Network access control

Objective: To prevent unauthorised access to networked services

Access to both internal and external networked services should be controlled.

Policy on use of network services

Users should only be provided with direct access to the services that they have been specifically authorised to use.

User authentication for external connections

Connections by remote users via public (or non-organisational) networks should be authenticated.

Equipment identification in networks

Automatic terminal identification should be considered to authenticate connections to specific locations and to portable equipment if appropriate and available.

Remote diagnostic and configuration port protection

Access to diagnostic and configuration ports should be securely controlled.

Segregation in networks

Large networks may require to be divided into separate domains.

Network connection control

The connection capability of users may need to be controlled to support the access control policy requirements of certain business applications.

Network routing control

Shared networks may require network routing controls.

An Introduction To Information, Network and Internet Security
Network access control Objective: To prevent unauthorised access to networked services Access to both internal and external networked services should be controlled. Policy on use of network services Users should only be provided with direct access to the services that they have been specifically authorised to use. User authentication for external connections Connections by remote users via public (or non-organisational) networks should be authenticated. Equipment identification in networks Automatic terminal identification should be considered to authenticate connections to specific locations and to portable equipment if appropriate and available. Remote diagnostic and configuration port protection Access to diagnostic and configuration ports should be securely controlled. Segregation in networks Large networks may require to be divided into separate domains. Network connection control The connection capability of users may need to be controlled to support the access control policy requirements of certain business applications. Network routing control Shared networks may require network routing controls.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security