@@ -199,9 +199,37 @@ This document focuses on defining the expected outcomes of the chosen mechanisms
The best practise is to use dedicated network segment for network management and control traffic.
Management traffic can be configuration updates, encryption keys, software updates, and others alike.
***[REQ-NETWORK-1]** Network segmentation shall be used where applicable.
With segmentation, protection of management traffic is dependent on:
<mark>Editor's note: TODO: this should need to be coupled with Operative environment chapter or with general requirements.</mark>
* capabilities the product
* deployment assumptions
* the operational environment capabilities
This is often implemented with:
* supporting more than one interface for the workload
* dedicated RFC1918 subnets for the traffic
* protecting the subnet from rogue actors
* deployment guidance
* product architecture
Many of the items above are operational environment requirements, and often product user's responsibility to implement correctly.
Using segmentation makes it easier to detect undesried traffic in the management network.
It limits the attack surface from other connected networks, but it does not remove integrity, confidentiality and authentication requirements.
Management traffic in this context refers to command and control instructions, that changes the system operation or the managed network element operation.
Low:
***[REQ-NETWORK-1a]** Network segmentation shall be used where applicable.
Medium:
***[REQ-NETWORK-1b]** Available interfaces shall accept traffic only from reasonably limited known sources.
High:
***[REQ-NETWORK-1c]** Available interfaces shall accept traffic only from a dedicated virtually or physically connected subnet.