标准解读
《GB/T 44810.3-2024 IPv6 网络安全设备技术要求 第3部分:入侵防御系统(IPS)》主要针对IPv6环境下,入侵防御系统的功能、性能及安全性提出了具体的技术要求。该标准旨在确保在网络环境中能够有效检测并阻止恶意流量或攻击行为,保护网络资源不受侵害。
首先,在功能方面,标准明确了入侵防御系统需要支持的基本特性,包括但不限于基于签名的检测机制、异常流量分析能力以及对已知漏洞利用尝试的识别。此外,还强调了对于复杂多变威胁环境下的自适应学习和响应能力的重要性,使得系统不仅能够应对当前存在的威胁模式,还能通过不断更新规则库来抵御新出现的安全风险。
其次,性能指标上,《GB/T 44810.3-2024》规定了IPS在处理大规模数据流时应达到的速度与效率水平,比如最大吞吐量、并发连接数等关键参数,并且考虑到实际部署场景中可能遇到的各种条件限制(如带宽利用率),提出了相应的测试方法以验证产品是否满足这些要求。
再者,安全性方面,本标准特别关注于如何增强IPS自身的防护措施,防止其成为攻击目标或被用作发动进一步攻击的跳板。为此,除了常规的安全配置选项外,还建议采用加密通信协议保护管理接口,实施严格的访问控制策略,并定期进行软件更新以修补潜在的安全漏洞。
最后,文档还涉及到兼容性问题,指出入侵防御系统需良好地支持IPv6协议栈,同时保持与现有IPv4基础设施之间的互操作性,确保平稳过渡到全IPV6环境而不影响现有服务。此外,也鼓励制造商遵循开放标准开发API接口,便于与其他网络安全解决方案集成,共同构建更加完善的企业级防护体系。
如需获取更多详尽信息,请直接参考下方经官方授权发布的权威标准文档。
....
查看全部
- 现行
- 正在执行有效
- 2024-10-26 颁布
- 2025-02-01 实施
文档简介
ICS
33.040.40
CCS
M32
中华人民共和国国家标准
GB/T44810.3—2024
IPv6网络安全设备技术要求
第3部分:入侵防御系统(IPS)
TechnicalrequirementforIPv6networksecurityequipment—
Part3:Instrusionpreventionsystem(IPS)
2024-10-26发布2025-02-01实施
国家市场监督管理总局发布
国家标准化管理委员会
GB/T44810.3—2024
目次
前言
·····································································································
Ⅲ
引言
·····································································································
Ⅳ
1
范围
··································································································
1
2
规范性引用文件
······················································································
1
3
术语和定义
···························································································
1
4
缩略语
································································································
1
5
功能性要求
···························································································
2
5.1
数据监测
·························································································
2
5.1.1数据收集5.1.1
···············································································
2
5.1.2协议分析
····················································································
2
5.1.3行为监测
····················································································
2
5.1.4流量监测
····················································································
2
5.1.5流量过滤
····················································································
2
5.2
入侵分析
·························································································
2
5.2.1数据分析
····················································································
2
5.2.2入侵取证
····················································································
2
5.2.3攻击防护
····················································································
2
拒绝服务攻击防护
······································································
2
漏洞攻击防护
···········································································
3
Web攻击防护
··········································································
3
僵木蠕攻击防护
········································································
3
自动化攻击威胁防护
····································································
3
攻击逃逸防护
···········································································
4
外部系统协同防护
······································································
4
威胁情报库
·············································································
4
5.3
入侵响应
·························································································
4
5.4
管理控制
