Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 25068.1-2020 PDF English

US$695.00 · In stock · Download in 9 seconds
GB/T 25068.1-2020: Information technology. Security techniques. Network security - Part 1: Overview and concepts
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid

GB/T 25068.1: Historical versions

Standard IDUSDBUY PDFDeliveryStandard Title (Description)Status
GB/T 25068.1-2020695 Add to Cart Auto, 9 seconds. Information technology. Security techniques. Network security - Part 1: Overview and concepts Valid
GB/T 25068.1-2012RFQ ASK 3 days Information technology -- Security techniques -- IT network security -- Part 1: Network security management Obsolete

Similar standards

GB/T 25070   GB/T 25064   GB/T 25061   GB/T 25068.4   

GB/T 25068.1-2020: Information technology. Security techniques. Network security - Part 1: Overview and concepts


---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT25068.1-2020
GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 GB/T 25068.1-2020 / ISO/IEC 27033-1.2015 Replacing GB/T 25068.1-2012 Information technology - Security techniques - Network security - Part 1.Overview and concepts (ISO/IEC 27033-1.2015, IDT) Issued on. NOVEMBER 19, 2020 Implemented on. JUNE 01, 2021 Issued by. State Administration for Market Regulation; Standardization Administration of the People's Republic of China.

Table of Contents

Foreword... 4 Introduction... 7 1 Scope... 10 2 Normative references... 10 3 Terms and definitions... 11 4 Symbols and abbreviated terms... 16 5 Structure... 19 6 Overview... 21 6.1 Background... 21 6.2 Network security planning and management... 23 7 Identifying risks and preparing to identify security controls... 26 7.1 Introduction... 26 7.2 Information on current and/or planned networking... 26 7.2.1 Security requirements in corporate information security policy... 26 7.2.2 Information on current/planned networking... 27 7.3 Information security risks and potential control areas... 32 8 Supporting controls... 36 8.1 Introduction... 36 8.2 Management of network security... 36 8.2.1 Background... 36 8.2.2 Network security management activities... 36 8.2.3 Network security roles and responsibilities... 40 8.2.4 Network monitoring... 41 8.2.5 Evaluating network security... 41 8.3 Technical vulnerability management... 41 8.4 Identification and authentication... 42 8.5 Network audit logging and monitoring... 43 8.6 Intrusion detection and prevention... 45 8.7 Protection against malicious code... 46 8.8 Cryptographic based services... 47 8.9 Business continuity management... 48 9 Guidelines for the design and implementation of network security... 49 9.1 Background... 49 9.2 Network technical security architecture/design... 50 10 Reference network scenarios - Risks, design, techniques and control issues... 53 10.1 Introduction... 53 10.2 Internet access services for employees... 53 10.3 Enhanced collaboration services... 53 10.4 Business to business services... 54 10.5 Business to customer services... 54 10.6 Outsourced services... 55 10.7 Network segmentation... 55 10.8 Mobile communication... 56 10.9 Networking support for travelling users... 56 10.10 Networking support for home and small business office... 56 11 "Technology" topics - Risks, design techniques and control issues... 57 12 Develop and test security solution... 57 13 Operate security solution... 58 14 Monitor and review solution implementation... 59 Annex A (informative) Cross-references between ISO/IEC 27001/27002 network security related controls and ISO/IEC 27033-1 clauses/subclauses... 60 Table A.1 -- By ISO/IEC 27001, ISO/IEC 27002 subclauses... 60 Table A.2 -- By this Part subclauses... 62 Annex B (informative) Example template for a SecOPs document... 64 Bibliography... 70

