Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 25068.2-2020 English PDF

US$494.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 25068.2-2020: Information technology - Security techniques - Network security - Part 2: Guidelines for the design and implementation of network security
Status: Valid

GB/T 25068.2: Historical versions

Standard IDUSDBUY PDFLead-DaysStandard Title (Description)Status
GB/T 25068.2-2020494 Add to Cart 3 days Information technology - Security techniques - Network security - Part 2: Guidelines for the design and implementation of network security Valid
GB/T 25068.2-2012914 Add to Cart 3 days Information technology -- Security techniques -- IT network security -- Part 2: Network security architecture Obsolete

Similar standards

GB/T 25068.1   GB/T 25070   GB/T 25061   GB/T 25068.4   GB/T 25069   GB/T 25068.3   

Basic data

Standard ID: GB/T 25068.2-2020 (GB/T25068.2-2020)
Description (Translated English): Information technology - Security techniques - Network security - Part 2: Guidelines for the design and implementation of network security
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 26,216
Date of Issue: 2020-11-19
Date of Implementation: 2021-06-01
Older Standard (superseded by this standard): GB/T 25068.2-2012
Regulation (derived from): National Standard Announcement No. 26 of 2020
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 25068.2-2020: Information technology - Security techniques - Network security - Part 2: Guidelines for the design and implementation of network security


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
(Information technology, security technology, network security, part 2: network security design and implementation guidelines) ICS 35:040 L80 National Standards of People's Republic of China Replace GB/T 25068:2-2012 Information Technology Security Technology Cyber Security Part 2: Cybersecurity Design and Implementation Guidelines (ISO /IEC 27033-2:2012, IDT) 2020-11-19 released 2021-06-01 implementation State Administration for Market Regulation Issued by the National Standardization Management Committee

Table of contents

Foreword Ⅰ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 1 5 Document structure 2 6 Preparation for network security design 2 6:1 Overview 2 6:2 Asset identification 2 6:3 Requirements collection 3 6:4 Requirements review 3 6:5 Review of existing design and implementation 4 7 Cyber Security Design 4 7:1 Overview 4 7:2 Design Principle 5 7:3 Design verification 6 8 Network Security Implementation 7 8:1 Overview 7 8:2 Network component selection criteria 7 8:3 Selection criteria for products or suppliers 7 8:4 Network Management 8 8:5 Logging, monitoring and incident response 8 8:6 Documentation 9 8:7 Test plan and test implementation 9 8:8 Verification 9 Appendix A (informative appendix) The safety control part of this part is compatible with ISO /IEC 27001:2005, ISO /IEC 27002:2005 Cross-reference of relevant chapter number 10 Appendix B (informative appendix) Sample document template 11 Appendix C (informative appendix) ITU-TX:805 framework and ISO /IEC 27001:2005 control element mapping 19 Reference 23

