Page 65 - Cyber Warnings
P. 65
Discovery
Government intelligence agencies are often required to monitor networks that are not under
their primary control. Under these circumstances, in order to provision a traffic monitoring
solution, wavelengths captured from a DWDM network must be decoded to reveal the
potentially complicated mix of transport protocols and traffic types that exist on the targeted
wavelength.
This includes the discovery and reporting of OTN signals encapsulating channelized
OTU4/3/2/2e, SONET/SDH signals including OC-192/STM-64 and OC-48/STM-16, as well as
native 100/40/10G Ethernet flows.
An example of the potential complexity of a common transport signal carried over just a single
DWDM wavelength is shown in Figure 1. The discovery process could take weeks of effort for
just a single DWDM fiber pair.
Figure 1: Optical networks can hide a complex transport architecture that makes gaining
visibility into the data being carried extremely difficult.
The discovery process is additionally complicated by the constant evolution of the transport
network and shifts to the mix of protocols and traffic types.
Network service providers are frequently turning up new wavelengths and the advent of
software defined networking (SDN) is enabling innovative methods for instantly re-provisioning
the network to address dynamic bandwidth needs.
65 Cyber Warnings E-Magazine – April 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
