CrossLayer Security Overview

Crosslayer’s network consists of a fiber network that has physically separations between spans of Fiber.  For our managed service we use network segmentation (VLAN) and security best practices to ensure proper network security. Multiple VLAN network topology consisting of separate VLAN assignments for Customer’s VOICE, Guest WIFI, Business WIFI and Ethernet data assures data is not comingled between network segments. Each network segment or VLAN is separated with individual Firewall devices.

Physical ports on all routers are disabled when not in use to assure no unauthorized equipment is allowed on the network. All switches and meet-me areas are physically locked in an enclosure and all datacenter center facilities are operating in a secured environment.

Network monitoring and intense logging are enabled on all devices and monitored 24x7 as well as security notifications and alerts are enabled.

We employ Layer 2 network controls where possible. With MAC Address Filtering, the MAC Address of IP Phones and devices can be statically configured on the Ethernet port of the switch or firewall.  In addition we Enable 802.1x: The Ethernet Switch ports of directly connected IP Phones and devices can be properly configured and enabled for 802.1x. Devices which support 802.1x supplicant clients would then be required to authenticate with the proper credentials.

Any communications between Crosslayer’s networks are encrypted VIA Site 2 Site encrypted tunnels.  All applications deployed on the Crosslayer network adhere to the most stringent security best practices.

Access control

  • Access controlled perimeter
  • Compute and Network equipment in access cabinets
  • Video surveillance 
  • Tracking of asset addition and removal 

Power

  • Redundant power distribution units (PDUs)
  • UPS to protect critical systems

Network

  • Redundant internal networks
  • Connectivity to multiple internet carriers
  • High bandwidth capacity

Compute

  • Redundant and scalable compute grid
  • Implementation of site Availability Zones

Web Application Security

  • Use TLS cryptographic protocols to ensure users connections are encrypted and secure
  • Developers follow OWASP Best Practice guidance in development of secure application
  • Application and database tiers are securely separated
  • Web Application vulnerability scanning run on a regular basis

Network Security

  • Perimeter firewalls and edge routers
  • Internal Firewall segregation

Operation Centers

  • Multiple geographically separate Network Operations Center (NOC)
  • 24/7 monitoring and surveillance 

Backups

  • Data backed up at each site daily
  • Backups securely transferred to an offsite protected location

Compliance

Crosslayer is committed to maintaining secure infrastructure and industry best practice operational and security controls. We are in the process of pursuing international recognized standards; ISO 27001, PCI-DSS and HIPPA to validate the effectiveness of our controls and ensure we meet standard requirements.