Foreword

GB/T 25068 "Information Technology Security Technology Cyber Security" is currently divided into the following 5 parts: ---Part 1: Overview and concepts; ---Part 2: Network Security Design and Implementation Guidelines; ---Part 3: Reference network scenarios---risk, design technology and control elements; ---Part 4: Security Protection of Internet Communication Using Security Gateway; ---Part 5: Security protection of cross-network communication using virtual private network: This part is Part 2 of GB/T 25068: This section was drafted in accordance with the rules given in GB/T 1:1-2009: This part replaces GB/T 25068:2-2012 "Information Technology Security Technology IT Cyber Security Part 2: Cyber Security System Structure'', compared with GB/T 25068:2-2012, the main technical changes are as follows: --- Deleted "Network Security Reference Architecture", "Security Maintenance", "Security Layer", "Security Surface", "Security Threats", and "Apply to Security Maintenance" Contents such as the description of the goals achieved at the entire level have been added, including the “document structure”, “network security design preparation”, “network security design”, and “network security design”: Network Security Implementation" and other content (see Chapter 5~Chapter 8,:2012 Edition Chapter 5~Chapter 10); ---Modified the content of the scope of Chapter 1 (see Chapter 1, Chapter 1 of the:2012 edition); ---Delete the reference of the normative reference document GB/T 9387:2-1995, add ISO /IEC 27000:2009, ISO /IEC 27001:2005, ISO /IEC 27002:2005, ISO /IEC 27005:2011, ISO /IEC 7498 (all parts), ISO / Reference to IEC 27033-1 (see Chapter 2, Chapter 2 of the:2012 edition); --- Delete the terms and definitions in Chapter 3, and modify the introductory language (see Chapter 3, Chapter 3 of the:2012 edition); --- Deleted "ASP" "ATM" "DHCP" "DNS" "DS-3" "Ipsec" "MD5" "Megaco/H:248" "MPLS" "OAM Abbreviations such as "SSL", "VLAN", etc:, and abbreviations such as "IPS", "POC", "RADIUS", "SMS", "TACACS", and "TFTP" have been added Language (see Chapter 4, Chapter 4 of the:2012 edition): The translation method used in this part is equivalent to ISO /IEC 27033-2:2012 "Information Technology Security Technology Cyber Security Part 2 Sub: Network Security Design and Implementation Guide: The Chinese documents that have a consistent correspondence with the international documents cited in this section are as follows: ---GB/T 9387 (all parts) Information Technology Open System Interconnection Basic Reference Model [ISO /IEC 7498 (all parts) Points), IDT]; ---GB/T 22080-2016 Information technology security technology information security management system requirements (ISO /IEC 27001: 2013, IDT); ---GB/T 22081-2016 Information Technology Security Technical Information Security Control Practice Guide (ISO /IEC 27002:2013, IDT); ---GB/T 25068:1-2020 Information Technology Security Technology Cyber Security Part 1: Overview and Concepts (ISO /IEC 27033-1:2015, IDT); ---GB/T 29246-2017 Information Technology Security Technology Information Security Management System Overview and Vocabulary (ISO /IEC 27000:2016, IDT); ---GB/T 31722-2015 Information Technology Security Technology Information Security Risk Management (ISO /IEC 27005:2008, IDT): This part is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260): Drafting organizations of this part: Heilongjiang Provincial Cyberspace Research Center, China Electronic Technology Standardization Institute, Beijing Antiy Cyber Security Technology Technology Co:, Ltd:, Hangzhou Anheng Information Technology Co:, Ltd:, Harbin University of Science and Technology, Xi'an Xidian Jietong Wireless Network Communication Co:, Ltd: The main drafters of this section: Qu Jiaxing, Fang Zhou, Gu Juntao, Zhang Hongguo, Li Rui, Song Xue, Ma Yao, Wang Dameng, Wu Qiong, Shubin, Liu Jia, Jiang Guochun, Feng Yana, Zhang Hong, Si Dan, Zhang Chi, Yu Haining: The previous versions of the standards replaced by this part are as follows: ---GB/T 25068:2-2012: Information Technology Security Technology Cyber Security Part 2: Cybersecurity Design and Implementation Guidelines

1 Scope

This part of GB/T 25068 gives organizations guidelines for planning, designing, implementing and documenting network security:

2 Normative references

The following documents are indispensable for the application of this document: For dated reference documents, only the dated version applies to this article Pieces: For undated references, the latest version (including all amendments) applies to this document: ISO /IEC 7498 (all parts) Information Technology Open System Interconnection Basic Reference Model (Informationtechnology- Opensystemsinterconnection-Basicreferencemodel) ISO /IEC 27000:2009 Information Technology Security Technology Information Security Management System Overview and Vocabulary (Information technology-Securitytechniques-Informationsecuritymanagementsystems-Overviewandvocabu- lary) ISO /IEC 27001:2005 Information Technology Security Technology Information Security Management System Requirements (Informationtechnology- Securitytechniques-Informationsecuritymanagementsystems-Requirements) ISO /IEC 27002:2005 Information Technology Security Technology Information Security Management Practical Rules (Informationtechnology- Securitytechniques-Codeofpracticeforinformationsecuritymanagement) ISO /IEC 27005:2011 Information Technology Security Technology Information Security Risk Management (Informationtechnology-Secu- ritytechniques-Informationsecurityriskmanagement) ISO /IEC 27033-1 Information Technology Security Technology Cyber Security Part 1: Overview and Concepts (Informationtech- nology-Securitytechniques-Networksecurity-Part 1:Overviewandconcepts)

3 Terms and definitions

ISO /IEC 7498 (all parts), ISO /IEC 27000:2009, ISO /IEC 27001:2005, ISO /IEC 27002:2005, The terms and definitions defined by ISO /IEC 27005:2011 and ISO /IEC 27033-1 apply to this document:

4 Abbreviations

The following abbreviations apply to this document: IPS: Intrusion Prevention System (Intrusion Prevention System) POC: Proof of Concept (ProofofConcept) RADIUS: Remote Authentication Dial-In User Service (RemoteAuthenticationDial-InUserService) RAS: Remote Access Service (RemoteAccessService) SMS: Simple Message Service (SimpleMessageService) SMTP: Simple Mail Transfer Protocol (SimpleMailTransferProtocol) TACACS: Terminal Access Controller Access Control System (TerminalAccessControlerAccess-ControlSystem) ......
Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 25068.2-2020_English be delivered?

Answer: Upon your order, we will start to translate GB/T 25068.2-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 25068.2-2020_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 25068.2-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Question 5: Should I purchase the latest version GB/T 25068.2-2020?

Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 25068.2-2020 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.