Secure the router configurations against unauthorized changes.

UCF ID: 00541
Control Type: Configuration
Status: Live

Supporting and supported controls

This control directly supports:

    Establish and maintain a standard and procedure for firewall design and configuration practices. [UCF Control ID 00544]

There are no supporting controls.

Authority documents complied with:

FFIEC IT Examination Handbook – Audit, August 2003, Exam Tier II Obj D.1; FFIEC IT Examination Handbook – Information Security, Exam Tier II Obj B.10; The Standard of Good Practice for Information Security, NW2.1.4; OECD / World Bank Technology Risk Checklist, Version 7.3, § V.16

Banking and Finance Guidance

[Exam Tier II Obj D.1, FFIEC IT Examination Handbook – Audit, August 2003]

[Exam Tier II Obj B.10, FFIEC IT Examination Handbook – Information Security]

General Guidance

Routers should verify the source and destination of routing updates and protect routing information by encrypting it in order to prevent unauthorized or incorrect updates. [NW2.1.4, The Standard of Good Practice for Information Security]

EU Guidance

Access to the management of interfaces of routers must be secured. [§ V.16, OECD / World Bank Technology Risk Checklist, Version 7.3]

Metrics

The metrics associated with this control are as follows:

    Report on the percentage of systems for which approved configuration settings have been implemented as required by policy. [UCF Control ID 02097]
    Report on the percentage of systems with configurations that do not deviate from approved standards. [UCF Control ID 02098]

Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.