Commit 6d1f5008 authored by Santeri Toikka's avatar Santeri Toikka
Browse files

Expanded network segmentation requirements

Closes #315, #439
parent b7e171c7
Loading
Loading
Loading
Loading
+30 −2
Original line number Diff line number Diff line
@@ -199,9 +199,37 @@ This document focuses on defining the expected outcomes of the chosen mechanisms
The best practise is to use dedicated network segment for network management and control traffic.
Management traffic can be configuration updates, encryption keys, software updates, and others alike.

* **[REQ-NETWORK-1]** Network segmentation shall be used where applicable.
With segmentation, protection of management traffic is dependent on:

<mark>Editor's note: TODO: this should need to be coupled with Operative environment chapter or with general requirements.</mark>
* capabilities the product
* deployment assumptions
* the operational environment capabilities

This is often implemented with:

* supporting more than one interface for the workload
* dedicated RFC1918 subnets for the traffic
* protecting the subnet from rogue actors
* deployment guidance
* product architecture

Many of the items above are operational environment requirements, and often product user's responsibility to implement correctly.
Using segmentation makes it easier to detect undesried traffic in the management network.
It limits the attack surface from other connected networks, but it does not remove integrity, confidentiality and authentication requirements.

Management traffic in this context refers to command and control instructions, that changes the system operation or the managed network element operation.

Low:

* **[REQ-NETWORK-1a]** Network segmentation shall be used where applicable.

Medium:

* **[REQ-NETWORK-1b]** Available interfaces shall accept traffic only from reasonably limited known sources.

High:

* **[REQ-NETWORK-1c]** Available interfaces shall accept traffic only from a dedicated virtually or physically connected subnet.

### 5.2.4 State-of-the-art cryptographic libraries