy for application of Trusted Computing technology in network infrastructure. The work group also provides analysis, use cases and advice to other work groups where network equipment knowledge is needed to achieve viable security and privacy protection.


Michael Eckel
Cyber Security Researcher
Fraunhofer Institute for Secure Information Technology
Michael Eckel is a cyber security researcher for Fraunhofer SIT. Previously, he was a security technologist at Huawei Technologies, mobile software developer at Boostix, and a web and software developer for a number of other companies. He holds a Masters Degree in Computer Science. Eckel currently participates in the Trusted Computing Group’s Network Equipment subgroup, working to secure vulnerable network equipment.
Tom Laffey
Senior Platform Security Architect
Hewlett Packard Enterprise
Tom Laffey is Senior Platform Security Architect at Aruba, a Hewlett Packard Enterprise company. Tom founded and co-chairs the Network Equipment subgroup at TCG. At HPE, he works to advance cyber-security and cyber resiliency of Aruba platforms and devices. Prior to this work, Tom was with Hewlett-Packard ProCurve Networking, leading development of security features, including PKI, authentication, use of TPMs, SSL/TLS, IPsec, MACsec, file signing and system integrity, as well as FIPS compliance, for managed switch products. He has also led architecture and chip design projects for Northrop Grumman, Sierra Logic and VeriFone. Tomholds a B.S. degree in computer engineering from California State University – Sacramento.

Related Resources

View All