A mantrap is a physical security measure that creates a buffer area between a secure area and the outside world. Only one person at a time can pass through the mantrap, thus preventing tailgating attacks, in which an unauthorized individual slips into a secure area on the heels of an authorized person.
Also known as a security vestibule or airlock, many mantraps take the form of a booth or room with two doors: one to a secure area, and one to the outside world. These two doors generally cannot be unlocked at the same time.
To pass through the mantrap, someone must enter the mantrap from the outside. Once the door locks behind them, they present their credentials, such as a keycard. If everything checks out, the door to the secure area unlocks, allowing them to enter. Only once the door closes and locks again will the door to the outside unlock, allowing another person to pass through.
Some mantraps are much simpler: the classic subway turnstile is a type of mantrap, allowing only one person through at a time.
Most mantraps are overseen and operated by security guards. They are often aided by other security tools, such as security cameras and authentication systems. It’s rare for a mantrap to operate independent of other security measures: usually, they’re one component of a layered physical security system.
How Tailgating Attacks Work
In a tailgating attack, an unauthorized individual slips in behind an authorized individual. This simple but effective attack can be considered a form of social engineering. Many of us are accustomed to hold the door open for other people, as a matter of common courtesy. Tailgating attackers exploit this simple kindness to evade security systems.
Tailgating attacks can also go unnoticed. Especially if someone passes through a door every day, it’s unlikely they wait to make sure it completely closes behind them. A quick attacker can often get to the door before it can fully close.
Although tailgating attacks are social in nature, mantraps effectively guard against them through physical measures. You can’t casually hold the door open for someone when there are two doors on opposite sides of a booth, and you certainly can’t do so when these doors cannot be unlocked at the same time.
Uses of Mantraps
Mantraps can be used in a variety of contexts. At their most public, subway turnstiles make sure only one person can enter per subway fare. Booth-style mantraps, also known as security vestibules, reduce the risk of tailgating attacks at government buildings and other high security areas.
Mantraps can do more than curtail tailgating attacks. They also make it easier for security guards to monitor who enters or leaves an area. It’s much harder to oversee crowds of people coming and going. But if people can only enter one-at-a-time through a closely monitored mantrap, it becomes much easier to tell who’s coming in.
Mantraps can also help keep sensitive materials from leaving a secure location. Someone leaving a confidential archive might have their bags searched at a mantrap as they exit. Although a mantrap is by no means necessary to search someone’s bags, it ensures the guard’s attention is squarely on one person at a time, and reduces opportunities for two people working together to sneak things out.
Likewise, many hospitals use airlocks to reduce the risk of contamination. After a medical professional is done treating a highly infectious patient, they might pass through a mantrap where they dispose of any protective equipment and clean themselves up before exiting.
Drawbacks of Mantraps
Not effective on their own
Mantraps are not impenetrable. Turnstiles can be jumped, credentials can be stolen, guards can make mistakes, computer systems can be hacked, and emergency measures can be exploited to gain entry.
These risks don’t make mantraps a bad security measure. They only mean that, like all controls, they work best as part of a larger system, with layered defenses so that the security system is not entirely reliant on any one control.
The typical mantrap is one part of a larger security checkpoint. The secure area itself is surrounded by walls or fences, making this checkpoint the only way in. At a highly secure facility, this gate will be carefully monitored by guards and cameras. For anyone entering the secure area, the mantrap itself is the tip of the funnel: here, everything they do is plainly visible and recorded. Once someone has been authenticated – ideally, by two or more authentication factors – they can then pass through the mantrap and into the secure area.
When implementing mantraps, you must make sure people can still evacuate the building in case of a fire or other emergency. For this reason, many mantraps allow people to exit without requiring both doors to lock and unlock separately. Others allow guards to manually override the mantrap, or feature automatic overrides that unlock the mantrap should the fire alarm go off. No matter what, you want to make sure your security measures don’t exacerbate a fire hazard.
Perhaps the biggest drawback of mantraps is their cost: most models run north of $30,000. And because mantraps don’t work very well in isolation, that’s just a starting point. If you intend to use mantraps, you will most likely want to hire one or more security guards as well.
For this reason, mantraps aren’t the security method of choice for most basic contexts. But for high security checkpoints, a mantrap or two can be well worth it to reduce the risk of tailgating and make your physical security that much more secure.