|
US$819.00 ยท In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 28451-2023: Information security technology - Technical specification for network intrusion prevention system
Status: Valid GB/T 28451: Evolution and historical versions
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 28451-2023 | English | 819 |
Add to Cart
|
6 days [Need to translate]
|
Information security technology - Technical specification for network intrusion prevention system
| Valid |
GB/T 28451-2023
|
| GB/T 28451-2012 | English | 760 |
Add to Cart
|
0--9 seconds. Auto-delivery
|
Information security technology -- Technical requirements and testing and evaluation approaches for network-based intrusion prevention system products
| Obsolete |
GB/T 28451-2012
|
PDF similar to GB/T 28451-2023
Basic data | Standard ID | GB/T 28451-2023 (GB/T28451-2023) | | Description (Translated English) | Information security technology - Technical specification for network intrusion prevention system | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 40,445 | | Date of Issue | 2023-05-23 | | Date of Implementation | 2023-12-01 | | Older Standard (superseded by this standard) | GB/T 28451-2012 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 28451-2023: Information security technology - Technical specification for network intrusion prevention system
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35:030
CCSL80
National Standards of People's Republic of China
Replacing GB/T 28451-2012
Information Security Technology
Network Intrusion Prevention Product Technical Specifications
Released on 2023-05-23
2023-12-01 Implementation
State Administration for Market Regulation
Released by the National Standardization Management Committee
table of contents
Preface III
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5 Overview 2
6 Safety technical requirements 3
6:1 Safety function requirements 3
6:2 Self-safety requirements 5
6:3 Performance requirements 6
6:4 Environmental adaptability requirements 7
6:5 Security requirements 8
7 Evaluation Methods 10
7:1 Evaluation Environment 10
7:2 Assessment tools 11
7:3 Safety function evaluation 11
7:4 Self-safety evaluation 19
7:5 Performance evaluation 22
7:6 Environmental adaptability assessment 24
7:7 Safety assurance assessment 25
8 Classification Requirements 31
Appendix A (Normative) Classification of Network Intrusion Prevention Products 32
A:1 Overview 32
A:2 Classification of safety technical requirements 32
A:3 Classification of assessment methods 34
foreword
This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for Standardization Work Part 1: Structure and Drafting Rules for Standardization Documents"
drafting:
This document replaces GB/T 28451-2012 "Technical requirements and test evaluation methods for network-based intrusion prevention products of information security technology"
Compared with GB/T 28451-2012, except for structural adjustment and editorial changes, the main technical changes are as follows:
a) Added the requirement of "flow control" (see 6:1:1:5);
b) Added the requirement of "retention of attack data" (see 6:1:3:5);
c) Added the requirement of "configuration backup and restoration" (see 6:1:4:6);
d) Added the requirement of "outgoing logs" (see 6:1:4:12);
e) Added performances such as "Network Layer Throughput", "Mixed Application Layer Throughput", "TCP New Connection Rate", "TCP Concurrent Connections", etc:
Specific content of requirements (see 6:3:1, 6:3:2, 6:3:3 and 6:3:4);
f) Added the specific requirements for product misinterception rate and missed interception rate (see 6:3:5, 6:3:6, 7:4 of the:2012 edition);
g) The content of the chapter "Environmental Adaptability Requirements" has been added, which mainly clarifies the product's ability to support IPv6, including IPv6
Application environment adaptability, IPv6 management environment adaptability, dual protocol stack, and virtualization support capability (see 6:4);
h) Removed the "load balancing" requirement (see 7:3:1:4:9 of the:2012 edition);
i) Change "Technical Requirements for Intrusion Prevention Products" to "Security Function Requirements", and "Security Requirements for Products" to "Self-Security Requirements"
Requirements", "Product Assurance Requirements" changed to "Safety Assurance Requirements" (see Chapter 6, 7 and 8 of the:2012 edition);
j) Changed the classification of intrusion prevention products, from "Level 1, Level 2 and Level 3" to "Basic Level and Enhanced Level" (see Appendix
A, 7:1, 7:2 and 7:3 of the:2012 edition):
Please note that some contents of this document may refer to patents: The issuing agency of this document assumes no responsibility for identifying patents:
This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260):
This document was drafted by: The Third Research Institute of the Ministry of Public Security, Xi'an Jiaotong University Jabil Network Technology Co:, Ltd:, Beijing Shenzhou Green League Technology Co:, Ltd:
Company, Sangfor Technology Co:, Ltd:, Venustech Information Technology Group Co:, Ltd:, Landun Information Security Technology Co:, Ltd:,
Beijing Tianrongxin Network Security Technology Co:, Ltd:, China Network Security Review Technology and Certification Center, Shanghai Information Security Evaluation and Certification Center
Xin, China Electric Power Research Institute Co:, Ltd:, New H3C Technology Co:, Ltd:, Qi Anxin Wangshen Information Technology (Beijing) Co:, Ltd:
The main drafters of this document: Gu Jianxin, Wu Teng, Deng Yu, Lai Jing, Zhang Qian, Li Qian, He Jianfeng, Chen Hongwei, Ye Jianwei, Ye Runguo, Wang Qinghui,
Yang Chenzhong, Lei Xiaofeng, Shen Yongbo, Xu Tonghai, Fang Shuai, Wan Xiaolan, Zhou Feihu:
The release status of previous versions of this document and the documents it replaces are as follows:
---First published as GB/T 28451-2012 in:2012;
--- This is the first revision:
Information Security Technology
Network Intrusion Prevention Product Technical Specifications
1 Scope
This document specifies the security technical requirements and evaluation methods of network intrusion prevention products, and classifies them:
This document applies to the design, development, testing and evaluation of network intrusion prevention products:
2 Normative references
The content in the following documents constitutes the essential provisions of this document through normalized references in the text: Among them, dated references
For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
this document:
GB/T 18336:3-2015 Information Technology Security Technology Information Technology Security Assessment Criteria Part 3: Security Assurance Components
GB/T 25069 Information Security Technical Terms
GB/T 30279-2020 Information Security Technology Network Security Vulnerability Classification and Grading Guide
3 Terms and Definitions
The following terms and definitions defined in GB/T 18336:3-2015 and GB/T 25069 apply to this document:
3:1
Deployed on the network path in the form of a bridge or gateway, through the analysis of network traffic to find network behaviors with intrusion characteristics, in its incoming
Products that intercept before the network is protected:
3:2
message fragmentation
The attacker hides the attack data in segmented or fragmented TCP packets or IP packets to avoid detection:
Behavior:
3:3
code deformation codedeformation
Attackers rewrite known attack data and codes, or replace part of the original attack data with other codes to avoid detection
the behavior of:
3:4
administrator administrator
Personnel with rights to manage, configure, operate network intrusion prevention products, and view audit records:
3:5
alarm alert
When the network intrusion prevention product discovers an intrusion, it will actively send a warning notification to the administrator through certain technical means:
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 28451-2023_English be delivered?Answer: Upon your order, we will start to translate GB/T 28451-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 28451-2023_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 28451-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. Question 5: Should I purchase the latest version GB/T 28451-2023?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 28451-2023 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.
|