BUILDBOOK is a digital handbook and reference guide for use by ITPROSEC staff during all phases of the design process. A build book is a much more sequential document than a run book; it is designed to be followed step by step. Once the work in the build book is complete, the procedures in the run book can be used to bring the system up and keep it running smoothly.
Table of Contents
1.2 Product Manager, Contact Person. 2
1.3 Subsystems of the Application. 2
1.4 Brief description of the Product 2
2 Summary of Security Requirements. 3
2.3 Material/Financial Damage. 3
3.3 Purpose and Function of the System.. 4
3.4 Deployed Hardware & Software. 4
4 System Design and Implementation. 4
4.1 Approved Scope of Operation. 4
4.4 System Internal Interfaces. 5
4.8 User Administration & Access Rights. 6
4.8.1 Legal & regulatory Conditions. 6
5.2 Processes based on this Product 7
6.2 Updates & Patch-Management 7
6.10 Related SLA´s and Services. 9
6.11 Contact Persons & Call Management 9
Table of Contents
1 General Information
1.1 Product
[Mandatory]
Product Name: <Vendor, Model, Version>
Approved at: <date>
Approved by: <name>
1.2 Product Manager, Contact Person
[Mandatory]
Product Manager: <name>
Additional contact person: <name>
External Partners: <company, contact person>
1.3 Subsystems of the Application
[Only if applicable] Description of subsystems of the application, e.g. realized services based on the system: Intrusion Prevention System as subsystem of a firewall.
1.4 Brief description of the Product
[Mandatory] A short overview of the product and its features.
2 Summary of Security Requirements
2.1 Security Requirements
[Mandatory] The security requirements of an application are derived from the potential damage that can occur if the confidentiality, integrity or availability of the application or data processed is affected.
| Objective | no damage | minor | major | high |
| confidentiality | X | |||
| integrity | X | |||
| availability | X |
2.2 Immaterial Damage
[Mandatory] Please classify the potential immaterial damage with respect to confidentiality, integrity and availability.
| Immaterial Damage | no damage | minor | major | high | |
| confidentiality | X | ||||
| integrity | X | ||||
|
availability
System unavailable for… | 10 min | X | |||
| 1 hour | X | ||||
| 6 hours | X | ||||
| 1 day | X | ||||
| 1 week | X |
2.3 Material/Financial Damage
[Mandatory] Please classify the potential material damage with respect to confidentiality, integrity and availability.
| Damage (EURO) | 0-50T | 50-200T | 200T-1mio | >1mio | |
| confidentiality | X | ||||
| integrity | X | ||||
|
availability
System unavailable for… | 10 min | X | |||
| 1 hour | X | ||||
| 6 hours | X | ||||
| 1 day | X | ||||
| 1 week | X |
3 System Overview
3.1 Product Description
[Mandatory] Detailed description of the product and its features. Describe possible fields of application.
3.2 Architecture
[Mandatory] Describe the architecture of the system, e.g. distribution of the components, separation of management, et cetera. Additionally supply a graphical overview of the architecture (conceptional).
3.3 Purpose and Function of the System
[Mandatory] Contrary to the Product Description describe here the concrete operation purpose of the product within the company. What are the desired goals by using this product? What kind of usage is intended? Local, regional or global?
3.4 Deployed Hardware & Software
[Mandatory] List all deployed hardware and software (incl. versions).
| Product | (Firmware-)Version |
4 System Design and Implementation
4.1 Approved Scope of Operation
[Mandatory] Which features of the product are approved for usage?
4.2 Network Plan
[Mandatory] Insert a detailed network plan. It must be sufficient for people, who know neither the product nor the environment in which it is deployed. Therefore networks and IP-addresses must be available.
4.3 Dependencies
[If applicable] Are there any dependencies, e.g. specific software- or OS-versions, Patch-levels, etc.?
