RFC 3871           Operational Security Requirements      September 2004

2.13.  Layer 2 Devices Must Meet Higher Layer Requirements

   Requirement.

      If a device provides layer 2 services that are dependent on layer

      3 or greater services, then the portions that operate at or above

      layer 3 MUST conform to the requirements listed in this document.

   Justification.

      All layer 3 devices have similar security needs and should be

      subject to similar requirements.

   Examples.

      Signaling protocols required for layer 2 switching may exchange

      information with other devices using layer 3 communications.  In

      such cases, the device must provide a secure layer 3 facility.

      Also, if higher layer capabilities (say, SSH or SNMP) are used to

      manage a layer 2 device, then the rest of the requirements in this

      document apply to those capabilities.

   Warnings.

      None.

2.14.  Security Features Must Not Cause Operational Problems

   Requirement.

      The use of security features specified by the requirements in this

      document SHOULD NOT cause severe operational problems.

   Justification.

      Security features which cause operational problems are not useful

      and may leave the operator with no mechanism for enforcing

      appropriate policy.

   Examples.

      Some examples of severe operational problems include:

      *  The device crashes.

      *  The device becomes unmanageable.

      *  Data is lost.

Jones                        Informational                     [Page 65]