Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure
RFC 3871

 
Document
Type RFC - Informational (September 2004; No errata)
Was draft-jones-opsec (individual in gen area)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream
WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG
IESG state RFC 3871 (Informational)
Telechat date
Responsible AD Steven Bellovin
Send notices to gmj@pobox.com

Email authors IPR References Referenced by Nits Search lists

Network Working Group                                      G. Jones, Ed.
Request for Comments: 3871                         The MITRE Corporation
Category: Informational                                   September 2004

              Operational Security Requirements for Large
       Internet Service Provider (ISP) IP Network Infrastructure

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   This document defines a list of operational security requirements for
   the infrastructure of large Internet Service Provider (ISP) IP
   networks (routers and switches).  A framework is defined for
   specifying "profiles", which are collections of requirements
   applicable to certain network topology contexts (all, core-only,
   edge-only...).  The goal is to provide network operators a clear,
   concise way of communicating their security requirements to vendors.

Jones                        Informational                      [Page 1]
RFC 3871           Operational Security Requirements      September 2004

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  5
       1.1.  Goals. . . . . . . . . . . . . . . . . . . . . . . . . .  5
       1.2.  Motivation . . . . . . . . . . . . . . . . . . . . . . .  5
       1.3.  Scope. . . . . . . . . . . . . . . . . . . . . . . . . .  5
       1.4.  Definition of a Secure Network . . . . . . . . . . . . .  6
       1.5.  Intended Audience. . . . . . . . . . . . . . . . . . . .  6
       1.6.  Format . . . . . . . . . . . . . . . . . . . . . . . . .  6
       1.7.  Intended Use . . . . . . . . . . . . . . . . . . . . . .  7
       1.8.  Definitions. . . . . . . . . . . . . . . . . . . . . . .  7
   2.  Functional Requirements  . . . . . . . . . . . . . . . . . . . 11
       2.1.  Device Management Requirements . . . . . . . . . . . . . 11
             2.1.1.   Support Secure Channels For Management. . . . . 11
       2.2.  In-Band Management Requirements. . . . . . . . . . . . . 12
             2.2.1.   Use Cryptographic Algorithms Subject To
                      Open Review . . . . . . . . . . . . . . . . . . 12
             2.2.2.   Use Strong Cryptography . . . . . . . . . . . . 13
             2.2.3.   Use Protocols Subject To Open Review For
                      Management. . . . . . . . . . . . . . . . . . . 14
             2.2.4.   Allow Selection of Cryptographic Parameters . . 15
             2.2.5.   Management Functions Should Have Increased
                      Priority. . . . . . . . . . . . . . . . . . . . 16
       2.3.  Out-of-Band (OoB) Management Requirements  . . . . . . . 16
             2.3.1.   Support a 'Console' Interface . . . . . . . . . 17
             2.3.2.   'Console' Communication Profile Must Support
                      Reset . . . . . . . . . . . . . . . . . . . . . 19
             2.3.3.   'Console' Requires Minimal Functionality of
                      Attached Devices. . . . . . . . . . . . . . . . 19
             2.3.4.   'Console' Supports Fall-back Authentication . . 20
             2.3.5.   Support Separate Management Plane IP
                      Interfaces. . . . . . . . . . . . . . . . . . . 21
             2.3.6.   No Forwarding Between Management Plane And Other
                      Interfaces. . . . . . . . . . . . . . . . . . . 21
       2.4.  Configuration and Management Interface Requirements. . . 22
             2.4.1.   'CLI' Provides Access to All Configuration and
                      Management Functions. . . . . . . . . . . . . . 22
             2.4.2.   'CLI' Supports Scripting of Configuration . . . 23
             2.4.3.   'CLI' Supports Management Over 'Slow' Links . . 24
             2.4.4.   'CLI' Supports Idle Session Timeout . . . . . . 25
             2.4.5.   Support Software Installation . . . . . . . . . 25
             2.4.6.   Support Remote Configuration Backup . . . . . . 27
             2.4.7.   Support Remote Configuration Restore. . . . . . 27
             2.4.8.   Support Text Configuration Files. . . . . . . . 28
       2.5.  IP Stack Requirements. . . . . . . . . . . . . . . . . . 29
             2.5.1.   Ability to Identify All Listening Services. . . 29
             2.5.2.   Ability to Disable Any and All Services . . . . 30

Jones                        Informational                      [Page 2]
RFC 3871           Operational Security Requirements      September 2004

             2.5.3.   Ability to Control Service Bindings for
                      Listening Services. . . . . . . . . . . . . . . 30
Show full document text