Prevent Unauthorised Access to Network Traffic
Security measures are in place to ensure that only authorised users can access network management systems.
Plain language
This control is about making sure only the right people can access and control your network systems. Imagine if someone unwanted got into your network - they could steal data, disrupt services, or even take over your systems. This control helps prevent that by keeping unauthorised users out of your network management areas.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Aug 2018
Control Stack last updated
18 May 2026
E8 maturity levels
N/A
Guideline
Guidelines for networkingSection
Network design and configurationOfficial control statement
Security measures are implemented to prevent unauthorised access to network management traffic.
Why it matters
If network management traffic is accessed by unauthorised parties, attackers can capture credentials, alter configurations, and take control of network devices.
Operational notes
Encrypt network management traffic (e.g., SSH/SNMPv3/TLS), restrict admin access, and log/alert on unauthorised attempts to management interfaces.
Implementation tips
- Managers should ensure that only authorised staff are on the list of those allowed to access network management systems. They can do this by working with the IT team to identify and review all individuals who currently have access, making sure these people should indeed have it, and updating the list regularly.
- The IT team should implement strong passwords and regular password changes for anyone accessing network management systems. This can be done by setting password policies in the system that require a mix of letters, numbers, and symbols, and prompting users to update their passwords every few months.
- System owners should work with the IT team to set up network segmentation. This means dividing the network into smaller parts so that if one area is compromised, the rest remains safe. They can achieve this by creating sub-networks or using virtual local area networks (VLANs) to isolate network management traffic.
- The IT team should establish logging and monitoring of all access to network management systems. This involves setting up software that records who accesses what and when, and reviewing these logs regularly for any unusual behaviour.
- Managers should ensure ongoing staff training on the importance of network security. They can organise regular workshops or online courses to teach employees about security best practices, reminding them of the dangers of unauthorised access and how to prevent it.
Audit / evidence tips
- AskThe list of authorised users who can access network management systems: Verify its existence and whether it’s up to date GoodIncludes a current list with evidence of regular updates
- AskEvidence of password policy enforcement: Request documentation showing how strong passwords are mandated and changed regularly GoodShows a robust password policy applied across all users
- AskNetwork diagrams that show segmentation: Verify if the network is divided into segments to restrict access GoodIncludes a clearly segmented network with restricted access to sensitive areas
- AskTo see recent access logs for network management systems: Request details on how access is tracked and audited GoodShows comprehensive logs with no unexplained anomalies
- AskAbout staff training records: Request documentation or a schedule that shows when staff were last trained on network security GoodIncludes recent and recurring training sessions, with broad staff participation
Cross-framework mappings
How ISM-1006 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| Annex A 5.15 | ISM-1006 requires security measures to prevent unauthorised access to network management traffic | |
| Annex A 8.3 | ISM-1006 requires security measures to prevent unauthorised access to network management traffic | |
| sync_alt Partially overlaps (1) expand_less | ||
| Annex A 6.7 | ISM-1006 requires security measures to prevent unauthorised access to network management traffic | |
| link Related (1) expand_less | ||
| Annex A 8.20 | Annex A 8.20 requires networks and network devices to be secured and controlled, including protection of administrative and management pl... | |
E8
| Control | Notes | Details |
|---|---|---|
| handshake Supports (1) expand_less | ||
| E8-RA-ML3.3 | ISM-1006 requires security measures to prevent unauthorised access to network management traffic | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.