S 4.61 Use of security mechanisms offered by ISDN components

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

If ISDN cards with security functions such as those listed below have been procured for the IT system or router in accordance with S 2.106 Purchase of suitable ISDN cards, they should be used in an appropriate manner as described in S 5.46 Authentication via CLIP/COLP, S 5.47 Callback based on CLIP/COLP, S 5.48 Authentication via PAP/CHAP and S 4.34 Use of encryption, checksums and digital signatures:

• Capability to perform authentication via PAP and CHAP (Password Authentication Protocol and Challenge Handshake Authentication Protocol, RFC 1994)

• Use of a hardware or software-based encryption techniques (symmetric/asymmetric)

• Possibility of evaluating CLIP (Calling Line Identification Presentation) call numbers for the purpose of authentication

• Possibility of maintaining a table of call numbers for performing callbacks

• Possibility of logging unsuccessful attempts at establishing links (refusal due to incorrect authentication of call numbers or PAP/CHAP)

A prerequisite here is that all communications partners should be in possession of ISDN cards equipped with security functions which are identical to the greatest possible extent.