@@ -141,6 +141,10 @@ Products not in scope include:
* products whose primary purpose is not that of a network interface
* switches, routers, and standalone modems
* cables connected to network interfaces
* software or hardware changes/upgrades not shipped by the manufacturer
XXX a network interface with a USB connection?
FIXME more
@@ -224,53 +228,90 @@ _Create a list of representative use cases, each one representing a different th
Wired interfaces in use in a:
Low:
1. Enterprise device in internal data center
* professional physical security
* professional administration
* highly filtered network traffic
1. Home lab device
* semi-pro physical security
* semi-pro administration
* may be exposed to entire internet
Medium:
1. Enterprise edge device or internet infrastructure
* professional physical security
* professional administration
* exposed to entire internet
1. Enterprise worker device
* some professional physical security
* professional administration
* sometimes exposed to entire internet
1. Stationary home device
* some physical security
* no administration
* highly filtered network traffic
1. Home lab device
* semi-pro physical security
* semi-pro administration
* may be exposed to entire internet
High:
1. Stationary public device
* no physical security
* little to no administration
* probably exposed to entire internet
Very high:
1. Mobile personal device (including laptops)
*some physical security
*often no physical security
* no administration
*sometimes exposed to entire internet
*often exposed to entire internet
Wireless interfaces:
* In a public area (watch, phone)
* In a home (still accessable by public in most cases)
* In a restricted area
* In a workplace (semi-restricted)
Low:
1. Enterprise use in a restricted area
Medium:
1. Home personal device (IoT, stationary personal computer)
1. Workplace
High:
1. Public infrastructure (public wifi hubs)
Very high:
1. Mobile personal device (laptop, watch, phone)
Virtual interfaces
* VPN
* tunnel of some sort
* container/virtualization
FIXME more use cases
Low:
1. Communication between host OS and hypervisor/container
1. Software development
Medium:
Operational environment is a component of use cases
Use case is another dimension
May be a source of conditionality
NIS2 may apply
1. Provide a tunnel to an application or driver
High:
1. Provide a tunnel to an external host
Very high:
1. Filtering/firewalls
## 4.4 Security levels
_List the security levels and the use cases that correspond to them._
See previous section.
## 4.5 Essential functions
_List the essential functions of the product, including:_
@@ -279,6 +320,7 @@ _List the essential functions of the product, including:_
* _How its functions are configured_
* _How it keeps itself secure and functioning_
* Bridge host memory and the network
* Receive and transmit data on network
* Read/write data to host memory
* Send commands/data to host hardware (wake on LAN)
@@ -286,16 +328,6 @@ _List the essential functions of the product, including:_
* Update firmware
* Offload of segmentation
Proposal for modem definition: translates from one physical medium to another? More integrated, is part of a larger network interface product but not the point.
Example: the old fashioned computer modem - just an interface -that would be us?
cable modem would be switches etc?
parts of an interface? how complete? what about antenna? what about interface?
Yes an interface: https://www.microchip.com/en-us/development-tool/ev68g27a
