IT Baseline Protection Manual - Chapter 2.3 IT Baseline Protection Modelling

-->

2.3.2 Modelling of an Individual IT System

Depending on the object(s) under examination, the tables below serve different functions. If the IT assets under consideration consists only of a single IT system or a single group of IT systems which have the same configuration, same framework conditions and same applications, then as a minimum the modules required for modelling can be read directly out of these tables. Modules with no entry in the relevant column should be used as well if they are relevant to the individual IT system under consideration.

If on the other hand the IT assets are composed out of different components, then the tables provided below will help in checking whether modelling as described in Section 2.3.1 is complete. If, for example, the present IT assets contain Windows NT clients, then all the modules which have an "X" in the relevant table should be considered during modelling. Modules identified with "(X)" only need to be used when certain conditions apply. These conditions are listed in Section 2.3.1.

Key:

X	The module must be applied to this IT system.
(X)	The module must be applied to this IT system if the conditions specified in Section 2.3.1 apply.
X1	A server room can be replaced by a server cabinet.

	IT Systems	Stand-Alone Systems / Clients
	Module	DOS-PC (Single User)	UNIX System	Laptop PC	PC (Multi-user)	Windows NT PC	Windows 95 PC
3.0	IT Security Management	X	X	X	X	X	X
3.1	Organisation	X	X	X	X	X	X
3.2	Personnel	X	X	X	X	X	X
3.3	Contingency Planning Concept	(X)	(X)	(X)	(X)	(X)	(X)
3.4	Data Backup Policy	X	X	X	X	X	X
3.6	Computer Virus Protection Concept	X	X	X	X	X	X
3.7	Crypto Concept	(X)	(X)	(X)	(X)	(X)	(X)
3.8	Handling of Security Incidents	(X)	(X)	(X)	(X)	(X)	(X)
4.1	Buildings	X	X		X	X	X
4.2	Cabling	X	X		X	X	X
4.3.1	Offices	X	X		X	X	X
4.3.2	Server rooms
4.3.3	Storage Media Archives
4.3.4	Technical Infrastructure Rooms
4.4	Protective Cabinets
4.5	Working Place At Home (Telecommuting)
5.1	DOS PC (Single User)	X		(X)	(X)
5.2	UNIX System		X	(X)	(X)
5.3	Laptop PC			X	(X)
5.4	PCs With a Non-Constant User Population	(X)	(X)	(X)	X
5.5	PC under Windows NT			(X)		X
5.6	PC with Windows 95			(X)			X
5.99	Stand-Alone IT Systems Generally
6.1	Server-Supported Network
6.2	UNIX Server
6.3	Peer-to-Peer Network
6.4	Windows NT Network
6.5	Novell Netware 3.x
6.6	Novell Netware 4.x
6.7	Heterogeneous Networks
6.8	Network and System Management
7.1	Exchange of Data Media	(X)	(X)	(X)	(X)	(X)	(X)
7.2	Modem
7.3	Firewall
7.4	E-Mail
7.5	WWW Server
7.6	Remote Access
8.1	Telecommunications System (Private Branch Exchange, PBX)
8.2	Fax Machine
8.3	Answering Machine
8.4	LAN connection over ISDN
8.5	Fax Servers
8.6	Mobile Telephones
9.1	Standard Software	X	X	X	X	X	X
9.2	Databases
9.3	Telecommuting

	IT Systems	Stand-Alone Systems / Clients	Stand-Alone Systems / Clients
	Module	Telecommuting	Stand-Alone IT Systems Generally
3.0	IT Security Management	X	X
3.1	Organisation	X	X
3.2	Personnel	X	X
3.3	Contingency Planning Concept	(X)	(X)
3.4	Data Backup Policy	X	X
3.6	Computer Virus Protection Concept	X	X
3.7	Crypto Concept	(X)	(X)
3.8	Handling of Security Incidents	(X)	(X)
4.1	Buildings		X
4.2	Cabling		X
4.3.1	Offices		X
4.3.2	Server Rooms
4.3.3	Storage Media Archives
4.3.4	Technical Infrastructure Rooms
4.4	Protective Cabinets
4.5	Working Place At Home (Telecommuting)	X
5.1	DOS PC (Single User)	(X)
5.2	UNIX System	(X)
5.3	Laptop PC
5.4	PCs With a Non-Constant User Population
5.5	PC under Windows NT	(X)
5.6	PC with Windows 95	(X)
5.99	Stand-Alone IT Systems Generally	(X)	X
6.1	Server-Supported Network
6.2	UNIX Server
6.3	Peer-to-Peer Network
6.4	Windows NT Network
6.5	Novell Netware 3.x
6.6	Novell Netware 4.x
6.7	Heterogeneous Networks
6.8	Network and System Management
7.1	Exchange of Data Media	(X)	(X)
7.2	Modem	(X)
7.3	Firewall
7.4	E-Mail
7.5	WWW Server
7.6	Remote Access
8.1	Telecommunications System (Private Branch Exchange, PBX)
8.2	Fax Machine	(X)
8.3	Answering Machine	(X)
8.4	LAN connection over ISDN	(X)
8.5	Fax Servers
8.6	Mobile Telephones
9.1	Standard Software	X	X
9.2	Databases
9.3	Telecommuting	X

