Mantraps. While the name conjures scary (or funny) images in the mind, they’re really a vital part of many data centers. Here, we explore the pros and cons of these safety devices and discuss whether your data center needs a mantrap.
Data center managers and organizations have made quite a few strides toward improving data centers by employing server densities, electrical power efficiencies, cooling improvements and robust infrastructure including network bandwidth enhancements and continue to do so. Many in industry and government have been warning that the country faces imminent danger from cyber attacks and so far this year the number of attacks and impact has been relentless and more sophisticated.
During 2017, the most digital damage from cyber attacks includes continuous targeting of critical infrastructure, ransomware, government emails being hacked, exfiltration of Central Intelligence Agency documents, and the multinational WannaCry ransomware attack of over 200,000 systems. Gartners’ global information security spending forecast estimates that by the end of 2017, purchases for security products and services could reach $84.5 billion or a seven percent increase since 2016. Defenses have progressively improved and measures continue to be implemented. However, there is one area which lags far behind – that is the physical security of data centers and, specifically, the adoption and employment of mantraps.
According to BICSI, a mantrap is created using two interlocking doors which open only one at a time after the correct credentials have been validated. To physically secure a facility or data center, periodic risk assessment and policy reviews should be conducted. Ideally, drills should be included to engrain the training scenarios and validate policies and procedures. An example of layered security can be found in the TIA-942 where tiers I through IV are used to differentiate each level including Kevlar or bullet resistant walls, windows, doors, closed circuit television (CCTV) monitoring, access control and more.
Security Measures Can be Categorized into Four Layers:
- Perimeter security – this should include video surveillance, site-hardening and vehicle barriers.
- Facility controls – should include man traps, video surveillance based on H.264 Advance Video Coding (AVC) standard with 16:9 aspect ratio video and recording, access controls and badging/credentializing.
- Computer room controls – this should be limited and role-based for access including those which are multitenant or private areas with auditing.
- Cabinet controls – similar levels of access to computer rooms, auditing, alarms, and intelligent locking decision-making functionality at the lock point.
Two Major Types of Mantraps:
- Air Lock Control – low-security systems used only for environmental control also referred to as normally unlocked.
- Restricted Entry and Exit – these are considered the highest security type that is used with normally locked doors. Opening any door keeps all other doors secure. The man trap buffers simultaneous requests for access which prevents any two doors from being unlocked.
Additionally, some man traps may incorporate the use of Request-to-exit (REX) device – typically located on the inside secured door, most are identified as a ‘quick release’ latch.
- Allows only one person to enter or exit at a given time
- Requires proper identification and authentication
- Restricts movement into and out of the data center
- Can be used to dentain unwanted visitors until authorities are called
- Provides an audit trail for personnel and visitors
- Highly secure doors are more expensive
- May not permit movement of large boxes, dollies, deliveries, etc.
- May fail during electrical power outage unless backup exists
- If not properly implemented according to policy and design, may present a safety risk
Whether your next data center project involves a mantrap or other security measures, be sure to explore Instor’s Data Center Security, Design and Installation Services.