Does Bare Metal Switch Bring Security Risks?

In the current digital era, the significance of network security is becoming increasingly evident. With the widespread adoption of bare metal switches, we are compelled to confront potential security threats. In comparison to closed network switches, open network switches are more susceptible to attacks, a fact that intensifies our profound concern for network security. This article mainly introduces whether bare metal switches are more vulnerable to attacks and how to improve security through Secure Boot and measured boot.

Are Bare Metal Switches Less Secure than Proprietary Switches?

In the ever-evolving landscape of network infrastructure, the debate over the security of operating systems in switches continues to be a topic of interest and concern. At the forefront of this discussion are proprietary and open-source operating systems, each with its own set of characteristics and implications for network security.

Bare Metal Switches Are More Vulnerable to Attacks

Presently, two main categories of operating systems exist: proprietary and open source.

Proprietary operating systems: Proprietary, or closed source, operating systems are conceptualized, designed, developed, and sold by specific companies. These OSs are not intended for user tampering or customization and are commonly found on name-brand vertically integrated switches. FS has a proprietary operating system, FSOS, and provides proprietary operating system switches.

Open source operating systems: Open source operating systems are accessible, modifiable, and shareable by anyone. Created collaboratively by numerous contributors, these OSs are distributed under licenses adhering to the Open Source Definition. Due to the openness of open source switch software, its security level is weaker than that of proprietary switches. Open source network operating systems are typically compatible with open network switches or bare metal switches. ONIE is an open-source software based on Linux, running on bare metal switches, allowing users to run and switch network operating systems without the need to replace hardware. FS can provide a total of 14 bare metal switches, including 1G, 2.5G, 10G, 25G, 40G, 100G, 200G and 400G.

How Can Bare Metal Be Attacked?

A typical goal of a malicious user is to install a rootkit (a set of software used to gain unauthorized access and mask its presence) on a compromised device. As the protection mechanisms of network operating systems (NOS) have become more sophisticated, new types of attacks have emerged that bypass the security of NOS by launching malware before it is loaded, known as bootkits. Bootkit attacks have become increasingly common over the past few years, especially against servers and desktop devices.

How to Improve Security?

To avoid the attacks, establishing a secure chain of trust becomes imperative, spanning from the moment the device is unboxed to the loading of the NOS. Each step in this progression demands a robust security framework. This process ensures the device initiates with an unaltered and untainted image. There exist two approaches to institute a trustworthy boot system: Secured Boot and Measured Boot.

Secure Boot: Employing Secure Boot involves halting the boot sequence in the presence of a valid threat, rendering the device inoperable. This method necessitates the utilization of UEFI (Unified Extensible Firmware Interface), serving as a BIOS (Basic Input/Output System) replacement, and a digitally signed NOS. Prior to loading any NOS, the UEFI boot process verifies the signature associated with the NOS. This entails pre-loading the UEFI with a predefined set of public keys.

Measured Boot: In the context of Measured Boot, even if the system encounters a compromise, the device continues its boot process. However, a comprehensive log of the entire boot sequence is meticulously documented and stored in a novel hardware component known as a TPM (Trusted Platform Module). Periodically, a remote server queries the TPM chip for these values and subsequently compares them against predetermined, verified values.

Summary

Overall, a deep understanding of the security implications of bare metal switches is critical to maintaining network security in the digital age. By strengthening defenses and implementing practical solutions, we can better protect our networks from potential threats.

Secure Boot and Measured Boot serve as long-term solutions and remedies, providing security support for the coupling of bare metal switches and software. Currently, efforts are underway to develop a reinforced version of ONIE for future use in an environment similar to secure PXE (Pre-boot Execution Environment, used with servers). Additionally, prominent switch customers have the option to physically isolate switches from the rest of the internet and data center, enhancing both isolation and security.