WoWi Approval Service Inc. - Providing World Wide Approval Services for you

NORTH AMERICA

SOUTH AMERICA

ASIA PACIFIC

EUROPE

MIDDLE EAST & AFRICA

Home

Brazil - Act 2436 Cyber Security requirements for CPE products

ANATEL published Act 2436 with cyber security requirements for assessing the conformity of CPE (Customer Premises Equipment). This Act is enforced on March 10, 2024. This Act establishes a set of mandatory cybersecurity requirements for CPE devices used to connect to the Internet service provider's network, such as:

a) Cable modem;

b) xDSL modem;

c) ONU, ONT;

d) Router or modem intended for fixed wireless access (FWA - Fixed Wireless Access);

e) Router or modem for fixed broadband access via satellite;

f) Wireless router or access point.

The main requirements are related to:

1) Requirements for passwords;

2) Defense requirements against unauthorized access attempts;

3) Requirements for vendors, such as requiring a Coordinated Vulnerability Disclosure Policy and policies for releasing software/ firmware updates to fix security vulnerabilities.

For more details, please find the Official link:

informacoes.anatel.gov.br/legislacao/atos-de-certificacao-de-produtos/2023/1850-ato-2436

Please feel free to contact us for more details.

2024-03-11

About Us | Global Approval | Team and Services | Contact Us | Home