S 4.60 Deactivation of ISDN router functions which are not required

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: Administrator

In addition to service functions and remote maintenance (refer to S 2.108 Relinquishment of remote maintenance of ISDN gateways), functions of the router operating systems can also result in security gaps. If the router has a Unix operating system, for example, it is possible to start a Telnet session on the router and subsequently manipulate the management information base.

Wherever possible, router functions which are not required should be deactivated, preferably by removing the related software modules. Card functions which can only be configured through parametrisation must be checked regularly to determine whether the parameter settings are still correct.

Review questions:

• Is it ensured that all ISDN router functions not required are deactivated?
• Are the correct settings of the ISDN router parameters checked regularly, and are any changes documented?