DMP Control Panels:
Designed With Network Security at the Forefront
June 07, 2019
By Dave Roberts, Vice President of Engineering
DMP’s proven history of using data networks for alarm panel communication began in the early 1990s with the first-ever UL High Line Security listing over data networks. Since that time, DMP has continued to improve network integration and security, making the use of data networks for alarm communication both simple and reliable. Many of the nation’s top banks and secure government facilities rely on DMP control panels and network reporting capabilities for their security needs.
DMP control panels are designed with network security at the forefront. No commercial operating systems (COTS) such as Linux or Windows are used in our control panel design. This eliminates the need for security patches to the system when common vulnerabilities are found in these applications. DMP control panels do not run any of the common services such as FTP, NTP, or Telnet that are found in PC applications. A port scan of a DMP control panel will show that only the ports specifically identified in panel programming will be open. This makes the system much less vulnerable to attempt- ed cyberattacks.
A common concern with network-connected devices in today’s environment is whether an attacker could connect to the device, and then use that device to connect to other devices on a private network. This is prevented by design with DMP systems because there is no physical or logical connection between the dialer, network, or cellular ports. In addition, since no commercial operating systems are used, there is no software running on the panel that would know how to support these types of operations. The only listening ports on a DMP panel are under the complete control of the panel firmware.
DMP control panels are routinely subjected to various types of penetration testing at large corporate and government end user facilities. Occasionally we get a report of a false positive, but we take the time to investigate and understand each and every report to make absolutely certain we haven’t overlooked something. We take security seriously. Our reputation stands on it.