Network Equipment

The world is interconnected by computer networks, which have become critical to the operation of a broad range of devices and services. Preserving the integrity and security of network equipment such as routers, switches and firewalls is essential to maintaining reliability and integrity of network services. Network infrastructure must implement strong protection mechanisms to defend against sophisticated attacks against infrastructure and connected devices.

Network equipment has some properties that are unique to network equipment, which include:

  • Always On: Network equipment is “always on” and thus subject to advanced persistent threats (APTs).
  • Long Life Cycle: Network Equipment often has a long life cycle, must stay operational in the network for years with little downtime and therefore uses modularity and redundancy to maintain availability.
  • Unattended Operation: Network equipment typically must boot and operate without manual intervention for a long time.
  • Device Identity: Network equipment requires a strong device identity to expose itself unambiguously to the management system.
  • Privacy Protection: Network equipment has an important role in protecting the privacy of users.

Network Equipment Work Group is focused on requirements and use cases, and is providing security best practices, recommendations and specifications to enhance security and privacy for application of Trusted Computing technology in network infrastructure. The work group also provides analysis, use cases and advice to other work groups where network equipment knowledge is needed to achieve viable security and privacy protection.

Related Documents

Establishing Network Equipment Security

TCG Guidance for Securing Network Equipment – Public Review


Michael Eckel

Security Technologist, Huawei Technologies; Work Group Co-Chair

Michael Eckel is a security technologist at Huawei Technologies. Previously, he was a security researcher and software developer at Fraunhofer SIT; mobile software developer at Boostix, and a web and software developer for a number of other companies. He holds a Masters Degree in Computer Science.

Eckel currently participates in the Trusted Computing Group’s Network Equipment subgroup, working to secure vulnerable network equipment.


Tom Laffey

Senior Platform Security Architect, Hewlett Packard Enterprise; Work Group Co-Chair

Tom Laffey is Senior Platform Security Architect at Aruba Networks, a Hewlett Packard Enterprise company. He also co-chairs the Network Equipment subgroup at Trusted Computing Group. At HPE, he works to advance cyber-security and cyber resiliency of HPE Aruba platforms and devices. Prior to this work, Laffey was with Hewlett-Packard ProCurve Networking, leading development of security features, including PKI, authentication, use of TPMs, SSL/TLS, IPsec, MACsec, file signing and system integrity, as well as FIPS compliance, for managed switch products. He has also led architecture and chip design projects for Northrop Grumman, Sierra Logic and VeriFone. Laffey holds a B.S. degree in computer engineering from California State University – Sacramento.

Join

Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more

Specifications

Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read more
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.