Search result: GB/T 42583-2023
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 42583-2023 | English | 839 |
Add to Cart
|
6 days [Need to translate]
|
Information security technology - Technical specifications for government network security monitoring platform
| Valid |
GB/T 42583-2023
|
| Standard ID | GB/T 42583-2023 (GB/T42583-2023) | | Description (Translated English) | Information security technology -- Technical specifications for government network security monitoring platform | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 41,439 | | Date of Issue | 2023-05-23 | | Date of Implementation | 2023-12-01 | | Issuing agency(ies) | State Administration for Market Regulation, National Standardization Management Committee |
GB/T 42583-2023: Technical specification for information security technology government network security monitoring platform
ICS 35:030
CCSL80
National Standards of People's Republic of China
Information Security Technology
Technical specifications for government network security monitoring platform
Released on 2023-05-23
2023-12-01 implementation
State Administration for Market Regulation
Released by the National Standardization Management Committee
table of contents
Preface III
1 Range 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5 Overview 2
5:1 Platform technical architecture 2
5:2 Platform Monitoring Scope and Objects 3
5:3 Classification of technical requirements 3
6 General requirements for safety monitoring 3
6:1 Data collection and preprocessing 3
6:2 Data Storage 4
6:3 Data bus 4
6:4 Data Analysis 5
6:5 Display and application 5
6:6 Threat Intelligence 6
6:7 Platform Security Management 6
7 Extended requirements for safety monitoring 8
7:1 Government Cloud Security Monitoring 8
7:2 Government application security monitoring 8
7:3 Government data security monitoring 9
8 General requirements test evaluation method 10
8:1 Data acquisition and preprocessing 10
8:2 Data Storage 11
8:3 Data bus 11
8:4 Data Analysis 13
8:5 Display and application 13
8:6 Threat Intelligence 15
8:7 Platform security management 16
9 Extended Requirements Test Evaluation Method 18
9:1 Government cloud security monitoring 18
9:2 Government application security monitoring 19
9:3 Government data security monitoring 22
Appendix A (Informative) Major Security Threats Faced by Government Networks 24
Appendix B (Informative) Division of Technical Requirements for Government Network Security Monitoring Platform 25
Appendix C (Informative) Platform Deployment Structure 27
Appendix D (Informative) Data Bus Structure 28
Appendix E (informative) interface example 29
Appendix F (Informative) Government Network Security Monitoring Platform Threat Intelligence Data Format 33
Reference 36
foreword
This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for Standardization Work Part 1: Structure and Drafting Rules for Standardization Documents"
drafting:
Please note that some contents of this document may refer to patents: The issuing agency of this document assumes no responsibility for identifying patents:
This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260):
This document was drafted by: State Information Center, Beijing Guoxin Jingning Information Security Technology Co:, Ltd:, the Third Research Institute of the Ministry of Public Security, and State Information Technology Co:, Ltd:
Information Technology Security Research Center, China Information Security Evaluation Center, Institute of Information Engineering, Chinese Academy of Sciences, AsiaInfo Technology (Chengdu) Co:, Ltd:,
Huawei Technologies Co:, Ltd:, Qi Anxin Technology Group Co:, Ltd:, Beijing Weibu Online Technology Co:, Ltd:, Sangfor Technology Co:, Ltd:
Company, Beijing Tianrongxin Network Security Technology Co:, Ltd:, New H3C Technology Co:, Ltd:, Hangzhou Anheng Information Technology Co:, Ltd:, Beijing
Qihoo Technology Co:, Ltd:, Venustech Information Technology Group Co:, Ltd:, Hengan Jiaxin (Beijing) Technology Co:, Ltd:, Guangdong Yingshiji
Computer Technology Co:, Ltd:, Inspur Cloud Information Technology Co:, Ltd:, Beijing Zhongke Security Technology Co:, Ltd:, Beijing Zhongce Anhua Technology Co:, Ltd:
company:
The main drafters of this document: Lu Kai, Liu Bei, Yan Guixun, Cheng Hao, Zhao Ruibin, Wu Aming, Wen Bo, Yuan Zhiqian, Ren Weihong, Wu Xian, Yao Jiaming,
Li Juan, Ma Hongxia, Wang Zhenlei, Yang Qingze, Wang Wei, Zhang Erming, Xue Feng, Zhang Kuan, Ye Runguo, An Gaofeng, Wan Xiaolan, Su Qibo, Zhang Yi, Du Yu,
Shi Shuai, Lin Yanzhong, Dong Shu, Jia Bochao, Yao Yuangang:
Information Security Technology
Technical specifications for government network security monitoring platform
1 Scope
This document specifies the general technical requirements, extended technical requirements, and testing and evaluation methods of the government network security monitoring platform:
This document is applicable to the design, construction, operation and maintenance, and test evaluation of the government network security monitoring platform:
2 Normative references
The contents of the following documents constitute the essential provisions of this document through normative references in the text: Among them, dated references
For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
this document:
GB/T 25069 Information Security Technical Terms
GB/T 32924 Information Security Technology Network Security Early Warning Guidelines
3 Terms and Definitions
The following terms and definitions defined in GB/T 25069 and GB/T 32924 apply to this document:
3:1
government network governmentnetwork
A dedicated network that carries non-secret government affairs:
Note: Including the basic network, as well as information technology facilities and resources such as government cloud, government application and government data deployed on the basic network, mainly divided into
Government WAN, government MAN and government LAN:
3:2
A government affairs network that realizes interconnection among various government affairs departments in the same city:
3:3
It connects the government affairs LAN or government affairs metropolitan area network in different regions to realize the government affairs network of remote communication:
3:4
Through real-time collection, monitoring and analysis of network traffic, security logs, threat intelligence and other data, network risks can be dynamically identified and discovered:
Attack threats, asset vulnerabilities, and security events, as well as a system for early warning notification and visual display:
3:5
alarm alert
Analyze network security elements, and when an attack or intrusion is found, the platform will automatically send a notification to the relevant personnel:
3:6
warning warning
For upcoming or ongoing network security incidents or threats, security warnings issued in advance or in time:
[Source: GB/T 32924-2016, 3:5]
......
|