·························································································
4
5.5
检测结果处理
····················································································
4
5.6
安全策略
·························································································
4
5.7
异常应急处置
····················································································
4
6
性能要求
······························································································
4
6.1
网络层吞吐量
····················································································
4
6.2
混合应用层吞吐量
···············································································
4
6.3
TCP新建连接速率
··············································································
4
Ⅰ
GB/T44810.3—2024
6.4
TCP并发连接数
·················································································
5
6.5
误拦截率
·························································································
5
6.6
漏拦截率
·························································································
5
7
兼容性要求
···························································································
5
8
可靠性要求
···························································································
5
9
自身安全性要求
······················································································
5
参考文献
··································································································
6
Ⅱ
GB/T44810.3—2024
前言
本文件按照GB/T1.1—2020《标准化工作导则第1部分:标准化文件的结构和起草规则》的规
定起草。
本文件是GB/T44810《IPv6网络安全设备技术要求》的第3部分。GB/T44810已经发布了以下
部分:
—第1部分:防火墙;
—第2部分:Web应用防护系统(WAF);
—第3部分:入侵防御系统(IPS)。
请注意本文件的某些内容可能涉及专利。本文件的发布机构不承担识别专利的责任。
本文件由中华人民共和国工业和信息化部提出。
本文件由全国通信标准化技术委员会(SAC/TC485)归口。
本文件起草单位:中国信息通信研究院、华为技术有限公司、北京神州绿盟科技有限公司、北京天
融信网络安全技术有限公司、郑州信大捷安信息技术股份有限公司、北京浩瀚深度信息技术股份有限公
司、国家计算机网络应急技术处理协调中心、中国电信集团有限公司、天翼安全科技有限公司、杭州迪
普科技股份有限公司、北京通和实益电信科学技术研究所有限公司、国家工业信息安全发展研究中心、
中国福利会国际和平妇幼保健院、北京元支点信息安全技术有限公司、新华三技术有限公司、深圳大
学、北京可信华泰信息技术有限公司、杭州安恒信息技术股份有限公司。
本文件主要起草人:董悦、戴方芳、王雨晨、李翔、陈宏伟、赵粤征、毕程、王龑、刘为华、
庞韶敏、陈陆颖、石桂欣、严寒冰、康和、龚超、吴庆、左虹、路云鹏、王欣萍、程曦、余果、
陈昌杰、季新华、杨志卫、史晨伟、万晓兰、杜君、段古纳、田丽丹。
Ⅲ
GB/T44810.3—2024
引言
根据《关于加快推进互联网协议第六版(IPv6)规模部署和应用工作的通知》,为更好面对网络复
杂化和用户规模扩大化带来的安全挑战,推动IPv6网络安全工作的标准化,我国制定了一系列IPv6安
全标准。其中,GB/T44810《IPv6网络安全设备技术要求》是为规范在IPv6中网络安全产品的适用性
的技术标准,拟由三个部分构成。
—第1部分:防火墙。目的在于IPv6部署后,保障防火墙在新的网络环境中的有效应用。
—第2部分:Web应用防护系统(WAF)。目的在于IPv6部署后,保障Web应用防护系统
(WAF)在新的网络环境中的有效应用。
—第3部分:入侵防御系统(IPS)。目的在于IPv6部署后,保障入侵防御系统(IPS)在新的网
络环境中的有效应用。
Ⅳ
GB/T44810.3—2024
IPv6网络安全设备技术要求
第3部分:入侵防御系统(IPS)
1范围
本文件规定了支持IPv6的入侵防御系统的安全技术要求。
本文件适用于支持IPv6的入侵防御系统的设计、开发、部署、使用、维护与测试。
2规范性引用文件
下列文件中的内容通过文中的规范性引用而构成本文件必不可少的条款。其中,注日期的引用文
件,仅该日期对应的版本适用于本文件;不注日期的引用文件,其最新版本(包括所有的修改单)适用
于本文件。
GB/T25069—2022信息安全技术术语
GB/T28451—2023信息安全技术网络入侵防御产品技术规范
GB/T44810.1—2024IPv6网络安全设备技术要求第1部分:防火墙
3术语和定义
GB/T25069—2022、GB/T28
温馨提示
- 1. 本站所提供的标准文本仅供个人学习、研究之用,未经授权,严禁复制、发行、汇编、翻译或网络传播等,侵权必究。
- 2. 本站所提供的标准均为PDF格式电子版文本(可阅读打印),因数字商品的特殊性,一经售出,不提供退换货服务。
- 3. 标准文档要求电子版与印刷版保持一致,所以下载的文档中可能包含空白页,非文档质量问题。
最新文档
- 2025年度新能源汽车充电桩安装承包合同
- 2025年度生物制药工艺保密协议
- 2025年血液灌流吸附器项目建议书
- 2025年度海上石油钻井平台运输与维护服务合同
- 品牌创新过程中的团队协作计划
- 仓库退货管理的改进方案计划
- 主管工作总结的绩效任务安排计划
- 志愿者活动中的个人成长计划
- 市场营销活动的经验与教训计划
- 2025年种植施肥机械项目建议书
- 2025年高考语文复习知识清单第十章作文专题11:漫画作文写作指导(学生版+解析)
- 中国肥胖及代谢疾病外科治疗指南(2024版)
- 二年级上册100以内进位加法竖式计算题100道及答案
- 高三英语语法填空专项训练100(附答案)及解析
- 2024年湖南省长沙市中考数学试题(含解析)
- 井控培训考试题及答案
- 幼儿园 中班心理健康《我会倾诉》
- 贵州省遵义市数学小升初试卷及解答参考(2024-2025学年)
- 【课件】2024-2025学年高一上学期英语开学第一课课件
- 微积分试卷及规范标准答案6套
- 专题04 地质地貌-备战2025年高考地理真题题源解密(新高考用)(解析版)
评论
0/150
提交评论