Network access protection as an important part of information security in public authorities and administration.
The IT baseline security catalogs of BSI* represent the standard for information security and for setting up a functional IT security management system in the public administration sector. For the federal authorities it is now mandatory to setup a baseline security according to this standard.
A number of recommendations for network security are made by the BSI* in its package of measures. Hence "the installation and use of unapproved IT components should be prohibited and the compliance with this prohibition should be checked regularly (Measure M 2.216)". Thus the introduction of unauthorized and unsecure devices into the network should be effectively prevented.
- Monitoring and controlling all the devices located in the network (live asset management)
- Documenting all the accesses to the public/administration networks, even in case of diversified organizational structures
- Supporting the implementation of BSI* standards defined in the IT baseline security catalogues, the data security laws of the State (BDSG) and the local laws (LDSG) and meeting the requirements of the Basel agreement Basel II / IIIEnsuring the integrity of the network by only granting network access for the defined (internal and approved) devices
- Providing dedicated and temporary Internet access for visitors, without having to set up separate WLAN infrastructures for employees and guests
- Protecting the administrative IT system from attacks on sensitive and personal data
- Supporting the implementation of the Green IT initiative of the State by saving energy costs at the PC workplace
*BSI: Bundesamt für Sicherheit in der Informationstechnik = Federal Office for Information Security