There is a big change happening in India’s telecom security. The Department of Telecommunications (DoT) runs the National Centre for Communication Security (NCCS). They have officially released the updated Indian Telecom Security Assurance Requirements (ITSAR) for IP Routers, which are now called ITSAR201012512, Version 2.0.0.
This release replaces the older 2018 and 2024 versions, setting a new, higher benchmark for every IP router used across telecom and enterprise networks in India.
Why Is This Update Important?
As networks develop more complicated and connect to the cloud, routers are becoming more and more popular targets for cyber attacks. The new ITSAR 2.0 isn’t just a small change; it’s a complete redesign meant to keep India’s digital infrastructure safe. It makes sure that every piece of gear, from the heart of a telecom network to a tiny business branch, is “secure by design.”
Key Highlights of ITSAR 2.0 (Version 2.0.0)
The updated requirements focus on six critical areas that manufacturers (OEMs) and importers must address:
- Strict Access Controls: The new rule says that both user and machine accounts must employ multi-factor authentication (MFA). It also stops “root” access from a distance to stop unauthorized changes at a high level.
- Strong Password Policies: “admin123” is no longer allowed. Routers must now require passwords that are at least 8 characters long and have a variety of kinds, as well as automatic lockout procedures for accounts that aren’t used.
- Firmware Integrity: OEMs must make sure that every software update is signed with a cryptographic key. This stops “backdoor” entry and makes sure that no harmful code is added during a normal update.
- No Vulnerable Protocols: We don’t support legacy and unsafe services like Telnet, FTP, and SNMPv1/v2 anymore. Now, the main thing is safe, secured communication, such SSH and HTTPS.
- Enhanced Logging: Routers now have to save audit logs in local storage for at least two days. These logs must be safe from tampering, which means that even an administrator can’t erase them.
- Advanced Traffic Defense: To keep network traffic flowing efficiently and safely, the standards include special defenses against DDoS attacks, BGP hijacking, and ARP poisoning.
Who Does This Affect?
The ITSAR 2.0 applies to a wide range of deployment modes, including:
- Edge & Core Routers
- Access & Aggregation Routers
- MPLS Routers
- Modern SDN & Cloud-Native Network Functions (CNF/VNF)
Compliance Deadlines
The new standard goes into effect on December 1, 2025, but the government has given people time to get used to it. The current exemption for Wi-Fi CPE and IP routers that are used in the cloud has been extended until March 31, 2026. But stakeholders are strongly encouraged to start the certification process as soon as possible to avoid problems at the last minute.
How Instacertify Can Help
It can be hard to figure out how to get NCCS and MTCTE certification. The criteria are strict, ranging from writing technical documents and vulnerability assessments to working with NCCS-approved labs.
We make it easier for you to comply at Instacertify. You can focus on your business while our professionals keep up with these changes in the law. Now is the time for manufacturers and importers of IP routers to check the security architecture of their products against the new ITSAR 2.0.
Need help getting your NCCS Security Certification? [Get in touch with our experts today] for a free consultation to make sure your products meet India’s most recent security regulations.
