IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue Infrastucture Remarks
____________________________________________________________________ .........................................
S 1.38 Suitable siting of a modem
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: IT users, Administrator
To prevent misuse of modems, it must be ensured that only authorised persons
have physical access to this equipment. Misuse in this case implies, firstly,
unauthorised data transmissions possibly resulting in costs, virus infiltration or
the transfer of confidential information outside, and secondly, unauthorised
alteration or viewing of the modem configuration possibly resulting in security
weaknesses.
To control physical access to an external or PCMCIA modem, it must be
ensured, for example, that modems operated continuously are kept inside
locked rooms and modems operated temporarily are kept safely inside
cabinets when not in use. The provisions in Chapter 4.3.1 Office are to be
observed here.
Due to its integration in an IT system, an internal modem has a higher intrinsic
degree of physical protection. In this case, it is sufficient to observe the
measures in Chapter 4.3.1 Office or 4.3.2 Server Room.
If access to the internal network is created via a modem or a modem pool,
Chapter 7.3 Firewall should be consulted. Access to the internal network
should not be created via modems whilst bypassing an existing firewall.
If more external accesses to a network protected by a firewall are to be created
with a modem pool, this must be set up on the insecure side of the firewall
(c.f. S 2.77 Correct Configuration of Other Components). The modem pool
shouls be set up with the relevant server in a security server room. The
safeguards contained in Chapter 4.3.2 Server Room should be observed.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000