Along with video surveillance, the ability to connect many security devices over a long fiber route is key to security applications. Security devices come in myriad forms - analog cameras, digital cameras, motion sensors, intrusion monitors, infrared imaging, biometric identification systems, and many more. Alloptic is compatible with any device that has an Ethernet or TDM network connection.

Security devices are often spread over significant distances, such as a fence line, border crossing, or around a base. A single Alloptic edge200 OLT (Alloptic's smallest OLT chassis) can support over 1,500 devices with up to 670Kbps/device and a span of more than 300km. With Alloptic's edge2000, even higher densities are possible.

Security applications require unmatched reliability and Alloptic's GEPON systems deliver both high reliability and security. That begins with the OLT architecture. Each of the modules shown in the Alloptic edge2000 OLT (right) has 1:1 redundancy with automatic switchover in case of failure. Up to 8 x 1Gbps network interfaces supply more than adequate bandwidth in the event of service loss at the upstream router or network connecting the OLT and router. Redundant A/B -48VDC power connections are available for backup power should one power supply fail. Other than the backplane of the chassis itself, there is no single point of failure in the OLT network element.

Redundancy extends to the outside plant and ONT as well. While fiber optic networks are inherently more reliable than copper, problems such as a fiber cut do occur. Alloptic supports diverse-route fiber redundancy as shown in the following diagram. If the primary fiber route is disrupted, the ONT automatically switches to the signal feed from the diverse fiber route.

Time-to-restore is a key element of system reliability and high availability. Other point-to-point fiber systems that use 96-, 144-, or even 288-fiber cabling require that every fiber be identified and spliced in the event of a cut before full service is restored. In the same fiber cut situation with Alloptic, one or two splices have the system operational in short order.

Unauthorized access

For all communications systems, whether optical or copper based, the potential for unauthorized connection to the network for eavesdropping or hacking must be addressed. The Alloptic system deals with this security threat by requiring serial number authentication of any ONT on the PON prior to allowing communications with that ONT. Unauthorized access would require that (1) an ONT be attached to the PON without disrupting the optical transmission, (2) that it contain the proper serialization code, (3) that the system OLT software security be breached (which cannot be done from a field location), (4) that the intruder understand the system well enough to input the proper codes to activate the ONT, and (5) that no one notice the addition of an ONT from normal system reports. Even minimal system monitoring will detect at least one of those conditions before a security breach. Should you mention that once on a PON, the ONT auto ranges, so moving the ONT beyond the auto-ranged parameters will cause an error with the system.

Alloptic's product is inherently more secure because it is based on a passive optical network without electronics in the outside environment. PONs such as those with Alloptic require a physical presence on the fiber for intrusion. Systems with electronics in the outside plant (e.g. active Ethernet architectures) are susceptible to remote electronic eavesdropping of electrical field emissions.

The Alloptic system monitors itself and peripherals devices, generating appropriate alarms and alerts. In the event of any deviation from normal system operation, critical, major, and minor alarms are generated. They are visible within the system software or can be forwarded to higher-level network systems for reporting and action. Alarm inputs are available at both ONT and OLT points for peripheral devices, such as a "door open" alert from a remote cabinet, a temperature monitor in an unmanned building, or water sensor in a basement. Fully SNMP compliant, the Alloptic system can both monitor and be monitored by other network equipment.

System software has password security that gives users access to various levels of system control based on the user's log-in information. For instance, some users may have only the ability to read alarms, others might have access to add new services, and others might have full rights to change any system parameter. Features such as four user access levels with roles and groups, authentication, access profiles, password spinning and aging, and an audit trail ensure system security.