標(biāo)準(zhǔn)解讀

《GB/T 44810.3-2024 IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求 第3部分:入侵防御系統(tǒng)(IPS)》主要針對(duì)IPv6環(huán)境下,入侵防御系統(tǒng)的功能、性能及安全性提出了具體的技術(shù)要求。該標(biāo)準(zhǔn)旨在確保在網(wǎng)絡(luò)環(huán)境中能夠有效檢測(cè)并阻止惡意流量或攻擊行為,保護(hù)網(wǎng)絡(luò)資源不受侵害。

首先,在功能方面,標(biāo)準(zhǔn)明確了入侵防御系統(tǒng)需要支持的基本特性,包括但不限于基于簽名的檢測(cè)機(jī)制、異常流量分析能力以及對(duì)已知漏洞利用嘗試的識(shí)別。此外,還強(qiáng)調(diào)了對(duì)于復(fù)雜多變威脅環(huán)境下的自適應(yīng)學(xué)習(xí)和響應(yīng)能力的重要性,使得系統(tǒng)不僅能夠應(yīng)對(duì)當(dāng)前存在的威脅模式,還能通過(guò)不斷更新規(guī)則庫(kù)來(lái)抵御新出現(xiàn)的安全風(fēng)險(xiǎn)。

其次,性能指標(biāo)上,《GB/T 44810.3-2024》規(guī)定了IPS在處理大規(guī)模數(shù)據(jù)流時(shí)應(yīng)達(dá)到的速度與效率水平,比如最大吞吐量、并發(fā)連接數(shù)等關(guān)鍵參數(shù),并且考慮到實(shí)際部署場(chǎng)景中可能遇到的各種條件限制(如帶寬利用率),提出了相應(yīng)的測(cè)試方法以驗(yàn)證產(chǎn)品是否滿(mǎn)足這些要求。

再者,安全性方面,本標(biāo)準(zhǔn)特別關(guān)注于如何增強(qiáng)IPS自身的防護(hù)措施,防止其成為攻擊目標(biāo)或被用作發(fā)動(dòng)進(jìn)一步攻擊的跳板。為此,除了常規(guī)的安全配置選項(xiàng)外,還建議采用加密通信協(xié)議保護(hù)管理接口,實(shí)施嚴(yán)格的訪(fǎng)問(wèn)控制策略,并定期進(jìn)行軟件更新以修補(bǔ)潛在的安全漏洞。

最后,文檔還涉及到兼容性問(wèn)題,指出入侵防御系統(tǒng)需良好地支持IPv6協(xié)議棧,同時(shí)保持與現(xiàn)有IPv4基礎(chǔ)設(shè)施之間的互操作性,確保平穩(wěn)過(guò)渡到全I(xiàn)PV6環(huán)境而不影響現(xiàn)有服務(wù)。此外,也鼓勵(lì)制造商遵循開(kāi)放標(biāo)準(zhǔn)開(kāi)發(fā)API接口,便于與其他網(wǎng)絡(luò)安全解決方案集成,共同構(gòu)建更加完善的企業(yè)級(jí)防護(hù)體系。


如需獲取更多詳盡信息,請(qǐng)直接參考下方經(jīng)官方授權(quán)發(fā)布的權(quán)威標(biāo)準(zhǔn)文檔。

....

查看全部

  • 即將實(shí)施
  • 暫未開(kāi)始實(shí)施
  • 2024-10-26 頒布
  • 2025-02-01 實(shí)施
?正版授權(quán)
GB/T 44810.3-2024IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第3部分:入侵防御系統(tǒng)(IPS)_第1頁(yè)
GB/T 44810.3-2024IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第3部分:入侵防御系統(tǒng)(IPS)_第2頁(yè)
GB/T 44810.3-2024IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第3部分:入侵防御系統(tǒng)(IPS)_第3頁(yè)
GB/T 44810.3-2024IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第3部分:入侵防御系統(tǒng)(IPS)_第4頁(yè)
GB/T 44810.3-2024IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第3部分:入侵防御系統(tǒng)(IPS)_第5頁(yè)
已閱讀5頁(yè),還剩11頁(yè)未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

GB/T 44810.3-2024IPv6 網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第3部分:入侵防御系統(tǒng)(IPS)-免費(fèi)下載試讀頁(yè)

文檔簡(jiǎn)介

ICS

33.040.40

CCS

M32

中華人民共和國(guó)國(guó)家標(biāo)準(zhǔn)

