Just me, or is showing the floorplan not the typical behavior of a super-secure anything?
Craig Holland wrote:
Just me, or is showing the floorplan not the typical behavior of a super-secure anything?
You mean, security through obscurity?
--Patrick
It's the "double-dog-dare". 
Scott
I'm not sure anyone but the press are claiming anything is super secure there.
I can't imagine being in a bunker makes physical security worse (although it
could make cooling, and working diesel backup generators more interesting).
Having had to visit data centres so secure they don't list their name on the
front of the building, which is great for security till you need an engineer
in a hurry and he is driving around looking for the building.
I'm thinking physical security is over done in some data centers. Sure it is a
great idea to make sure no one steals the hardware, but much beyond that and
allowing in expected personnel only, it soon gets to being counter
productive.
I was once back-up for a facility so "secure" I never got to visit it?! I'm
not saying I might not have been that useful if I was ever called on to
provide support - guess we'll never know. Although for that one I did at
least happen to know where it was despite it not being sign posted.
There are places whose location we do not talk about, where important stuff
gets done, like peering.
In Sweden, the Post and Telecommunications Authority has oversight over a
number of first-rate data centres that are designed for those bits and
pieces of infrastructure that need to work under all circumstances.
Typically they rent space to telcos and ISP's for things like important
central systems, backbone routers / transmission etc. The largest Internet
exchange in Sweden, Netnod, has its five largest sites in these facilities.
These data centres are designed to Swedish military command center
specifications (not like Cheyenne Mountain but significantly better than,
say, a Minuteman site) to withstand a number of adverse conditions, like
near-misses from nuclear weapons, prolonged power outages, poison gas
clouds, etc. Typically, they are buried in bedrock close to major cities.
Exactly where is of course known in the business, but not so well that it
is OK to post their locations on Nanog.
Yes, we've got excellent bedrock in Sweden, and we use it 
M�ns Nilsson wrote:
Exactly where is of course known in the business, but not so well that it
is OK to post their locations on Nanog.
The problem with this mentality is that it does not deter those wishing
to do harm to the data centre or corporation.
For banks, I think the biggest advantage of having a no-name building is
that the general public will not try to enter the building thinking that
there is a bank branch or ATMs available and then rudely be thrown out
by the guards.
If you look at Toronto, the main carrier hotel is quite famous at 151
Front Street, very near to the main train station, convention centre etc
(aka: right at the core of the downtown). People who do not know about
the internet infrastructure may not realise what this building is about,
but anyone who knows how ISPs operate would know the strategic
importance of that building.
The thing about a carrier hotel is that it cannot be a secret location
since you need to allow various carriers and ISPs to have physical
access to the building so they can install/manage their
servers/routers/switches.
The advantage of this swedish data centre is that even if its location
is well known, it is pretty hard to harm the building. You can't run a
truck full of explosives into it for instance.
M�ns Nilsson wrote:
These data centres are designed to Swedish military command center
specifications (not like Cheyenne Mountain but significantly better than,
say, a Minuteman site)
At one point some time ago, on NANOG we discussed putting exchanges in old
minuteman silos. (so long ago a quick Google didn't find it -- where are all
the old NANOG archives?)
http://www.irbs.net/internet/nanog/9708/0159.html
http://www.irbs.net/internet/nanog/9711/0154.html
http://www.irbs.net/internet/nanog/9610/0947.html
http://www.irbs.net/internet/nanog/0109/1619.html
People who do not know that there's a Front Street East as well as a Front Street West also like to fight their way through the mantrap to front desk security and demand to see the dentist.
So if anybody ever finds an operational advantage to having equipment in a building regularly visited by people with bad teeth, bear that in mind.
Joe
If you look at Toronto, the main carrier hotel is quite famous at 151
Front Street, very near to the main train station, convention centre etc
(aka: right at the core of the downtown). People who do not know about
the internet infrastructure may not realise what this building is about,
but anyone who knows how ISPs operate would know the strategic
importance of that building.People who do not know that there's a Front Street East as well as a Front Street West also like to fight their way through the mantrap to front desk security and demand to see the dentist.
So if anybody ever finds an operational advantage to having equipment in a building regularly visited by people with bad teeth, bear that in mind.
Hey, some of the best network engineers I have met are British....
W
Unfortunately, you also cannot run your own fiber there, colo equipment there, visit it for any reason, etc.
I was going to say 'this probably hinders customers adoption at NetNod', but I know for a fact the "probably" is superfluous.
Patrick W. Gilmore wrote:
Fault free datacenters include neither people, nor computers, nor
connectivity, nor HVAC, nor electricity. If you can eliminate those
things you will have a 100% uptime datacenter.Andrew
Is this the network equivalent of Yin and Yang, or Darkness and Light
being the same?
Perhaps it is like an old joke:
"How many Microsoft programmers does it take to change a lightbulb?"
"None, they just make darkness the new standard."
I guess, if uptime is a measure of your promised availability, then if
you promise total unavailability, your uptime is 100% if no-one can
reach you during the measured period.
Not terribly useful, however, and likely to get breached, when those
with means want to find out what you're hiding.
* patrick@ianai.net (Patrick W. Gilmore) [Mon 01 Dec 2008, 02:34 CET]:
The advantage of this swedish data centre is that even if its location is well known, it is pretty hard to harm the building. You can't run a truck full of explosives into it for instance.
Unfortunately, you also cannot run your own fiber there, colo equipment there, visit it for any reason, etc.
