T 3.34 Unsuitable configuration of the management system

In order to securely use a network and/or system management system, a consistent configuration of all components involved is required. The individual components are normally administrated by a central instance (management console), but the management system consists of many individual components distributed to the network components to be administrated. A consistent configuration of such a system can be divided into two areas:

• On the one hand, the configurations of the system components (e.g. computer, router) set with the help of the management system must be consistent as a whole. Therefore, a server may be configured in such a way that all authorised client machines, but also only these machines, may access the server.
• On the other hand, the management software itself must be configured consistently as well.

If the consistency of the configurations is violated deliberately or accidentally, the components no longer cooperate smoothly, which may result in security problems. For example, a server could be no longer available or access rights may be set too liberally.