Memory in network devices is sanitised using the following processes, in order of preference: • following device-specific guidance provided in evaluation documentation • following vendor sanitisation guidance • loading a dummy configuration file, performing a factory reset and then reinstalling firmware."
Topic
Sanitising network devices
Applicable to
all
History
Priority
must
Dec 2021
Memory in network devices is sanitised using the following processes, in order of preference:
• following device-specific guidance provided in evaluation documentation
• following vendor sanitisation guidance
• loading a dummy configuration file, performing a factory reset and then reinstalling firmware.
Miscellaneous changes were made to rationale and security controls throughout the publication. This included:
• A review from the Using the Information Security Manual chapter through to the Guidelines for Media chapter.
• Security controls suitable for all audiences have been identified with the ‘All’ applicability marking while additional security controls suitable for just government audiences have been identified with the O, P, S and TS applicability markings.
• Security controls suitable for specific classifications have been amended to include their classification(s) in the wording of the security controls to reduce the reliance on applicability markings to confer suitability.
• Tables in security controls have been converted into prose to allow for inclusion in the SSP annex template and the XML list of security controls.
• The use of ‘official’ and ‘highly classified’ terminology has been replaced with specific classifications to remove ambiguity.
• Security controls relating to high assurance ICT equipment have had their applicability narrowed to ‘S, TS’ reflecting that they are intended for the protection of SECRET and TOP SECRET systems and data.
Nov 2019
Memory in network devices is sanitised using the following processes, in order of preference:
§ following device-specific guidance provided by the ACSC
§ following vendor sanitisation guidance
§ loading a dummy configuration file, performing a factory reset and then reinstalling firmware.
Modification of security control 1223 to articulate a more secure process for sanitising network devices in the absence of ACSC or vendor-specific guidance.
Oct 2019
Memory in network devices is sanitised using the following processes, in order of preference:
§ following device-specific guidance provided by the ACSC
§ following vendor sanitisation guidance
§ if guidance is unavailable, performing a full reset and loading of a dummy configuration file.
Mar 2019
Memory in network devices is sanitised using the following processes, in order of preference:
§ following device-specific guidance provided by the ACSC
§ following vendor sanitisation guidance
§ if guidance is unavailable, performing a full reset and loading of a dummy configuration file.
Security control 1223 was modified to remove duplicate guidance within the security control.
Feb 2019
Memory in network devices is sanitised using the following processes, in order of preference:
§ following consumer guides from the ACSC’s Evaluated Products List
§ following device-specific advice produced by the ACSC
§ following vendor sanitisation guidance
§ if guidance is unavailable, performing a full reset and loading of a dummy configuration file.
2015
To sanitise network devices, agencies must sanitise the memory according to any availableguidance provided by ASD or vendors. Agencies should use available guidance in the order ofpreference below:• ASD EPL Consumer Guide• any other ASD advice specific to the device• vendor sanitisation guidance• if guidance is unavailable, perform a full reset and loading of a dummy configuration file.