S 6.52 Regular backup of configuration data of active network components

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

Central active network components need to remain highly available because a large number of users are generally dependent upon the smooth operation of a local network. To allow operations to be resumed as quickly as possible following the occurrence of a malfunction, all the configuration data of the active network components should be backed up electronically (also refer to S 6.32 Regular data backups). In principle, such backups can be performed locally on the individual components, or via the network using a network management tool, for example. Once the data have been backed up electronically, the corresponding configurations can be restored more quickly and reliably, thus eliminating the need for time-consuming manual entries. The data can be restored automatically, for example, by means of a central network management tool, or manually by an administrator.

When backing up configuration data via the network though, it must be noted that, in contrast to a local backup, it might be possible for potential intruders to monitor the transferred data and thus obtain security-critical information on the configuration of the active network components, such as passwords, and consequently even acquire details on the overall network configuration. The Trivial File Transfer Protocol (TFTP) or Remote Copy Protocol (RCP) is generally used here; wherever possible, use should be made of RCP with authentication (refer to S 5.20 Use of the security mechanisms of rlogin, rsh and rcp). In contrast, TFTP does not offer any mechanisms for protection against unauthorised access to configuration data (also refer to S 5.21 Secure use of telnet, ftp, tftp and rexec), so that its use is not recommended.

For all backup techniques, a test is required to ascertain whether the backup was performed successfully and whether the configuration data can be restored properly. This particularly applies to backups performed via the network, because the occurrence of an error here may give rise to a situation in which restoration is no longer possible via the network.

Additional controls:

• Have the configuration data of all active network components been backed up?

• Are generated data backups being documented?

• Is the backup process in conformity with the data backup policy, where established (cf. S 6.13 Development of a data backup policy)?