	IT Systems	Server / Network
	Module	UNIX Network	Peer-to-Peer Network	Windows NT Network	Novell 3.x Network	Novell 4.x Network
3.0	IT Security Management	X	X	X	X	X
3.1	Organisation	X	X	X	X	X
3.2	Personnel	X	X	X	X	X
3.3	Contingency Planning Concept	(X)	(X)	(X)	(X)	(X)
3.4	Data Backup Policy	X	X	X	X	X
3.6	Computer Virus Protection Concept	X	X	X	X	X
3.7	Crypto Concept	(X)	(X)	(X)	(X)	(X)
3.8	Handling of Security Incidents	(X)	(X)	(X)	(X)	(X)
4.1	Buildings	X	X	X	X	X
4.2	Cabling	X	X	X	X	X
4.3.1	Offices		X
4.3.2	Server Rooms	X		X	X	X
4.3.3	Storage Media Archives
4.3.4	Technical Infrastructure Rooms
4.4	Protective Cabinets	X1	X1	X1	X1	X1
4.5	Working Place At Home (Telecommuting)
5.1	DOS PC (Single User)		(X)
5.2	UNIX System		(X)
5.3	Laptop PC		(X)
5.4	PCs With a Non-Constant User Population		(X)
5.5	PC under Windows NT		(X)
5.6	PC with Windows 95		(X)
5.99	Stand-Alone IT Systems Generally		(X)
6.1	Server-Supported Network	X		X	X	X
6.2	UNIX Server	X
6.3	Peer-to-Peer Network		X
6.4	Windows NT Network			X
6.5	Novell Netware 3.x				X
6.6	Novell Netware 4.x					X
6.7	Heterogeneous Networks	X	X	X	X	X
6.8	Network and System Management
7.1	Exchange of Data Media
7.2	Modem
7.3	Firewall
7.4	E-Mail
7.5	WWW Server	(X)		(X)	(X)	(X)
7.6	Remote Access
8.1	Telecommunications System (Private Branch Exchange, PBX)
8.2	Fax Machine
8.3	Answering Machine
8.4	LAN connection over ISDN
8.5	Fax Servers	(X)		(X)	(X)	(X)
8.6	Mobile Telephones
9.1	Standard Software	X	X	X	X	X
9.2	Databases	(X)		(X)	(X)	(X)
9.3	Telecommuting

	IT Systems	Communication System
	Module	Firewall	Private Branch Exchange	Fax Machine	Answer-phone	Fax Servers
3.0	IT Security Management	X	X	X	X	X
3.1	Organisation	X	X	X	X	X
3.2	Personnel	X	X	X	X	X
3.3	Contingency Planning Concept	(X)	(X)	(X)	(X)	(X)
3.4	Data Backup Policy	X	X	X	X	X
3.6	Computer Virus Protection Concept	X	X	X	X	X
3.7	Crypto Concept	(X)	(X)	(X)	(X)	(X)
3.8	Handling of Security Incidents	(X)	(X)	(X)	(X)	(X)
4.1	Buildings	X	X	X	X	X
4.2	Cabling	X	X	X	X	X
4.3.1	Offices			X	X
4.3.2	Server Rooms	X	X			X
4.3.3	Storage Media Archives
4.3.4	Technical Infrastructure Rooms
4.4	Protective Cabinets	X1	X1			X1
4.5	Working Place At Home (Telecommuting)
5.1	DOS PC (Single User)
5.2	UNIX System
5.3	Laptop PC
5.4	PCs With a Non-Constant User Population
5.5	PC under Windows NT
5.6	PC with Windows 95
5.99	Stand-Alone IT Systems Generally
6.1	Server-Supported Network	X				X
6.2	UNIX Server	(X)				(X)
6.3	Peer-to-Peer Network
6.4	Windows NT Network	(X)				(X)
6.5	Novell Netware 3.x	(X)				(X)
6.6	Novell Netware 4.x	(X)				(X)
6.7	Heterogeneous Networks	X				X
6.8	Network and System Management
7.1	Exchange of Data Media
7.2	Modem
7.3	Firewall	X
7.4	E-Mail
7.5	WWW Server
7.6	Remote Access
8.1	Telecommunications System (Private Branch Exchange, PBX)		X
8.2	Fax Machine			X
8.3	Answering Machine				X
8.4	LAN connection over ISDN
8.5	Fax Servers					X
8.6	Mobile Telephones
9.1	Standard Software	X				X
9.2	Databases
9.3	Telecommuting

last update:
July 2001

home