GB/T44810.3—2024

IPv6網(wǎng)絡(luò)安全設(shè)備技術(shù)要求

第3部分:入侵防御系統(tǒng)(IPS)

TechnicalrequirementforIPv6networksecurityequipment—

Part3:Instrusionpreventionsystem(IPS)

2024-10-26發(fā)布2025-02-01實(shí)施

國(guó)家市場(chǎng)監(jiān)督管理總局發(fā)布

國(guó)家標(biāo)準(zhǔn)化管理委員會(huì)

GB/T44810.3—2024

目次

前言

·····································································································

引言

·····································································································

1

范圍

··································································································

1

2

規(guī)范性引用文件

······················································································

1

3

術(shù)語(yǔ)和定義

···························································································

1

4

縮略語(yǔ)

································································································

1

5

功能性要求

···························································································

2

5.1

數(shù)據(jù)監(jiān)測(cè)

·························································································

2

5.1.1數(shù)據(jù)收集5.1.1

···············································································

2

5.1.2協(xié)議分析

····················································································

2

5.1.3行為監(jiān)測(cè)

····················································································

2

5.1.4流量監(jiān)測(cè)

····················································································

2

5.1.5流量過(guò)濾

····················································································

2

5.2

入侵分析

·························································································

2

5.2.1數(shù)據(jù)分析

····················································································

2

5.2.2入侵取證

····················································································

2

5.2.3攻擊防護(hù)

····················································································

2

拒絕服務(wù)攻擊防護(hù)

······································································

2

漏洞攻擊防護(hù)

···········································································

3

Web攻擊防護(hù)

··········································································

3

僵木蠕攻擊防護(hù)

········································································

3

自動(dòng)化攻擊威脅防護(hù)

····································································

3

攻擊逃逸防護(hù)

···········································································

4

外部系統(tǒng)協(xié)同防護(hù)

······································································

4

威脅情報(bào)庫(kù)

·············································································

4

5.3

入侵響應(yīng)

·························································································

4

5.4

管理控制

·························································································

4

5.5

檢測(cè)結(jié)果處理

····················································································

4

5.6

安全策略

·························································································

4

5.7

異常應(yīng)急處置

····················································································

4

6

性能要求

······························································································

4

6.1

網(wǎng)絡(luò)層吞吐量

····················································································

4

6.2

混合應(yīng)用層吞吐量

···············································································

4

6.3

TCP新建連接速率

··············································································

4

GB/T44810.3—2024

6.4

TCP并發(fā)連接數(shù)

·················································································

5

6.5

誤攔截率

·························································································

5

6.6

漏攔截率

·························································································

5

7

兼容性要求

···························································································

5

8

可靠性要求

···························································································

5

9

自身安全性要求

······················································································

5

參考文獻(xiàn)

··································································································

6

GB/T44810.3—2024

前言

本文件按照GB/T1.1—2020《標(biāo)準(zhǔn)化工作導(dǎo)則第1部分:標(biāo)準(zhǔn)化文件的結(jié)構(gòu)和起草規(guī)則》的規(guī)

定起草。

本文件是GB/T44810《IPv6網(wǎng)絡(luò)安全設(shè)備技術(shù)要求》的第3部分。GB/T44810已經(jīng)發(fā)布了以下

部分:

—第1部分:防火墻;

—第2部分:Web應(yīng)用防護(hù)系統(tǒng)(WAF);

—第3部分:入侵防御系統(tǒng)(IPS)。

請(qǐng)注意本文件的某些內(nèi)容可能涉及專(zhuān)利。本文件的發(fā)布機(jī)構(gòu)不承擔(dān)識(shí)別專(zhuān)利的責(zé)任。

本文件由中華人民共和國(guó)工業(yè)和信息化部提出。

本文件由全國(guó)通信標(biāo)準(zhǔn)化技術(shù)委員會(huì)(SAC/TC485)歸口。

本文件起草單位:中國(guó)信息通信研究院、華為技術(shù)有限公司、北京神州綠盟科技有限公司、北京天

融信網(wǎng)絡(luò)安全技術(shù)有限公司、鄭州信大捷安信息技術(shù)股份有限公司、北京浩瀚深度信息技術(shù)股份有限公

司、國(guó)家計(jì)算機(jī)網(wǎng)絡(luò)應(yīng)急技術(shù)處理協(xié)調(diào)中心、中國(guó)電信集團(tuán)有限公司、天翼安全科技有限公司、杭州迪

