RFC 3871           Operational Security Requirements      September 2004

2.4.4.  'CLI' Supports Idle Session Timeout

   Requirement.

      The command line interface (CLI) or equivalent mechanism MUST

      support a configurable idle timeout value.

   Justification.

      Network administrators go to lunch.  They leave themselves logged

      in with administrative privileges.  They forget to use screen 

      savers with password protection.  They do this while at

      conferences and in other public places.  This behavior presents

      opportunity for unauthorized access.  Idle timeouts reduce the

      window of exposure.

   Examples.

      The CLI may provide a configuration command that allows an idle

      timeout to be set.  If the operator does not enter commands for

      that amount of time, the login session will be automatically

      terminated.

   Warnings.

      None.

2.4.5.  Support Software Installation

   Requirement.

      The device MUST provide a means to install new software versions.

      It MUST be possible to install new software while the device is

      disconnected from all public IP networks.  This MUST NOT rely on

      previous installation and/or configuration.  While new software

      MAY be loaded from writable media (disk, flash, etc.), the

      capability to load new software MUST depend only on non writable

      media (ROM, etc.).  The installation procedures SHOULD support

      mechanisms to ensure reliability and integrity of data transfers.

   Justification.

   *  Vulnerabilities are often discovered in the base software

      (operating systems, etc.) shipped by vendors.  Often mitigation of

      the risk presented by these vulnerabilities can only be

      accomplished by updates to the vendor supplied software (e.g., bug

Jones                        Informational                     [Page 25]