Para 3.22.45 — When government organisations use local area netwo
Original Rule Text
3.22.45 Network communication security controls are important where LANs/WANs or web-enabled systems are in use. Some important aspects to be covered by these controls are as follows:
(i) Appropriate techniques should be used to protect all sensitive information in the network.
(ii) Critical network devices such as routers, switches and modems should be protected from physical damage.
(iii) The network configuration and inventories should be documented and maintained.
(iv) Prior authorisation of the Network Administrator should be obtained for making any changes to the network configuration.
(v) The changes made in the network configuration should be documented. The threat and risk assessment of the network after changes in the network configuration should be reviewed.
(vi) The network operation should be monitored for any security irregularity. A formal procedure should be in place for identifying and resolving security problems.
#
(vii) Physical access to communications and network sites should be controlled and restricted.
(viii) Communication and network systems should be controlled and restricted to authorised individuals.
(ix) Network diagnostic tools, e.g., spectrum analyser, protocol analyser, etc. should be used on a need basis.
(x) Intelligent devices known generally as 'Firewalls' should be used to isolate an organisation's data network from any external network. Firewall devices should also be used to limit network connectivity from unauthorised use. Networks that operate at varying security levels should be isolated from each other by appropriate firewalls. The internal network of the organisation should be physically and logically isolated from the Internet and any other external connection by a firewall. All firewalls should be subjected to thorough test for vulnerability prior to being put to use and at least half-yearly thereafter. All web servers for access by Internet users should be isolated from other data and host servers.
(xi) Organisations should establish procedures for allowing connectivity of their computer network or computer system to any outside computer system or networks. The permission to connect to other networks and computer systems should be approved by the Network Administrator and documented. All unused connections and network segments should be disconnected from active networks. The computer system/personal computer or outside terminal accessing an organisation's host system must adhere to the general system security and access control guidelines. The suitability of new hardware/software, particularly the protocol compatibility, should be assessed before connecting them to the organisation's network. As far as possible, no Internet access should be allowed to the database and file servers or to servers hosting sensitive data. The level of protection for communication and network resources should be commensurate with the criticality and sensitivity of the data transmitted.
(xii) Each organisation should designate a properly trained 'Network Administrator' who will be responsible for the operation, monitoring security and functioning of the network. Appropriate follow-up of any unusual activity or pattern of access on the computer network should be investigated promptly by the Network Administrator. The system must include a mechanism for alerting him of possible breaches in security, such as unauthorised access, virus infection and hacking. Secure Network Management Systems should be implemented to monitor functioning of the computer network. Broadcast of network traffic should be minimized. Only authorised and legal software should be used on the network. Service Continuity Planning
What This Means
When government organisations use local area networks (LANs), wide area networks (WANs), or web-enabled systems, they must implement comprehensive network communication security controls. These cover protecting sensitive information during transmission, safeguarding network hardware, documenting network configurations, controlling changes, monitoring for security incidents, restricting physical and logical access, using firewalls, and designating a trained Network Administrator responsible for security.
This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.
Key Points
- 1Sensitive information on networks must be protected using appropriate techniques
- 2Network devices (routers, switches, modems) must be physically protected from damage
- 3Network configuration must be documented, and changes require prior authorisation from the Network Administrator
- 4Firewalls must isolate internal networks from external connections; web servers must be separated from data servers
- 5A trained Network Administrator must be designated to monitor security, investigate unusual activity, and respond to breaches
Practical Example
A regional government office connects its 50 computers through a LAN and has internet access for email. The Network Administrator maintains a documented network diagram showing all routers, switches, and connections. When a new department is added, the administrator must formally authorise the network change and update documentation. A firewall separates the internal network from the internet, and the web server hosting public information is on a separate network segment from the database server containing financial records. The administrator reviews access logs daily for any suspicious activity.
This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.
Frequently Asked Questions
Why must firewalls be tested for vulnerability regularly?▼
Why should database servers not have direct internet access?▼
What is the role of the Network Administrator in security?▼
This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.