| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GA/T 683-2007 | English | 959 |
Add to Cart
|
5 days [Need to translate]
|
Information security technology--Technical requirements for firewall security
| Obsolete |
GA/T 683-2007
|
PDF similar to GA/T 683-2007
Basic data | Standard ID | GA/T 683-2007 (GA/T683-2007) | | Description (Translated English) | Information security technology--Technical requirements for firewall security | | Sector / Industry | Public Security (Police) Industry Standard (Recommended) | | Classification of Chinese Standard | A90 | | Classification of International Standard | 35.040 | | Word Count Estimation | 24,284 | | Date of Issue | 2007-03-20 | | Date of Implementation | 2007-05-01 | | Quoted Standard | GB 17859-1999, False; GB/T 18336.1-2001, False | | Issuing agency(ies) | Ministry of Public Security | | Summary | This standard specifies the technical requirements for the security of the firewall. Security level from the first to third level gradually increased, the firewall security requirements are gradually enhanced. This standard applies to the public security industry on the firewall product development, production. But also can be applied to the firewall product procurement and deployment. | GA/T 683-2007: Information security technology--Technical requirements for firewall security---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Technical requirements for firewall security
ICS 35.040
A90
People's Republic of China Public Security Industry Standards
Information Security Technology
Firewall security technical requirements
Posted 2007-03-20
2007-05-01 implementation
People's Republic of China Ministry of Public Security
Table of Contents
Introduction Ⅴ
Introduction Ⅵ
1 Scope 1
2 Normative references 1
3 Terms, Definitions and Abbreviations 1
3.1 Terms and definitions
3.2 Abbreviations 1
4 first-level security requirements 2
4.1 Security functional requirements 2
4.1.1 firewall itself discretionary access control 2
4.1.2 authentication 2
4.1.3 Security Management 2
4.1.4 Access Control function 2
4.1.5 Network Address Translation (NAT) function 3
4.1.6 PBR 3
4.1.7 Traffic Statistics 3
4.1.8 Report 3
4.2 Security assurance requirements 3
4.2.1 Configuration Management 3
4.2.2 Delivery and operation 3
4.2.3 Development 3
4.2.4 Guidance Document 3
4.2.5 Life Cycle Support 3
4.2.6 Test 3
5 Second Level 4 security requirements
5.1 Security functional requirements 4
5.1.1 firewall itself discretionary access control 4
5.1.2 authentication 4
5.1.3 Security Management 4
5.1.4 Access Control Function 5
5.1.5 Audit 5
5.1.6 Network Address Translation (NAT) function 5
5.1.7 PBR 6
5.1.8 Traffic Statistics 6
5.1.9 Bandwidth Management 6
5.1.10 Report 6
5.1.11 anti-attack function 6
5.1.12 dynamically open ports 6
5.1.13 Reliability 6
5.2 Security assurance requirements 6
5.2.1 Configuration Management 6
5.2.2 Delivery and operation 7
5.2.3 Development 7
5.2.4 Guidance Document 7
5.2.5 Life Cycle Support 7
5.2.6 Test 7
5.2.7 Vulnerability Assessment 7
6 third-level security requirements 8
6.1 Security functional requirements 8
6.1.1 firewall itself Discretionary Access Control 8
6.1.2 identification 8
6.1.3 Security Management 8
6.1.4 Access Control 9
6.1.5 mark 9
6.1.6 Audit 9
Protection 6.1.7 SNMP (SNMP) 10
6.1.8 Network Address Translation (NAT) function 10
6.1.9 PBR 10
6.1.10 Traffic Statistics 10
6.1.11 Bandwidth Management 10
6.1.12 Report 11
6.1.13 anti-attack function 11
6.1.14 abnormal shutdown 11
6.1.15 dynamic and open port 11
6.1.16 Reliability 11
6.2 Security assurance requirements 11
6.2.1 Configuration Management 11
6.2.2 Delivery and operation 12
6.2.3 Development 12
6.2.4 Guidance Document 12
6.2.5 Life Cycle Support 12
6.2.6 Test 13
6.2.7 Vulnerability assessment 13
7 Additional security features 13
7.1 Virtual Private Network (VPN) Function 13
7.2 IDS linkage function 13
7.3 anti-virus gateway function 13
7.4 anti-spam features 14
Appendix A (normative) Safety requirements for table 15
A. 151 Composition and mutual relations
A. Firewall security level 2 division 15
A. 3 additional security features 16
References 17
Foreword
This standard specifies in detail the various security levels firewall should have the security functional requirements and security guarantee from the information technology
Certification requirements.
Appendix A of this standard is an informative annex.
This standard was proposed by the Ministry of Public Security Public Information Network Security Supervision Bureau.
This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee.
This standard was drafted. State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences.
The main drafters of this standard. Daiying Xia, He Shen, left Xiao Dong.
Introduction
A firewall is an important network perimeter protection devices, the development of public safety industry guidance firewall security technology requirements for firewall products
Research and development, procurement and deployment, security is of great significance to protect public safety industry network.
The industry standard for public safety use firewall proposed hierarchical security technical requirements.
This standard is only one to three security level to do the technical requirements, and GB 17859-1999 "computer information system security protection
Protection classification criteria "correspondence, the first level corresponding to the user customize the protection level, corresponding to the second stage audit system protection level, corresponding to the third stage
Security token protection level.
The standard text in bold indicates a lower level does not appear or enhanced technical requirements.
Information Security Technology
Firewall security technical requirements
1 Scope
This standard defines three levels of firewall security technology requirements. Security level from the first stage to the third stage progressively increased fire safety
Safety requirements for walls have gradually increased.
This standard applies to public safety industry firewall product development and production. Also apply to the procurement of products and firewalls
deploy.
2 Normative references
The following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent
Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research
Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard.
GB 17859-1999 computer information system security protection classification criterion
GB/T 18336.1-2001 Information technology - Security techniques - Evaluation criteria for IT security - Part 1. Introduction and general
model
3 Terms, definitions and abbreviations
3.1 Terms and Definitions
GB 17859-1999 and GB/T 18336.1-2001 and established the following terms and definitions apply to this standard.
3.1.1
A firewall is to perform a set of access control policies or group of components between the network, is an important network protection device, is
In security device user network boundaries.
3.2 Acronyms
The following abbreviations apply to this standard.
FTP FileTransferProtocol File Transfer Protocol
ICMP InternetControlMessageProtocol Internet Control Message Protocol
Intrusion Detection System IDS IntrusionDetectionSystem
IPS IntrusionPreventionSystem Intrusion Prevention System
IPSec InternetProtocolSecurity IP Security Protocol
MIB MIB ManagementInformationBase
Network Address Translation NAT NetworkAddressTranslation
PAT PortAddressTranslation Port Address Translation
RTP Real-timeTransportProtocol Real-time Transport Protocol
Real Time Streaming Protocol RTSP RealTimeStreamingProtocol
Session Initiation Protocol SIP SessionInitiationProtocol
SNMP SimpleNetworkManagementProtocol SNMP
Structured Query Language SQL StructuredQueryLanguage
|