A.9.4.2 Secure Log-on Procedures

Illustrative Controls and TIBCO LogLogic Solution

Encrypt all non-console administrative access. Use technologies such as SSH, VPN, or SSL/TLS for web-based management and other non-console administrative access. All remote management connections must be encrypted to avoid any opportunity for intruders to gain access to the IT infrastructure. To do so, technologies such as SSH (generally port 22/tcp), SSL (generally port 443/tcp) and VPN (SSL or IPsec) must be used.

If non-standard ports are used with these protocols, the justification for the non-standard ports must also be documented. Administrators must review all traffics that are not SSH, SSL, or VPN to ensure that they are necessary, approved and documented. Administrators must set up network policy alerts to detect any unauthorized traffic passing through the firewalls.

Reports and Filter Bloks

Use the following link or reference to see the A.9.4.2 reports and filter bloks: TIBCO LogLogic Reports and Filter Bloks for ISO/IEC 27002.