S 2.107 Documentation of the configuration of ISDN cards

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

The possibilities of configuring an ISDN card in accordance with the area of application involved are almost endless. To ensure proper re-starting (e.g. following a replacement of the ISDN card or the related communications software), it is advisable to document at least the following settings:

• Type and serial number of the card in use

• Call number(s) for establishing communications links and performing any authentication required

• D-channel protocol in use (1TR6, EDSS-1 etc.)

• B-channel protocol in use (X.25, PPP, TCP/IP, bit transparent etc.),

• CAPI version in use

• Version of the driver software in use

• Type of data compression, if used

• Type of authentication (e.g. PAP/CHAP), if used

In the case of authentication procedures which involve a mutual maintenance of secrecy (e.g. through the use of a password), the secret can also be documented. However, this documentation must only be made available to a small circle of persons, to avoid unwanted disclosure of the secret.

Additional controls:

• Are passwords described in the documentation? Is the documentation kept in a secure place?