GA/T 682-2007 English PDF
Basic dataStandard ID: GA/T 682-2007 (GA/T682-2007)Description (Translated English): Information security technology--Technical requirements for router security Sector / Industry: Public Security (Police) Industry Standard (Recommended) Classification of Chinese Standard: A90 Classification of International Standard: 35.040 Word Count Estimation: 16,131 Date of Issue: 2007-03-20 Date of Implementation: 2007-05-01 Quoted Standard: GB 17859-1999; GB/T 18336.1-2001 Issuing agency(ies): Ministry of Public Security Summary: This standard specifies the security functional requirements and security assurance requirements for the router. This standard is applicable to the design and implementation of the security of router products. The testing, evaluation and management of router products can also be used in reference. GA/T 682-2007: Information security technology--Technical requirements for router security---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.Information security technology - Technical requirements for router security ICS 35.040 A90 People's Republic of China Public Security Industry Standards Information Security Technology Router Security Technical Requirements Posted 2007-03-20 2007-05-01 implementation People's Republic of China Ministry of Public Security Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms, Definitions and Abbreviations 1 4 first-level security requirements 2 4.1 Security functional requirements 2 4.1.1 Discretionary Access Control 2 4.1.2 authentication 2 4.1.3 Security Management 2 4.2 Security assurance requirements 2 4.2.1 Configuration Management 2 4.2.2 Delivery and operation 2 4.2.3 Development 2 4.2.4 Guidance Document 2 4.2.5 Life Cycle Support 3 4.2.6 Test 3 5 Second Level 3 security requirements 5.1 Security functional requirements 3 5.1.1 Discretionary Access Control 3 5.1.2 authentication 3 5.1.3 Security Management 3 5.1.4 Audit 4 Protection 5.1.5 SNMP 4 5.1.6 Unicast Reverse Path Forwarding 4 5.1.7 Reliability 4 5.1.8 Route 4 Certification 5.2 Security assurance requirements 4 5.2.1 Configuration Management 4 5.2.2 Delivery and operation 4 5.2.3 Development 5 5.2.4 Guidance Document 5 5.2.5 Life Cycle Support 5 5.2.6 Test 5 5.2.7 Vulnerability Assessment 5 6 third-level security requirements 6 6.1 Security functional requirements 6 6.1.1 Discretionary Access Control 6 6.1.2 authentication 6 6.1.3 Data Protection 6 6.1.4 Security Management 6 6.1.5 Audit 6 6.1.6 SNMP protection 7 6.1.7 Unicast Reverse Path Forwarding 7 6.1.8 Remote Management Security 7 6.1.9 Reliability 7 6.1.10 Route 7 certification 6.2 Security assurance requirements 7 6.2.1 Configuration Management 7 6.2.2 Delivery and Operation 8 6.2.3 Development 8 6.2.4 Guidance Document 8 6.2.5 Life Cycle Support 8 6.2.6 Test 9 6.2.7 Vulnerability Assessment 9 9 7 Additional security features 7.1 Network Access Control 9 7.2 VPN function 9 7.3 firewall protection 9 7.4 Intrusion Detection 9 Appendix A (normative) Safety requirements for table 10 References 11ForewordThis standard and GB/T 20011-2005 "Information security technology security evaluation criteria router" and the router are related to information security Full standards, the basic difference between the two is that the former is mainly used to guide the router product safety design and implementation, which mainly applies to road Safety levels assessed by. Appendix A of this standard is an informative annex. This standard was proposed by the Ministry of Public Security Public Information Network Security Supervision Bureau. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences. The main drafters of this standard. Daiying Xia, left Xiao Dong Ho Shin.IntroductionRouters are important internetworking equipment, development of technical requirements for router security Router to product safety design and implementation Now, to ensure network security is of great significance. This standard specifies the safety level three technical requirements of the router. Security level from low to high, safety requirements progressively enhanced. This standard and GB 17859-1999 "computer information system security protection classification criteria" correspondence, the first level of Users should protect the autonomy level, corresponding to the second stage audit system protection level, third level corresponding to the security token protection level. The standard text in bold indicates a lower level does not appear or enhanced technical requirements. Information Security Technology Router Security Technical Requirements1 ScopeThis standard specifies the hierarchical security functional requirements and security assurance requirements of the router. This standard applies to the router product safety design and implementation, testing, evaluation and management of the router can also refer to the product use.2 Normative referencesThe following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard. GB 17859-1999 computer information system security protection classification criterion GB/T 18336.1-2001 Information technology - Security techniques - Evaluation criteria for IT security - Part 1. Introduction and general model 3 Terms, definitions and abbreviations 3.1 Terms and Definitions GB 17859-1999 and GB/T 18336.1-2001 and established the following terms and definitions apply to this standard. 3.1.1 Network node apparatus, working at the network layer routing algorithm determines by store and forward data flows, and have access control and security Full extension. 3.1.2 Simple Network Management Protocol (SNMP) is a set of protocols and norms, there is provided a device to collect network from the network management The method of information, but also for the device to the network management station report problems and errors provides a method. 3.1.3 Unicast Reverse Path Forwarding (URPF) obtains the source address and inbound interface of the packet, the source address as the destination address in the forwarding table lookup Source address corresponding to the interface is the incoming interface match, if not match, the source address is disguised, discard the packet. Its function is to prevent Network attacks based on source address spoofing. 3.2 Acronyms The following abbreviations apply to this standard. Access Control List ACL AccessControlList ALG ApplicationLayerGateway Application Gateway Intrusion Detection System IDS InstrusionDetectionSystem IPSec InternetProtocolSecurity Internet Protocol security MPLS Multi-ProtocolLabelSwitching Multiprotocol Label Switching ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 682-2007_English be delivered?Answer: Upon your order, we will start to translate GA/T 682-2007_English as soon as possible, and keep you informed of the progress. The lead time is typically in 9 seconds (download/delivered in 9 seconds). The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GA/T 682-2007_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 682-2007_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
