IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.106 Purchase of suitable ISDN cards<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrator, Purchase Department<br />

ISDN cards which have been selected for purchase should offer all security<br />

functions which might be required, so as to prevent unnecessary expenses in<br />

future. <strong>The</strong>se security functions should either be an integral part of the card, or<br />

realisable with the help of the accompanying communications software and<br />

driver programs.<br />

Possible criteria for selecting a suitable ISDN card include:<br />

- Capability to perform authentication via PAP and CHAP (Password<br />

Authentication Protocol and Challenge Handshake Authentication<br />

Protocol, RFC 1994)<br />

- Availability of a hardware-based or software-based encryption procedure<br />

(symmetric/asymmetric)<br />

- Possibility of evaluating CLIP call numbers (Calling Line Identification<br />

Presentation) for the purpose of authentication<br />

- Possibility of maintaining a table of call-numbers for performing callbacks<br />

- Possibility of logging unsuccessful attempts to establish a link (refusal due<br />

to incorrect authentication of call numbers or PAP/CHAP).<br />

Furthermore, the ISDN cards must be checked for functions which would<br />

impair operational security. If any such functions are found to exist, they<br />

should at least be deactivated through appropriate configuration. This<br />

includes, for example, the remote control functionality which allows an<br />

establishment of direct communications with the <strong>IT</strong> system via the public<br />

network.<br />

ISDN cards with the greatest possible number of identical security functions<br />

should be used on the <strong>IT</strong> systems requiring such cards as well as the network<br />

gateways (e.g. ISDN routers). If a particular security function exists on one<br />

side but is absent on the other, the desired effect will not be achieved.<br />

Additional controls:<br />

- Is the purchase department aware of the additional requirements which<br />

ISDN cards need to fulfil?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!