ANSI TIA-5017-2016 Telecommunications Physical Network Security Standard.pdf

1、 TIA-5017 March 2016Telecommunications Physical Network Security Standard ANSI/TIA-5017-2016 APPROVED: FEBRUARY 19, 2016 NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitatin

2、g interchangeability and improvement of products, and assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufactur

3、ing or selling products not conforming to such Standards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the Amer

4、ican National Standards Institute (ANSI) patent policy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its

5、 use or all applicable regulatory requirements. It is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. Any use of trademarks in this document are for information purposes

6、and do not constitute an endorsement by TIA or this committee of the products or services of the company. (From Standards Proposal No. ANSI/TIA-PN-5017-D2, formulated under the cognizance of the TIA TR-42 Telecommunications Cabling Systems, TR-42.1 Subcommittee on Commercial Building Telecommunicati

7、ons Cabling). Published by TELECOMMUNICATIONS INDUSTRY ASSOCIATION Technology and Standards Department 1320 N. Courthouse Road, Suite 200 Arlington, VA 22201 U.S.A. PRICE: Please refer to current Catalog of TIA TELECOMMUNICATIONS INDUSTRY ASSOCIATION STANDARDS AND ENGINEERING PUBLICATIONS or call IH

8、S, USA and Canada (1-877-413-5187) International (303-397-2896) or search online at http:/www.tiaonline.org/standards/catalog/ All rights reserved Printed in U.S.A. NOTICE OF COPYRIGHT This document is copyrighted by the TIA. Reproduction of these documents either in hard copy or soft copy (includin

9、g posting on the web) is prohibited without copyright permission. For copyright permission to reproduce portions of this document, please contact the TIA Standards Department or go to the TIA website (www.tiaonline.org) for details on how to request permission. Details are located at: http:/www.tiao

10、nline.org/standards/catalog/info.cfm#copyright or Telecommunications Industry Association Technology (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the st

11、andards development or any editing process. The use or practice of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consistin

12、g of patents and published pending patent applications are claimed and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or val

13、idity of any claims of IPR. TIA will neither be a party to discussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or repres

14、ent that procedures or practices suggested or provided in the Manual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or pu

15、blication of standards (whether designated as a standard, specification, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Procedures for American National Standards) then (i) TIA disclaims any duty or obligation to sear

16、ch or investigate the records of any other SSO for IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see TIA Procedures for American National Standards Annex C.1.2.3) of Essential Patent(s) and published pending patent ap

17、plications shall apply; and (iii) Information as to claims of IPR in the records or publications of the other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the

18、 Document. TIA does not certify, inspect, test or otherwise investigate products, designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE

19、 CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES RE

20、GARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIR

21、ECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH

22、 OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. ANSI

23、/TIA-5017 i Telecommunications Physical Network Security Standard TABLE OF CONTENTS FOREWORD . iv 1 SCOPE . 1 2 NORMATIVE 1 3 DEFINITIONS, ABBREVIATIONS, ACRONYMS, AND UNITS OF MEASURE . 1 3.1 General 1 3.2 Definitions 1 3.3 Acronyms and abbreviations . 3 3.4 Units of measure 4 4 SECURITY PLANNING A

24、ND RISK ASSESSMENT . 4 4.1 Physical infrastructure security levels 4 4.2 General security concepts . 5 4.3 Risk assessment process 5 4.4 Security program . 7 4.5 Role of the telecommunications infrastructure 9 5 DESIGN GUIDELINES . 9 5.1 General 9 5.2 Pathways . 9 5.2.1 Outside plant 9 5.2.2 Routing

25、 inside buildings . 9 5.2.3 Entrance points 9 5.3 Spaces . 9 5.3.1 Access points . 9 5.3.2 Telecommunications Vaults . 10 5.3.3 Pedestals and cabinets 10 5.3.4 Entrance room or space 10 5.3.5 Distributor room . 10 5.3.6 Distributor enclosure 10 5.3.7 Splice box 10 5.3.8 Zone box 10 5.4 Cabling . 10

26、5.4.1 Cabling for security 10 5.5 Other infrastructure elements 11 5.5.1 Parking areas . 11 5.5.2 Loading docks 11 ANSI/TIA-5017 ii 6 INSTALLATION GUIDELINES 11 6.1 General 11 6.2 Pathways . 12 6.3 Spaces . 12 6.4 Cabling with Alarmed Carrier . 12 6.5 Outside Areas 12 7 ADDITIONAL GUIDELINES AND REC

27、OMMENDATIONS FOR CABLING SECURITY LEVELS . 13 8 PHYSICAL NETWORK SECURITY GUIDELINES . 18 8.1 General 18 8.2 Protected Distribution System (PDS) 18 9 INTELLIGENT BUILDING SYSTEMS FOR SECURITY . 21 9.1 Cabling for building security 21 9.2 Video Surveillance . 21 9.2.1 Initial planning 21 9.2.2 Placem

28、ent 21 9.2.3 Camera types 22 9.2.4 Media supported 22 9.2.5 Pathways . 22 9.3 Access control systems . 24 9.3.1 Initial planning 24 9.3.2 Conduit sizing and placement . 24 9.3.3 Placement 25 9.3.4 Cabling . 25 9.3.5 Devices 25 9.3.6 Distributor room impact 26 9.3.7 Hybrid system requirements 26 9.3.