4.4 System Internal Interfaces
[Mandatory] What internal communications are there?
| Source | Destination | Protocol | Port(s) | Service | Description |
4.5 External Interfaces
[Mandatory] Which services are reachable by other systems (e.g. Admin-Client needs to connect to the management console)? Describe, to which systems the application must talk, including destinations, protocols and ports (LDAP, NTP, …).
| Source | Destination | Protocol | Port(s) | Service | Description |
4.6 Authentication
[Mandatory] What kind of authentication is used? Describe the process and variations, also regarding security issues.
4.7 Authorization
[Mandatory] Describe the authorization.
4.8 User Administration & Access Rights
[Mandatory] How does the user administration work? How are access rights assigned? Is there a local or centralized user management?
4.8.1 Legal & regulatory Conditions
[If applicable] Are there any legal or regulatory conditions to meet, so that a user is allowed to use the application or service? What processes must be adhered?
4.8.2 Roles & Users
[Mandatory] Describe the defined roles and users (e.g. Administrators, Operators, Auditor,…). Are there any restrictions or requirements for some roles (see Legal & regulatory Conditions)?
4.8.3 Technical Users
[If applicable] Which technical users are defined and what roles do they have? For what and in which way are they used?
4.9 Configuration
[Mandatory] Insert the complete relevant configuration of the service, application or system, including the initial configuration (e.g. for appliances). Consider that in case of emergency also a person not knowing the product must be able to find and handle the configuration.
Please describe your configuration in a few words, so that the intent of the configuration section is clear.
5 Processes
5.1 Dependent Processes
[Mandatory] What processes are required in order to run the system without problems?
5.2 Processes based on this Product
[Mandatory] Are there e.g. business processes based on the system or service? Are there any dependencies which will not work in case of a failure?
6 System Operation
6.1 Regular Maintenance
[If applicable] How is the system normally managed? Are there any regular tasks or cronjobs?
6.2 Updates & Patch-Management
[Mandatory] Describe the update- and patch-management (regularity [e.g. pattern-updates], security patches, firmware-updates,…). What prerequisites must be fulfilled? How does the update-process work? If using high availability, describe how to update the cluster (e.g. disable cluster, manual failover, etc.). Also describe a rollback.
6.3 High Availability
[If applicable] In case of a high availability system, describe the HA-mode (e.g. active/passive). Also describe failover mechanism and triggers. Insert a detailed description for triggering a manual failover.
6.4 Monitoring & Reporting
[Mandatory] What kind of monitoring is implemented (e.g. network or service reachability, etc.)? Is there any integrity control? What kinds of failures or attacks can be recognized? Are reporting mechanisms used, e.g. for compliant issues?
6.5 Logging
[Mandatory] Describe the logging of the product. Where are the logs located (e.g. local, central syslog-server, …)? How long are the logs preserved and are the logs archived? Also describe whether the logs are used for compliance-analysis? What regulations are applied?
6.6 Backup & Archiving
[Mandatory] Describe the Backup process. How does it work? What kind of data is backed up? How long is data being archived?
6.7 Troubleshooting
[Mandatory] Describe how to do basic troubleshooting. What tools should be used and in what way? How can debug-output be activated? Where are additional logs stored? Are there common errors (errors, which might occur more probably than others)? How can those failures be resolved?
6.8 Recovery
[Mandatory] What is to do in case of emergency or failures? Please think about possible scenarios and an according recovery. Is there a fallback-config available? How to reset to factory defaults? What are the default credentials? What to do in case of lost password?
6.9 Vendor Contracts
[If applicable] What kind of maintenance contracts, licenses, etc. are in effect?
6.10 Related SLA´s and Services
[Mandatory] Describe SLA’s and coherences to other systems.
6.11 Contact Persons & Call Management
[Mandatory] Name the persons and contact details, which are responsible for the product or can help in case of emergencies. Insert details how to reach the vendor respectively support engineers of the vendor. Similarly insert a little howto for opening calls at the vendor (e.g. by using the provided support-sites and designated accounts).
7 References
[If applicable] Links to used references
