he Recommendations for security for access nodes are divided into a number of areas for measures. In the section below, instructions are provided for how the security measures should be designed for the respective area for measures.
Design of premises
General recommendationsChoice of site for node building: The site for a node building should be chosen so
that as risk-free an environment as possible is achieved
Design of node building: To avoid a node being disabled due to corrosive gases or
water vapour penetrating the node building, for example in connection with a fire, its structure should be sealed.
Signs for node building: The prescribed signs outside a node building should be
limited so that interest for the node is kept at the lowest level possible. There shall be no signs naming owner, etc., though signs that state the telephone number where the public can call if anything abnormal is observed may be displayed.
Drawbar and lifting eyes: In order to prevent malicious damage to a node building
or adjacent building comprising a container or the like, any drawbar and lifting eyes should be removed. There is otherwise a risk that malicious damage can occur by the node building being lifted or pulled from its site with a crane or the like.
Elevated thresholds: All node spaces should be supplied with elevated thresholds, if
there is a risk of flooding.
Fire protection in node buildings: The node building should satisfy at least fire-
resistance grade EI30.
8
Design of ducting: In order to maintain good order, all ducting should be drawn in
cable trays or the equivalent.
Laying of network and electric cables: To avoid mistakes and disruptions, all
network and electric cabling should lie in separate ducting (trays or baskets) or shared trays with a separation shielding plate.
Cables in node spaces: Cables in node spaces may under no circumstances be
halogen-based.
Potential equalisation: All metal parts in technology spaces should be potential
equalised.
Heating, water and drainage installations
Heating, water and drainage pipes: The technology space in a node space should
not contain crossing pipes (heating, water or drainage pipes).
Backwater valve for floor drains: In spaces where there is a floor drain, the floor
drain shall be fitted with backwater valves to prevent flooding by water penetrating up through the floor drain.
Automatic closure of water pipes: In spaces where there are water pipes and/or there
is a system for water-borne cooling, there shall be automatic closure of water pipes to prevent flooding.
Room coolers: Room coolers should be placed and designed so as to eliminate the
risk of leakage or condensation on equipment.
Protective devices for cables and equipment
Protective devices for cable inlets: Node buildings in the form of sheds erected on-
site, containers or buildings which do not have a concrete base and where there is a risk that incoming and outgoing cabling may in various ways be exposed to malicious damage or sabotage, should be supplied with a protective device that
prevents/impedes malicious damage to cabling.
The protection of cables between the ground and the underside floor should be completely cover ‘all around’ the cables and be made of 1.5 mm steel plate and be buried at least 25 cm or in an equivalent way. See example of design of protective devices for cable inlets in Appendix A.
Arrangement of optical cable in node building: Optical cables that are intended for
outdoor use and that do not satisfy the requirement for limited fire spread may be laid a maximum of 5 metres within a node building. In addition, all optical cable should be equipped with flame-retardant material.
Protection of cables within and outside the fenced perimeter: To be designed in
accordance with the instructions contained in the EBR publication Optical cable
networks.
Protection of cross-connection points and/or equipment racks: The node owner’s
own communications equipment, cross-connection points and equipment for supply of the node (power supply, climate equipment, etc.) should be, as regards premises, separate from other operators who in some form lease space from the node owner. Only the node owner should have access to this kind of space.
Operators who lease space for fitting of their own equipment cabinets or lease space for location of equipment in equipment cabinets that are owned by the node owner, are themselves responsible for the protection of their own cross-connection points and equipment.
Mechanical burglary protection
Design of mechanical burglary protectionMechanical security protection should be designed in accordance with the Swedish Theft-Prevention Association’s (SSF) rules for Mechanical burglary protection – SSF
200:3, protection class 2.
Note: The preconditions for assistance from the police or guards in the event of burglary should be taken into account in connection with the detailed design planning of the mechanical burglary protection.
Deviations permitted
Outer door: An outer door should be supplied with a door closer. A powered lock
should be fitted, which means that the door will no longer satisfy the requirements for protection class 2.
Tip: The mechanical protection contained in walls is significantly
improved by a loose plate being inserted between two insulation layers in the wall. The inner wall can, for instance, comprise plywood. In the event of mechanical malicious damage from the outside, the plate flexes and in this way makes it more difficult to penetrate through the wall.
Operations alarm
Design of operations alarm: Besides technical alarms from communications
equipment, which are not dealt with in this Recommendation, different kinds of operations alarm from the node should be transferred to the operations monitoring
)
centre. It should be possible to divide operations alarms into the categories A-, B- and C-alarms (indications) depending on the priority of the alarm.
Transfer of operations alarm: A-alarm transferred to operations centre without
delay and B- and C-alarms can be transferred with some delay.
Environment and climate control
Design of air treatment system: Climate requirements should be adapted to the
operational requirements for the respective equipment housed within the node.
Design of cooling plant: Access nodes should have a cooling system. The
dimensioned room temperature in technology spaces should be 20 degrees -5/+ 4 degrees.
Emergency cooling plant: Should exist in the form of an independent cooling plant
(based on water cooling).
Electricity supply
General recommendations: The applicable high-voltage regulations ELSÄK FS
1999:5 with relevant supplements and amendments should be complied with.
Electrical system: 230/400V, which is a five-wire system (TN-S system) and
supplied with earth fault monitoring. Zero and protective conductors are connected at the supply point. Performed as A-, B-systems with separate groups in the power distribution panel.
Earthing and potential equalisation of computer equipment: Arranged according
to SS-EN-50310.
External power outlets for reserve power: The installation should have external
power outlets for reserve power. If this is available, there should be an earthing point connected to the outlet for reserve power. The outlet for connection of reserve power should be dead when the node is unmanned.
Uninterruptible power supply: An access node should be supplied with an
uninterruptible power supply (UPS). UPS should supply priority equipment and be constantly connected between the network /reserve power plant and the load.
UPS has the following tasks:
To constitute a filter and protect priority installations.
To bridge exchange times between network operation and reserve power plant operation.
To maintain functions for priority installations in the event of an interruption of network and reserve power.
UPS installations are dimensioned and designed on the basis of requirements of durability and accessibility.
Guideline values for UPS operation:
UPS operation at an access node with one (1) reserve power plant unit: 15 minutes. At an installation that does not have a reserve power plant, the UPS operation should be dimensioned at 1 hour.
External electricity outlets: There should not normally be other kinds of live
electricity outlets on the outside of the node except the connection for reserve power. In the event that there are, for example engine heater outlets, these should be controlled by a timer from the inside of the node building, alternatively be relay- controlled from an unlocking function for the outer door. An engine heater outlet should be dead when it is not being used by authorised personnel.
Lightening protection
General recommendations: There are currently no general standards that can be
recommended, but work is in progress to produce these.
EMC
General recommendations: Installed equipment should satisfy applicable standards