29、8 Life safety considerations 26 9.4 Intrusion detection systems . 27 9.4.1 IDS cabling 27 9.4.2 IDS equipment . 27 9.4.3 IDS sensors and keypads 27 9.4.4 Access to IDS patch panels . 27 9.4.5 IDS alarm cabling 28 9.5 Intelligent Building Systems (IBS) cabling security . 28 10 ADMINISTRATION CONSIDER

30、ATIONS FOR SECURITY 29 10.1 General 29 10.2 Identification and color coding . 29 10.3 Automated Infrastructure Management (AIM) for security 30 ANSI/TIA-5017 iii 10.3.1 Detect changes to patch cord connectivity 30 10.3.2 Port status information . 30 10.3.3 Critical network circuits 30 10.3.4 Device

31、alarms 30 10.3.5 Security camera integration . 30 10.3.6 Communication with other systems . 30 10.3.7 Emergency call origination location . 30 10.3.8 Secure communications and operation . 30 10.4 Facility Alarms . 31 ANNEX A (INFORMATIVE) BIBLIOGRAPHY . 32 List of Figures Figure 1 - Relationship bet

32、ween TIA Standards v Figure 2 - SWOT Matrix . 6 Figure 3 - SWOT Matrix Analysis Example (Healthcare / Hospital) 7 Figure 4 - Components of risk assessment . 8 Figure 5 - Example responsibility assignment or RACI matrix 8 Figure 6 - Example of conduit sizing for video surveillance 23 List of Tables T

33、able 1 Conduit sizes . 2 Table 2 Physical infrastructure security levels . 4 Table 3 Additional considerations and recommendations for design, installation and operation of security levels 14 Table 4 Simple and Standard PDS requirements 18 Table 5 Example of outlet color coding for security (US Fede

34、ral Government) . 29 ANSI/TIA-5017 iv FOREWORD (This foreword is not considered part of this Standard.) This Standard was developed by TIA Subcommittee TR-42.1. Approval of this Standard This Standard was approved by TIA Subcommittee TR-42.1, TIA Engineering Committee TR-42, and the American Nationa

35、l Standards Institute (ANSI). ANSI/TIA reviews standards every 5 years. At that time, standards are reaffirmed, withdrawn, or revised according to the submitted updates. Updates to be included in the next revision should be sent to the committee chair or to ANSI/TIA. Contributing organizations More

36、than 30 organizations within the telecommunications industry (including manufacturer, consultants, end users and other organizations) contributed their expertise to the development of this Standard. Documents superseded None Relationship to other TIA standards and documents The following are related

37、 standards regarding various aspects of structured cabling that were developed and are maintained by Engineering Committee TIA TR-42. An illustrative diagram of the TIA-568 Series relationship to other relevant TIA standards is given in figure 1. ANSI/TIA-568.0-D, Generic Telecommunications Cabling

38、for Customer Premises ANSI/TIA-568.1-D, Commercial Building Telecommunications Infrastructure Standard ANSI/TIA-568-C.2, Balanced Twisted-Pair Telecommunications Cabling and Components Standard ANSI/TIA-568.3-D, Optical Fiber Cabling and Components Standard ANSI/TIA-568-C.4, Broadband Coaxial Cablin

39、g and Components Standard ANSI/TIA-569-D, Telecommunications Pathways and Spaces ANSI/TIA-570-C, Residential Telecommunications Infrastructure Standard ANSI/TIA-606-B, Administration Standard for Telecommunications Infrastructure ANSI/TIA-607-C, Generic Telecommunications Bonding and Grounding (Eart

40、hing) for Customer Premises ANSI/TIA-758-B, Customer-Owned Outside Plant Telecommunications Infrastructure Standard ANSI/TIA-862-B, Structured Cabling Infrastructure for Intelligent Building Systems ANSI/TIA-942-A, Telecommunications Infrastructure Standard for Data Centers ANSI/TIA-1005-A, Telecomm

41、unications Infrastructure Standard for Industrial Premises ANSI/TIA-1179, Healthcare Facility Telecommunications Infrastructure Standard ANSI/TIA-4966, Telecommunications Infrastructure Standard for Educational Facilities ANSI/TIA-5017 v Figure 1 - Relationship between TIA Standards Useful supplemen

42、ts to this Standard are the following BICSI documents: the Telecommunications Distribution Methods Manual, the Outside Plant Design Reference Manual, and the Information Technology Systems Installation Methods Manual. These manuals provide practices and methods by which many of the requirements of t

43、his Standard are implemented. Annexes There is one annex to this Standard. Annex A is informative and not considered a requirement of this Standard. ANSI/TIA-5017 vi Introduction Network security entails vast areas of diverse and detailed specifications ranging from data encryption, supply chain man

44、agement, design, as well as incorporation of security considerations into all phases and all aspects of a network. The purpose of this Standard is to focus on the physical security of the telecommunications infrastructure as specified in relevant TIA premises standards (see Figure 1). The intent is

45、to develop a centralized reference standard containing security guidelines and requirements that can be referenced by public policy teams and others as needed. The Standard provides a risk assessment framework for determining the appropriate level of network security, followed by corresponding speci

46、fications for these security levels. The Standard may also provide guidance to providers of security systems to customize and enhance physical security functions of the telecommunications physical network in the premise. Purpose This Standard specifies physical network security requirements and guid

47、elines for the telecommunications infrastructure in customer owned premises. It also provides information that may be used for the design of physical network security system products that may be used for such premises. The purpose of this Standard is to enable the planning and installation of physic

48、al network security systems that protect critical telecommunications infrastructure elements from theft, vandalism, intrusions, and unauthorized modifications. Installation of physical network security systems during building construction or renovation is significantly less expensive and less disrup

49、tive than after the building is occupied. This Standard establishes minimum functional performance of different physical network security elements and also provides additional considerations to enhance the physical security of the telecommunications infrastructure. The diversity of security products and systems currently available, coupled with the continual addition of new systems, means that there may be cases where limitations to desired functionality occur. When applying specific security systems to the telecommunications infrastructure, the u