Network Equipment

The world is interconnected by computer networks, which have become critical to the operation of a broad range of devices and services. Preserving the integrity and security of network equipment such as routers, switches and firewalls is essential to maintaining reliability and integrity of network services. Network infrastructure must implement strong protection mechanisms to defend against sophisticated attacks against infrastructure and connected devices.

Network equipment has some properties that are unique to network equipment, which include:

Always On: Network equipment is “always on” and thus subject to advanced persistent threats (APTs).
Long Life Cycle: Network Equipment often has a long life cycle, must stay operational in the network for years with little downtime and therefore uses modularity and redundancy to maintain availability.
Unattended Operation: Network equipment typically must boot and operate without manual intervention for a long time.
Device Identity: Network equipment requires a strong device identity to expose itself unambiguously to the management system.
Privacy Protection: Network equipment has an important role in protecting the privacy of users.

Network Equipment Work Group is focused on requirements and use cases, and is providing security best practices, recommendations and specifications to enhance security and privacy for application of Trusted Computing technology in network infrastructure. The work group also provides analysis, use cases and advice to other work groups where network equipment knowledge is needed to achieve viable security and privacy protection.

Chairs

Michael Eckel is a cyber security researcher for Fraunhofer SIT. Previously, he was a security technologist at Huawei Technologies, mobile software developer at Boostix, and a web and software developer for a number of other companies. He holds a Masters Degree in Computer Science. Michael currently co-chairs the Trusted Computing Group’s Network Equipment work group, working to secure vulnerable network equipment.

Kevin Micciche is the Chief Technologist for HPE Networking Platform Trust, serving as the business unit’s lead subject matter expert on cryptography, cryptographic protocols, cryptographic hardware, and their systematic use to provide platform security and trust (TPM usage, code signing, inter-platform communication). He also leads the business units' transition to post-quantum cryptography in coordination with company-wide efforts, oversee our various PKI implementations, and participate and/or lead the relevant standards bodies and industry associations. Prior to assuming this role, he joined HPE in 2018, leading product teams through federal certifications for Common Criteria, FIPS 140-3, and the DoDIN Approved Products List within the US and internationally against EU, India, Singapore, and Brazil compliance requirements. Kevin also led the product compliance team in identifying gaps against both externally and internally defined frameworks and identifying resolution plans. Prior to joining HPE, Kevin worked at several third-party accreditation labs, helping to grow business within the certification programs. He has certified over 150 products over 16 years against Common Criteria and FIPS 140-3 for vendors including but not limited to CA, FireEye, Splunk, VMware, Cisco, HP, HPE Networking, Palo Alto, Juniper, Fortinet, and Microsoft.

Related Resources

Net EQ Establishing Network Equipment Security

Webcast: How to Secure Network Equipment Against Attacks

Architect’s Guide for Securing Network Equipment

TCG SNMP MIB for TPM-Based Attestation

View All

Network Equipment

Chairs

Related Resources

FAQ

Newsletter Signup

Contact Us

Subscribe to our newsletter