S 2.143 Development of a network management concept

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

The diversity of IT systems grouped in a local network, such as server systems, terminal devices, printers, active network components etc. should be capable of being managed and monitored centrally from a suitable point. Preference should be given to central instead of decentral management of network components, as the former approach requires a lower administrative effort and allows central definition and control of security requirements. Central network management is primarily used to ensure the availability and integrity of the network, as well as the integrity and confidentiality of the transmitted data. This is a very complex task which needs to be supported through the use of a network management tool.

Before such a network management system is procured and put into operation, it is first necessary to prepare a concept which formulates all security requirements for the network management system and proposes appropriate measures to be implemented on the occurrence of an error or alarm. During the preparation of this concept, the following aspects of network management should be considered in particular and represented in a global context.

• Performance measurements for network analysis (refer to S 2.140 Analysis of the existing network environment)

• Responses to error messages from the monitored network components

• Remote maintenance / remote control, particularly of active network components

• Generation of trouble tickets and escalation on the occurrence of network problems (links with the system management and user helpdesk or external message communicators such as pagers and facsimile machines can be established via this feature).

• Logging and auditing (online and/or offline)

• Integration of any existing proprietary systems, or systems with different management protocols (e.g. in the area of telecommunications)

• Configuration management of all IT systems in use (also refer to. S 4.82 Secure configuration of active network components)

• Distributed access to network management functions. Remote access to network management functions might be necessary for administration or auditing; a particularly careful definition and allocation of access rights is necessary here.

The specific requirements to be fulfilled by a network management tool are described in S 2.145 Requirements for a network management tool. The management tool must allow the implementation of the network management concept.

Additional controls:

• Have all the security requirements for network management been formulated and documented?