普科技股份有限公司、北京通和實(shí)益電信科學(xué)技術(shù)研究所有限公司、國(guó)家工業(yè)信息安全發(fā)展研究中心、

中國(guó)福利會(huì)國(guó)際和平婦幼保健院、北京元支點(diǎn)信息安全技術(shù)有限公司、新華三技術(shù)有限公司、深圳大

學(xué)、北京可信華泰信息技術(shù)有限公司、杭州安恒信息技術(shù)股份有限公司。

本文件主要起草人:董悅、戴方芳、王雨晨、李翔、陳宏偉、趙粵征、畢程、王龑、劉為華、

龐韶敏、陳陸穎、石桂欣、嚴(yán)寒冰、康和、龔超、吳慶、左虹、路云鵬、王欣萍、程曦、余果、

陳昌杰、季新華、楊志衛(wèi)、史晨偉、萬(wàn)曉蘭、杜君、段古納、田麗丹。

GB/T44810.3—2024

引言

根據(jù)《關(guān)于加快推進(jìn)互聯(lián)網(wǎng)協(xié)議第六版(IPv6)規(guī)模部署和應(yīng)用工作的通知》,為更好面對(duì)網(wǎng)絡(luò)復(fù)

雜化和用戶(hù)規(guī)模擴(kuò)大化帶來(lái)的安全挑戰(zhàn),推動(dòng)IPv6網(wǎng)絡(luò)安全工作的標(biāo)準(zhǔn)化,我國(guó)制定了一系列IPv6安

全標(biāo)準(zhǔn)。其中,GB/T44810《IPv6網(wǎng)絡(luò)安全設(shè)備技術(shù)要求》是為規(guī)范在IPv6中網(wǎng)絡(luò)安全產(chǎn)品的適用性

的技術(shù)標(biāo)準(zhǔn),擬由三個(gè)部分構(gòu)成。

—第1部分:防火墻。目的在于IPv6部署后,保障防火墻在新的網(wǎng)絡(luò)環(huán)境中的有效應(yīng)用。

—第2部分:Web應(yīng)用防護(hù)系統(tǒng)(WAF)。目的在于IPv6部署后,保障Web應(yīng)用防護(hù)系統(tǒng)

(WAF)在新的網(wǎng)絡(luò)環(huán)境中的有效應(yīng)用。

—第3部分:入侵防御系統(tǒng)(IPS)。目的在于IPv6部署后,保障入侵防御系統(tǒng)(IPS)在新的網(wǎng)

絡(luò)環(huán)境中的有效應(yīng)用。

GB/T44810.3—2024

IPv6網(wǎng)絡(luò)安全設(shè)備技術(shù)要求

第3部分:入侵防御系統(tǒng)(IPS)

1范圍

本文件規(guī)定了支持IPv6的入侵防御系統(tǒng)的安全技術(shù)要求。

本文件適用于支持IPv6的入侵防御系統(tǒng)的設(shè)計(jì)、開(kāi)發(fā)、部署、使用、維護(hù)與測(cè)試。

2規(guī)范性引用文件

下列文件中的內(nèi)容通過(guò)文中的規(guī)范性引用而構(gòu)成本文件必不可少的條款。其中,注日期的引用文

件,僅該日期對(duì)應(yīng)的版本適用于本文件;不注日期的引用文件,其最新版本(包括所有的修改單)適用

于本文件。

GB/T25069—2022信息安全技術(shù)術(shù)語(yǔ)

GB/T28451—2023信息安全技術(shù)網(wǎng)絡(luò)入侵防御產(chǎn)品技術(shù)規(guī)范

GB/T44810.1—2024IPv6網(wǎng)絡(luò)安全設(shè)備技術(shù)要求第1部分:防火墻

3術(shù)語(yǔ)和定義

GB/T25069—2022、GB/T28

溫馨提示

  • 1. 本站所提供的標(biāo)準(zhǔn)文本僅供個(gè)人學(xué)習(xí)、研究之用,未經(jīng)授權(quán),嚴(yán)禁復(fù)制、發(fā)行、匯編、翻譯或網(wǎng)絡(luò)傳播等,侵權(quán)必究。
  • 2. 本站所提供的標(biāo)準(zhǔn)均為PDF格式電子版文本(可閱讀打?。?,因數(shù)字商品的特殊性,一經(jīng)售出,不提供退換貨服務(wù)。
  • 3. 標(biāo)準(zhǔn)文檔要求電子版與印刷版保持一致,所以下載的文檔中可能包含空白頁(yè),非文檔質(zhì)量問(wèn)題。

最新文檔

評(píng)論

0/150

提交評(píng)論