Data Processing Equipment Security. Establishes the security requirements that all peripheral data processing equipment or related equipment must meet.

Applies to:
o Electronic data processing machines, portable computers (laptops, notebooks, palmtops), microcomputers, personal systems, personal computers, personal computers, network terminals (PC-net), servers, or equivalent devices that also meet the following two characteristics:

• They are uniprocessors.

• They use BUS-AT (ISA), or EISA, or MCA, or NUBUS, or BIOS, or PCI, or PCMI, or PMCIA technology, in all their current, future, or derivative versions, as their main operating bus.

o Peripherals associated with the machines indicated in section a) of this paragraph, such as printers, graphics processors, external disk drives, external tape drives, digitizing tablets, image digitizers, optical readers, monitors, and terminals.

o Equipment used for electronic communication between data processing equipment and peripheral devices, local area networks (LANs), such as hubs, protocol converters, or routers, etc., designed to handle a single technology with a data bus no larger than 100 MB, or that has any of the following characteristics:

• Not modular;

• Not easy to program.