Re: Shared cabinet "security"

[Greg Sowell <greg () gregsowell com>]

Mike,

I've seen people use shelves to segregate cabinets.  I've seen some that
screw from both sides and eat very little space.

Greg
On Feb 13, 2016 8:07 AM, "Mike Hammett" <nanog () ics-il net> wrote:

> Getting a cabinet in someone else's datacenter (Equinix, Coresite, Telx,
> etc.) and having sub-tenants. Most networks aren't going to need more than
> a handful of U in a datacenter, but the more significant the datacenter,
> the less likely they are to provide partial cabinets... which makes no
> sense. Sure, some networks need large chassis routers chewing up 10U - 20U,
> but there are far more networks that need routers that take up 1U, 2U,
> something like that. For many networks, the sheer cost of the space in the
> datacenter doubles their overall cost per megabit.
>
>
>
>
> -----
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> ----- Original Message -----
>
> From: "Bevan Slattery" <bevan () slattery net au>
> To: "Mike Hammett" <nanog () ics-il net>
> Cc: "North American Network Operators' Group" <nanog () nanog org>
> Sent: Saturday, February 13, 2016 2:36:34 AM
> Subject: Re: Shared cabinet "security"
>
>
> Sorry. I'm not sure I get from which angle you are coming at this from.
> Happy to clarify for you and anyone interested if you can help me out here.
>
>
> Cheers
>
> [b]
>
> On 13 Feb 2016, at 12:58 PM, Mike Hammett < nanog () ics-il net > wrote:
>
>
>
>
>
> There are more options when you're not just using someone else's
> datacenter.
>
>
>
>
> -----
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> ----- Original Message -----
>
> From: "Bevan Slattery" < bevan () slattery net au >
> To: "Mike Hammett" < nanog () ics-il net >
> Cc: "North American Network Operators' Group" < nanog () nanog org >
> Sent: Friday, February 12, 2016 4:44:34 PM
> Subject: Re: Shared cabinet "security"
>
> In a past life we worked with our supplier to create physically separate
> sub-enclosures.1/2 and 1/3. Able to build in a separate and secure cable
> path for interconnects to the meet-me-room and connection to power supplies.
>
> Can be done and I think there are now rack suppliers that do this as
> standard. Been out of DC space for a few years now.
>
> [b]
>
> > On 13 Feb 2016, at 6:58 AM, Mike Hammett < nanog () ics-il net > wrote:
> >
> >
> > That moment when you hit send and remember a couple things…
> >
> > Of course labeling of the cables.
> >
> > Maybe colored wire loom for fiber and DACs in the vertical spaces to go
> along with the previously mentioned color scheme?
> > -----
> > Mike Hammett
> > Intelligent Computing Solutions
> > http://www.ics-il.com
> >
> > Midwest-IX
> > http://www.midwest-ix.com
> >
> > ----- Original Message -----
> >
> > From: "Mike Hammett" < nanog () ics-il net >
> > To: "North American Network Operators' Group" < nanog () nanog org >
> > Sent: Friday, February 12, 2016 2:53:17 PM
> > Subject: Re: Shared cabinet "security"
> >
> >
> > I am finding a bunch of covers for the front. I do wish they stuck out
> more than an inch (like two).
> >
> http://www.middleatlantic.com/~/media/middleatlantic/documents/techdocs/s_sf%20series%20security%20covers_96-035/96_035s_sf.ashx
> > It looks like these guys stick out 1.5”. That may be workable…
> http://www.lowellmfg.com/tinymce/jscripts/tiny_mce/plugins/filemanager/files/1717-SSCV.pdf
> > I guess those covers are really only useful for servers. That really
> wouldn’t work with a switch\router. Switches and routers are going to be
> the bulk of what we’re dealing with.
> > I am finding locking power cables, but that seems to be specific to the
> PDU you’re using as it requires the other half of the lock on the PDU.
> > I did come across colored power cords. I wonder with some enforced cable
> management, colored power cables, etc. we would have “good enough”? You get
> some 1U or 2U cable organizers, require cables to be secured to the
> management, vertical cables in shared spaces are bound together by
> customer, color of Velcro matches color of the power cord? Blue customer,
> green customer, red customer, etc. Could do the cat6 patch cables that way
> too, but that gets lost when moving to glass or DACs.
> > I thought about a web cam that would record anyone coming into the
> cabinet, but Equinix doesn’t really allow pictures in their facilities, so
> that’s not going to fly. Door contacts should be helpful for an audit log
> of at least when the doors were opened or closed.
> > Financial penalty from the violator to the victim if there’s an uh oh?
> >
> > I’m not trying to save someone from themselves. I’m not trying to lock
> the whole thing down. Just trying to prevent mistakes in a shared space.
> > -----
> > Mike Hammett
> > Intelligent Computing Solutions
> > http://www.ics-il.com
> >
> > Midwest-IX
> > http://www.midwest-ix.com
> >
> > ----- Original Message -----
> >
> > From: "Mike Hammett" < nanog () ics-il net >
> > To: "North American Network Operators' Group" < nanog () nanog org >
> > Sent: Wednesday, February 10, 2016 8:59:08 AM
> > Subject: Shared cabinet "security"
> >
> > I say "security" because I know that in a shared space, nothing is
> completely secure. I also know that with enough intent, someone will
> accomplish whatever they set out to do regarding breaking something of
> someone else's. My concern is mainly towards mitigation of accidents. This
> could even apply to a certain degree to things within your own space and
> your own careless techs
> > If you have multiple entities in a shared space, how can you mitigate
> the chances of someone doing something (assuming accidentally) to disrupt
> your operations? I'm thinking accidentally unplug the wrong power cord,
> patch cord, etc. Accidentally power off or reboot the wrong device.
> > Obviously labels are an easy way to point out to someone that's looking
> at the right place at the right time. Some devices have a cage around the
> power cord, but some do not.
> > Any sort of mesh panels you could put on the front\rear of your gear
> that you would mount with the same rack screw that holds your gear in?
> > -----
> > Mike Hammett
> > Intelligent Computing Solutions
> > http://www.ics-il.com
> >
> > Midwest-IX
> > http://www.midwest-ix.com