Foreword

GB/T 25068-2020 "Information technology - Security techniques - Network security" is currently divided into the following 5 parts. - Part 1.Overview and concepts; - Part 2.Guidelines for the design and implementation of network security; - Part 3.Securing communications between networks using security gateways; - Part 4.Securing remote access; - Part 5.Securing communications across networks using virtual private networks. This is Part 1 of GB/T 25068. This Part was drafted in accordance with the rules given in GB/T 1.1-2009. This Part replaces GB/T 25068.1-2012 "Information technology. Security techniques. Network security -- Part 1.Overview and concepts". Compared with GB/T 25068.1- 2012, the main technical changes in this Part are as follows. - Add the contents such as "Supporting controls", " Reference network scenarios - Risks, design, techniques and control issues" and "Develop and test security solution". Delete contents such as "Target" and "Crypto-based services in public infrastructure" (see Chapter 8, Chapter 10, Chapter 12 of this Edition; Chapter 2, Chapter 13 of Edition 2012); - Add the contents such as "Supporting controls", "Reference network scenarios - Risks, design, techniques and control issues" and "Develop and test security solution". Delete contents such as "Target" and "Crypto-based services in public infrastructure" (see Chapter 8, Chapter 10, Chapter 12 of this Edition; Chapter 2, Chapter 13 of Edition 2012); - Delete the dated references to GB/T 22081-2008, GB/T 25068.2-2012, and GB/T 25068.3-2010.Add the undated references to ISO/IEC 27000, ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27005 (see Chapter 2 of this Edition; Chapter 2 of Edition 2012); - Delete the terms and definitions such as "security dimension" and "spam". Add the terms and definitions such as “architecture” and “information security policy” (see Chapter 3 of this Edition; Chapter 3 of Edition 2012); - Delete the abbreviations such as "Telnet" and "TETRA". Add the abbreviations such as "BPL", "CA" and "DPNSS" (see Chapter 4 of this Edition; Chapter 4 of Edition 2012); - Delete network connection types, identification of trust relationships, trust relationship references, and potential vulnerability types. Add the conceptual model of network security risk areas, network security risk assessment and management process (see Chapter 5 ~ Chapter 8 of this Edition; Chapter 7, Chapter 10 ~ Chapter 12 of Edition 2012); - Add cross-references between the security control section in this Part and the relevant provisions in ISO/IEC 27001 and ISO/IEC 27002 and the SecOPs document sample template (see Annex A and Annex B of this Edition). This Part uses translation method to identically adopts ISO/IEC 27033-1.2015 "Information technology - Security techniques - Network security - Part 1.Overview and concepts". The Chinese documents which have consistency with the international normative reference in this Part are as follows. - GB/T 9387 (all parts), Information technology. Open Systems Interconnection. Basic Reference Model [ISO/IEC 7498 (all parts)]; - GB/T 22080-2016, Information technology -- Security techniques -- Information security management systems -- Requirements (ISO/IEC 27001.2013, IDT); - GB/T 22081-2016, Information technology -- Security techniques -- Code of practice for information security controls (ISO/IEC27002.2013, IDT); - GB/T 29246-2017, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary (ISO/IEC 27000.2016, IDT); - GB/T 31722-2015, Information technology -- Security techniques -- Information security risk management (ISO/IEC 27005.2008, IDT). This Part made the following editorial modifications. - In Chapter 2, add the international document ISO/IEC 27000 which is used as a normative reference in the text. This Part was proposed by and shall be under the jurisdiction of National Technical Committee on Information Security of Standardization Administration of China (SAC/TC 260). The drafting organizations of this Part. Heilongjiang Provincial Cyberspace Research Center, China Electronics Technology Standardization Institute, Beijing Antian Network Security Technology Co., Ltd., Hangzhou Anheng Information Technology Co., Ltd., Harbin University of Science and Technology, Xi'an Xidian Jietong Wireless Network Communications Co., Ltd. Main drafters of this Part. Fang Zhou, Qu Jiaxing, Ma Chao, Gu Juntao, Shubin, Liu Jia, Li Rui, Song Xue, Ma Yao, Wang Dameng, Wu Qiong, Jiang Guochun, Feng Yana, Zhang Hong, Si Dan, Zhang Chi, Yu Haining. Version of standard substituted by this Part is. - GB/T 25068.1-2012.

1 Scope

This part of GB/T 25068 provides an overview of network security and related definitions. It defines and describes the concepts associated with, and provides management guidance on, network security. (Network security applies to the security of devices, security of management activities related to the devices,

2 Normative references

The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7498 (all parts), Information technology - Open systems interconnection Basic reference model. Naming and addressing

3 Terms and definitions

person deliberately exploiting vulnerabilities in technical and non-technical security controls in order to steal or compromise information systems and networks, or to compromise availability to legitimate users of information system and network resources variant on intrusion detection systems that are specifically designed to provide an active response capability

4 Symbols and abbreviated terms

The following abbreviated terms are used in all parts of ISO/IEC 27033.

5 Structure

The structure of the ISOI/IEC 27033 series of standards is shown in diagrammatic, or "road map", form in Figure 2 below.

6 Overview

When an organization decides to use VoIP technologies to implement the internal telephone network, then appropriate security gateways to the phone network are typically present as well.

7 Identifying risks and preparing to identify security controls

The next step should be to gather and review information on the current and/or planned network(s) - the architecture(s), applications, services, types of connection and other characteristics - this will have a bearing on the identification and assessment of risks, and determining what is possible in terms of network technical security architecture/design. These aspects are described below.

8 Supporting controls

A key requirement for any network is that it is supported by secure management activities, which will initiate and control the implementation, and operation, of security. These activities should take place to ensure the security of all of an organization/community’s information systems. Network security management activities should include.

9 Guidelines for the design and implementation of network security

It is emphasized that the technical security architecture/design for any project should be fully documented and agreed, before finalizing the list of security controls for implementation. ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
Image 1     Image 2     Image 3     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of English version of GB/T 25068.1-2020 be delivered?Answer: The full copy PDF of English version of GB/T 25068.1-2020 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GB/T 25068.1-2020_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 25068.1-2020_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB/T 25068.1-2020 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

Question 5: Should I purchase the latest version GB/T 25068.1-2020?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 25068.1-2020 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.

How to buy and download a true PDF of English version of GB/T 25068.1-2020?

A step-by-step guide to download PDF of GB/T 25068.1-2020_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 25068.1-2020".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3    Steps 4~6    Step 7    Step 8    Step 9