I was going to say 'this probably hinders customers adoption at NetNod', but I know for a fact the "probably" is superfluous.
I don't really get your reasoning here, Patrick. What were you going to do? Put your servers in the same racks as Netnod's switches? Rate their patch fiber management skills?
I can buy the argument that there is one bit of infrastructure (a string of dark fiber) more between your router and the IX infrastructure than you will get in other locations but in this age of people connecting remotely to IXPs all the time this seems pretty minor, especially given the box full of advantages it gives the IXP operator regarding facility security and having a very clear demarcation point.
-- Niels.
I didn't say it would stop everyone. Of course some people will not be deterred, but some absolutely have.
And most people are uninterested in the "box full of advantages it gives the IXP operator". Further, I would submit the "box full of advantages" are ephemeral at best, and arguably imaginary. Name another major IXP anywhere on the planet that has ever had a single issue NetNod's model would have avoided.
Now compare that to forcing every single participant to use unknown fiber paths into an unknown facility. When are these fibers groomed, and onto which unknown paths? Which fiber maintenance schedules might impact me without my knowledge? Which construction projects elsewhere in the city might take me down and there's no way for me to even predict that? Etc., etc.
I would prefer to take my chances with the known quantity, thankyouverymuch. Feel free to do with your network as you please.
I was going to say 'this probably hinders customers adoption at
NetNod', but I know for a fact the "probably" is superfluous.
I didn't say it would stop everyone. Of course some people will not be
deterred, but some absolutely have.
In Sweden, the reason to not choose NetNod (and to go with the smaller
exchangepoints) is price and only price. No swedish ISP I know of has
stated that the fact that the Stokab fibre is bought by the IXP and not the
ISP is a problem per se. Some might have a better wholesale deal than
NetNod has but that is still just about price.
The alternative IPXen were started for two reasons,
1. Price. At the time the first one got going NetNod was running OC48 SRP
as its fabric. (Anyone remember that technology?). The price of SRP
technology was simply too high for many small players, and required Cisco
gear, etc.
2. Convenience and reduced marginal cost, ie. #1 again. Since the first
alternative (SOL-IX) was and is distributed, really small ASes could join
for the price of a patch cable and an interface.
Now compare that to forcing every single participant to use unknown fiber
paths into an unknown facility. When are these fibers groomed, and onto
which unknown paths? Which fiber maintenance schedules might impact me
without my knowledge? Which construction projects elsewhere in the city
might take me down and there's no way for me to even predict that? Etc.,
etc.
The fiber paths into these facilities are national security issues. Expect
them to be guarded accordingly (as in running them in specially blasted
tunnels 30-60 meters down in the ground for the last aggregated path to the
facility). I have not experienced more unpredictability nor more outages
because Netnod buys the cable than when the ISP does. Same cable. And
Stokab does indeed know where the cables are.
I would prefer to take my chances with the known quantity,
thankyouverymuch. Feel free to do with your network as you please.
Just because you know where the cable is the backhoes won´t find it?
In Sweden, the reason to not choose NetNod (and to go with the smaller
exchangepoints) is price and only price. No swedish ISP I know of has
stated that the fact that the Stokab fibre is bought by the IXP and not the
ISP is a problem per se. Some might have a better wholesale deal than
NetNod has but that is still just about price.
I don't think any IXP can become a significant player on the Internet today by only attracting participants from the country in question. The Internet is not bound by political borders. (Usually. 
Now compare that to forcing every single participant to use unknown fiber
paths into an unknown facility. When are these fibers groomed, and onto
which unknown paths? Which fiber maintenance schedules might impact me
without my knowledge? Which construction projects elsewhere in the city
might take me down and there's no way for me to even predict that? Etc.,
etc.The fiber paths into these facilities are national security issues. Expect
them to be guarded accordingly (as in running them in specially blasted
tunnels 30-60 meters down in the ground for the last aggregated path to the
facility). I have not experienced more unpredictability nor more outages
because Netnod buys the cable than when the ISP does. Same cable. And
Stokab does indeed know where the cables are.
I'm glad to hear the fibers seem to be stable. Past performance is no guarantee of future profits and all that, but it is good to know care has been taken in the past.
As for the blasting of tunnels and national security angle, this is an IXP, not nuclear missile launch control. It should not be your only vector to get bits from point A to B. And if it is, then you have a larger problem than worrying about the facility withstanding physical attack.
And no, attaching to multiple NetNod nodes is not a solution, since only Stockholm has a large number of participants.
End of day, an IXP is not some magical thing. It is an ethernet switch allowing multiple networks to exchange traffic more easily than direct interconnection - and that is all it should be. It should not be mission critical. Treating it as such raises the cost, and therefore barrier to entry, which lowers its value.
I don't think any IXP can become a significant player on the Internet
today by only attracting participants from the country in question.
netnod is very successful. i guess they must operate from more than
sweden, then, eh?
engineers judge by results, not word count.
randy
I don't think any IXP can become a significant player on the Internet
today by only attracting participants from the country in question.netnod is very successful. i guess they must operate from more than
sweden, then, eh?
NetNod is successful. Very is a matter of opinion. As for "operate from more than sweden", that is trivial to confirm by looking at their member list.
So now that we have agreed, did you have a point, or just want to run up your word count?
engineers judge by results, not word count.
Wow, Randy, we are in agreement again.
To be clear, are you suggesting IXPs consider hiding their switches, forcing you to use a single fiber providers, not allowing anyone to know the path, etc.? I want to be sure I understand what you mean, since "engineers" like to make serious points, not flippant sound bites.