Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure
RFC 3871
Document | Type |
RFC - Informational
(September 2004; No errata)
Was draft-jones-opsec (individual in gen area)
|
|
---|---|---|---|
Author | George Jones | ||
Last updated | 2015-10-14 | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 3871 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Steven Bellovin | ||
Send notices to | (None) |
Network Working Group G. Jones, Ed. Request for Comments: 3871 The MITRE Corporation Category: Informational September 2004 Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2004). Abstract This document defines a list of operational security requirements for the infrastructure of large Internet Service Provider (ISP) IP networks (routers and switches). A framework is defined for specifying "profiles", which are collections of requirements applicable to certain network topology contexts (all, core-only, edge-only...). The goal is to provide network operators a clear, concise way of communicating their security requirements to vendors. Jones Informational [Page 1] RFC 3871 Operational Security Requirements September 2004 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.1. Goals. . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.2. Motivation . . . . . . . . . . . . . . . . . . . . . . . 5 1.3. Scope. . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.4. Definition of a Secure Network . . . . . . . . . . . . . 6 1.5. Intended Audience. . . . . . . . . . . . . . . . . . . . 6 1.6. Format . . . . . . . . . . . . . . . . . . . . . . . . . 6 1.7. Intended Use . . . . . . . . . . . . . . . . . . . . . . 7 1.8. Definitions. . . . . . . . . . . . . . . . . . . . . . . 7 2. Functional Requirements . . . . . . . . . . . . . . . . . . . 11 2.1. Device Management Requirements . . . . . . . . . . . . . 11 2.1.1. Support Secure Channels For Management. . . . . 11 2.2. In-Band Management Requirements. . . . . . . . . . . . . 12 2.2.1. Use Cryptographic Algorithms Subject To Open Review . . . . . . . . . . . . . . . . . . 12 2.2.2. Use Strong Cryptography . . . . . . . . . . . . 13 2.2.3. Use Protocols Subject To Open Review For Management. . . . . . . . . . . . . . . . . . . 14 2.2.4. Allow Selection of Cryptographic Parameters . . 15 2.2.5. Management Functions Should Have Increased Priority. . . . . . . . . . . . . . . . . . . . 16 2.3. Out-of-Band (OoB) Management Requirements . . . . . . . 16 2.3.1. Support a 'Console' Interface . . . . . . . . . 17 2.3.2. 'Console' Communication Profile Must Support Reset . . . . . . . . . . . . . . . . . . . . . 19 2.3.3. 'Console' Requires Minimal Functionality of Attached Devices. . . . . . . . . . . . . . . . 19 2.3.4. 'Console' Supports Fall-back Authentication . . 20 2.3.5. Support Separate Management Plane IP Interfaces. . . . . . . . . . . . . . . . . . . 21 2.3.6. No Forwarding Between Management Plane And Other Interfaces. . . . . . . . . . . . . . . . . . . 21 2.4. Configuration and Management Interface Requirements. . . 22 2.4.1. 'CLI' Provides Access to All Configuration and Management Functions. . . . . . . . . . . . . . 22 2.4.2. 'CLI' Supports Scripting of Configuration . . . 23 2.4.3. 'CLI' Supports Management Over 'Slow' Links . . 24 2.4.4. 'CLI' Supports Idle Session Timeout . . . . . . 25 2.4.5. Support Software Installation . . . . . . . . . 25 2.4.6. Support Remote Configuration Backup . . . . . . 27 2.4.7. Support Remote Configuration Restore. . . . . . 27 2.4.8. Support Text Configuration Files. . . . . . . . 28 2.5. IP Stack Requirements. . . . . . . . . . . . . . . . . . 29 2.5.1. Ability to Identify All Listening Services. . . 29 2.5.2. Ability to Disable Any and All Services . . . . 30 Jones Informational [Page 2] RFC 3871 Operational Security Requirements September 2004 2.5.3. Ability to Control Service Bindings for Listening Services. . . . . . . . . . . . . . . 30 2.5.4. Ability to Control Service Source Addresses . . 31 2.5.5. Support Automatic Anti-spoofing for Single-Homed Networks . . . . . . . . . . . . . 32 2.5.6. Support Automatic Discarding Of Bogons andShow full document text