More security with security hardening for WDM components

Fulfil NIS2 directive and KRITIS guidelines

Legal security requirements for optical networks

Securing WDM networks with security hardening

With numerous directives and guidelines, legislators are placing increasing obligations on operators of critical infrastructures and "important facilities" - NIS2 (The Network and Information Security Directive), the KRITIS umbrella law or DORA (Digital Operational Resilience Act) for the financial sector are just a few current examples. The aim of government measures is to strengthen the resilience of critical infrastructure - the pressure to act is high. Optical networks are also increasingly coming under scrutiny, as the data connections between data centres and locations are the backbone of digital communication. For this reason, they must be as fail-safe as possible and protected against cyber attacks. However, standardised IT solutions for security do not help at layer 1. System hardening, or security hardening, is a preventative IT security measure that makes the system landscape more secure by hardening DWDM systems, for example. As experts for optical networks, we support you with special services for hardening your systems - for more security and audit-proof compliance.

Which regulations and requirements are important for your company

Speak to our compliance expert

It is difficult to keep track of laws, regulations or implementation guidelines - especially as things are constantly changing. Is my company a particularly important or important organisation? The particularly important organisations are large companies in certain sectors, some companies regardless of their size and operators of critical facilities. The important organisations are large companies and medium-sized companies in many sectors. Categorising your own company can be difficult.

Take the easy way out and talk to David Haas, our expert on legal security requirements. He will take the time to answer your most important questions about obligations and system hardening as an important building block for increasing the security of your organisation. System hardening measures can be complex and require specialised knowledge that is not always available in your own company - so let us advise you.

Security Hardening & Baselining

Configure and monitor WDMs in a compliant manner
Wave Division Multiplexing (WDM) is the key technology in modern optical networks and is crucial for the operation of Data Centre Interconnects (DCI) and site networks. The systems are considered a critical target, as attacks on the hardware and software can be used to paralyse companies and facilities in a very targeted manner.

Specialised knowledge required
Those responsible for IT security generally focus on the cyber security of end devices, servers and applications - they are often not sufficiently familiar with the security of systems at layer 1. The hardening of WDM components is often not on the to-do list at all or is low on the list due to a lack of time.


We take the pressure off your team - with the following benefits:

  • Compliance expertise: we understand the "guideline" language
  • Decades of experience in the installation and maintenance of WDM technology
  • Top-certified technicians, network administrators and security analysts
  • Manufacturer-independent service
  • 12 locations with decentralised spare parts warehouses
  • 24/7 NOC/SOC
  • Expertise also for encryption, incl. quantum-safe encryption (PQC/QKD)
  • Fair and transparent prices
  • Flexible support through professional or managed services


Our security hardening services fulfil the following requirements for hardening WDM systems:

Secure configuration

Comparison of the configurations with the manufacturer's Security Guide and the BSI/ISO guidelines

Deactivation of unused ports

Periodic detection of vulnerabilities through open L3 up to L7 management ports & software stacks

Hardware & inventory check

Software check and display of the inventory of installed devices with system information: Which software releases are installed?

View & maintain user accounts

Management and clean-up of user accounts with specification of the password security level

Site plan for security status

Correlation of events according to attack scenarios with a view from a security and compliance perspective

Reports for audits & authorities

Logging of activities and reporting for audits and safety checks by supervisory authorities

24/7 Security Operations Center

Proactive monitoring in the Security Operations Centre (SOC) by our security analysts, continuous logging, review and immediate response capability

WDM system hardening: How much support do you need?

Selective security hardening assignments as a professional service

Security check and initial scan

  • On-site use
  • Configuration setting according to manufacturer specifications
  • Optional setup according to BSI or industry standard
  • Vulnerability scan for testing with report for audits

Periodic testing according to criticality

  • Recurring on-site deployment by arrangement (e.g. quarterly)
  • Checking changes to the configuration with logging
  • Vulnerability scan according to security relevance
  • Reporting with changes

Permanent security hardening support with managed services in the NOC

NOC connection with proactive approach

  • VPN connection with Act & Collect Box
  • Proactive monitoring of the security baseline configurations
  • Continuous vulnerability scan by security analysts
  • Monthly reporting

Plug-in to connect to the dacoso database

  • Expansion of the NOC connection through proactive security monitoring
  • Aggregation, evaluation and processing of security incidents (IoCS)
  • Application of the dacoso library for DWDM security use cases
  • Customised reporting

Would you like to know more about NIS2 & Co. and WDM system hardening?

We will be happy to inform you!