IT Baseline Protection Manual - The Information Warfare Site

Networked Systems
_________________________________________________________________________________________
In order to address the individual components of the system to be managed, the manager exchanges
information with the agents. The type of protocol used for the communication has a considerable
impact on the capabilities and, in particular, the security of the management system.
Management systems can basically be divided into three categories according to the communication
protocol used (see also S 2.144 Selection of a suitable network management protocol):
1. SNMP (Simple Network Management Protocol), the widespread standard protocol of the TCP/IPbased
system management, is used.
2. CMIP (Common Management Information Protocol), the less-common standard protocol of the
ISO/OSI-based system management, is used.
3. A manufacturer-specific protocol is used. It is normally possible to use what are known as adapters
to integrate the standard protocols, whereby there is usually only a SNMP connection.
The SNMP protocol is used most often. SNMP is an extremely simple protocol which only recognises
five types of messages and is therefore easy to implement. CMIP is mainly used to manage
telecommunications networks and is irrelevant in management based on the Internet or Intranet, as it
uses the OSI protocol stack rather than the TCP/IP stack.
Although system management systems usually have a centralist structure to allow the system to be
managed from a management station, the exact architecture depends on the possible size of the
systems which can be managed and on the range of functions offered. These systems range from
simple collections of management tools which can be used next to each other in small networks
without being integrated to management platforms which can manage a world-wide company network
containing thousands of computers.
Certain management platforms use proprietary protocols for communication between the components.
These systems usually have a higher performance range and are not only used for network and system
management but also offer resource management for entire organisations. Through the insufficientlyspecified
security mechanisms in the few existing standards, the manufacturers' own solutions provide
security-relevant mechanisms such as cryptographic techniques.
Threat Scenario
The following typical threats are assumed for the IT baseline protection of a management system:
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000