GA/T 685-2007 English PDF
Basic dataStandard ID: GA/T 685-2007 (GA/T685-2007)Description (Translated English): Information security technology--Evaluation criteria for switch security Sector / Industry: Public Security (Police) Industry Standard (Recommended) Classification of Chinese Standard: A90 Classification of International Standard: 35.040 Word Count Estimation: 22,269 Date of Issue: 2007-03-20 Date of Implementation: 2007-05-01 Quoted Standard: GB 17859-1999; GB/T 18336.1-2001 Issuing agency(ies): Ministry of Public Security Summary: This standard specifies the safety assessment criteria for switches. This standard is applicable to the safety assessment of switch products according to the security level of GB 17859-1999, and the design and implementation of the security of switch products can also refer to the use. GA/T 685-2007: Information security technology--Evaluation criteria for switch security---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.Information security technology - Evaluation criteria for switch security ICS 35.040 A90 People's Republic of China Public Security Industry Standards Information security technology security evaluation criteria Switches Posted 2007-03-20 2007-05-01 implementation People's Republic of China Ministry of Public Security Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms, Definitions and Abbreviations 1 4 first-class security evaluation criteria 1 4.1 Functional safety assessment 1 4.1.1 Discretionary Access Control 1 4.1.2 authentication 2 4.1.3 Security Management 2 4.1.4 Virtual LAN division 2 4.2 3 security assurance assessment 4.2.1 Configuration Management 3 4.2.2 Delivery and operation 3 4.2.3 Development 3 4.2.4 Guidance Document 3 4.2.5 Life Cycle Support 3 4.2.6 Test 4 5 4 second level of security evaluation criteria 5.1 Security Functional Assessment 4 5.1.1 Discretionary Access Control 4 5.1.2 authentication 4 5.1.3 Security Management 5 5.1.4 Audit 6 5.1.5 division of Virtual LAN 6 5.2 assessment of security assurances 7 5.2.1 Configuration Management 7 5.2.2 Delivery and operation 7 5.2.3 Development 7 5.2.4 Guidance Document 7 5.2.5 Life Cycle Support 8 5.2.6 Test 8 5.2.7 Vulnerability Assessment 8 6 third-level security evaluation criteria 8 6.1 Security Functional Assessment 8 6.1.1 Discretionary Access Control 8 6.1.2 identification 9 6.1.3 Security Management 10 6.1.4 Audit 10 6.1.5 Virtual LAN division 11 6.2 Assessment 11 security assurances 6.2.1 Configuration Management 11 6.2.2 Delivery and operation 12 6.2.3 Development 12 6.2.4 Guidance Document 13 6.2.5 Life Cycle Support 14 6.2.6 Test 14 6.2.7 Vulnerability assessment 15 7 Additional security features 15 7.1 Network Access Control 15 7.2 Virtual Private Network features 16 7.3 firewall protection 16 7.4 Intrusion Detection 16 References 17ForewordThis standard was proposed by the Ministry of Public Security Public Information Network Security Supervision Bureau. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences. The main drafters of this standard. Daiying Xia, left Xiao Dong Ho Shin.IntroductionSwitch is important internetworking equipment, develop evaluation criteria for assessing the safety switch switches level of security to protect network Security is of great significance. This standard provides three levels of security evaluation criteria switch. Security level from low to high, safety requirements progressively enhanced. This standard correspondence with GB 17859-1999, the first stage corresponding to the user customize the protection level, corresponding to the second level protection system audit Level, third level corresponding to the security token protection level. Information security technology security evaluation criteria Switches1 ScopeThis standard provides for only three levels of security evaluation criteria switch. This standard applies to the safety assessment of the security level in accordance with GB 17859-1999 performed switch products, the product switches Design and implementation of security can also refer to use.2 Normative referencesThe following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard. GB 17859-1999 computer information system security protection classification criterion GB/T 18336.1-2001 Information technology - Security techniques - Evaluation criteria for IT security - Part 1. Introduction and general model 3 Terms, definitions and abbreviations 3.1 Terms and Definitions GB 17859-1999 and GB/T 18336.1-2001 established in the following terms and definitions apply to this standard. 3.1.1 A hardware-based network card address, to complete the package forwarding packets enabled network devices. 3.2 Acronyms The following abbreviations apply to this standard. Access Control List ACL AccessControlList Intrusion Detection System IDS InstrusionDetectionSystem Internet Protocol security protocol IPSec InternetProtocolSecurity MAC MediaAccessControl MAC MPLS Multi-ProtocolLabelSwitching Multiprotocol Label Switching Virtual LAN VLAN VirtualLocalAreaNetwork Virtual Private Network VPN VirtualPrivateNetwork 4 first-class security evaluation criteria 4.1 Functional safety assessment 4.1.1 Discretionary Access Control assessment method. Set different switch administrator account, and check whether a different administrator login respectively. expected outcome. Switch administrator can set a different account, and be able to log on separately to different administrators. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 685-2007_English be delivered?Answer: Upon your order, we will start to translate GA/T 685-2007_English as soon as possible, and keep you informed of the progress. The lead time is typically in 9 seconds (download/delivered in 9 seconds). The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GA/T 685-2007_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 685-2007_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
