GB/T 44810.3-2024 IPv6 网络安全设备技术要求 第3部分:入侵防御系统(IPS)
GB/T 44810.3-2024 Technical requirement for IPv6 network security equipment—Part 3:Instrusion prevention system(IPS)
基本信息
本文件适用于支持IPv6 的入侵防御系统的设计、开发、部署、使用、维护与测试。
发布历史
-
2024年10月
文前页预览
研制信息
- 起草单位:
- 中国信息通信研究院、华为技术有限公司、北京神州绿盟科技有限公司、北京天融信网络安全技术有限公司、郑州信大捷安信息技术股份有限公司、北京浩瀚深度信息技术股份有限公司、国家计算机网络应急技术处理协调中心、中国电信集团有限公司、天翼安全科技有限公司、杭州迪普科技股份有限公司、北京通和实益电信科学技术研究所有限公司、国家工业信息安全发展研究中心、中国福利会国际和平妇幼保健院、北京元支点信息安全技术有限公司、新华三技术有限公司、深圳大学、北京可信华泰信息技术有限公司、杭州安恒信息技术股份有限公司
- 起草人:
- 董悦、戴方芳、王雨晨、李翔、陈宏伟、赵粤征、毕程、王龑、刘为华、庞韶敏、陈陆颖、石桂欣、严寒冰、康和、龚超、吴庆、左虹、路云鹏、王欣萍、程曦、余果、陈昌杰、季新华、杨志卫、史晨伟、万晓兰、杜君、段古纳、田丽丹
- 出版信息:
- 页数:16页 | 字数:17 千字 | 开本: 大16开
内容描述
ICS
33.040.40
CCS
M32
中华人民共和国国家标准
GB/T44810.3—2024
IPv6网络安全设备技术要求
第3部分:入侵防御系统(IPS)
TechnicalrequirementforIPv6networksecurityequipment—
Part3:Instrusionpreventionsystem(IPS)
2024-10-26发布2025-02-01实施
国家市场监督管理总局发布
国家标准化管理委员会
GB/T44810.3—2024
目次
前言
·····································································································
Ⅲ
引言
·····································································································
Ⅳ
1
范围
··································································································
1
2
规范性引用文件
······················································································
1
3
术语和定义
···························································································
1
4
缩略语
································································································
1
5
功能性要求
···························································································
2
5.1
数据监测
·························································································
2
5.1.1数据收集5.1.1
···············································································
2
5.1.2协议分析
····················································································
2
5.1.3行为监测
····················································································
2
5.1.4流量监测
····················································································
2
5.1.5流量过滤
····················································································
2
5.2
入侵分析
·························································································
2
5.2.1数据分析
····················································································
2
5.2.2入侵取证
····················································································
2
5.2.3攻击防护
····················································································
2
拒绝服务攻击防护
······································································
2
漏洞攻击防护
···········································································
3
Web攻击防护
··········································································
3
僵木蠕攻击防护
········································································
3
自动化攻击威胁防护
····································································
3
攻击逃逸防护
···········································································
4
外部系统协同防护
······································································
4
威胁情报库
·············································································
4
5.3
入侵响应
·························································································
4
5.4
管理控制
·························································································
4
5.5
检测结果处理
····················································································
4
5.6
安全策略
·························································································
4
5.7
异常应急处置
····················································································
4
6
性能要求
······························································································
4
6.1
网络层吞吐量
····················································································
4
6.2
混合应用层吞吐量
···············································································
4
6.3
TCP新建连接速率
··············································································
4
Ⅰ
GB/T44810.3—2024
6.4
TCP并发连接数
·················································································
5
6.5
误拦截率
·························································································
5
6.6
漏拦截率
·························································································
5
7
兼容性要求
···························································································
5
8
可靠性要求
···························································································
5
9
自身安全性要求
······················································································
5
参考文献
··································································································
6
Ⅱ
GB/T44810.3—2024
前言
本文件按照GB/T1.1—2020《标准化工作导则第1部分:标准化文件的结构和起草规则》的规
定起草。
本文件是GB/T44810《IPv6网络安全设备技术要求》的第3部分。GB/T44810已经发布了以下
部分:
—第1部分:防火墙;
—第2部分:Web应用防护系统(WAF);
—第3部分:入侵防御系统(IPS)。
请注意本文件的某些内容可能涉及专利。本文件的发布机构不承担识别专利的责任。
本文件由中华人民共和国工业和信息化部提出。
本文件由全国通信标准化技术委员会(SAC/TC485)归口。
本文件起草单位:中国信息通信研究院、华为技术有限公司、北京神州绿盟科技有限公司、北京天
融信网络安全技术有限公司、郑州信大捷安信息技术股份有限公司、北京浩瀚深度信息技术股份有限公
司、国家计算机网络应急技术处理协调中心、中国电信集团有限公司、天翼安全科技有限公司、杭州迪
普科技股份有限公司、北京通和实益电信科学技术研究所有限公司、国家工业信息安全发展研究中心、
中国福利会国际和平妇幼保健院、北京元支点信息安全技术有限公司、新华三技术有限公司、深圳大
学、北京可信华泰信息技术有限公司、杭州安恒信息技术股份有限公司。
本文件主要起草人:董悦、戴方芳、王雨晨、李翔、陈宏伟、赵粤征、毕程、王龑、刘为华、
庞韶敏、陈陆颖、石桂欣、严寒冰、康和、龚超、吴庆、左虹、路云鹏、王欣萍、程曦、余果、
陈昌杰、季新华、杨志卫、史晨伟、万晓兰、杜君、段古纳、田丽丹。
Ⅲ
GB/T44810.3—2024
引言
根据《关于加快推进互联网协议第六版(IPv6)规模部署和应用工作的通知》,为更好面对网络复
杂化和用户规模扩大化带来的安全挑战,推动IPv6网络安全工作的标准化,我国制定了一系列IPv6安
全标准。其中,GB/T44810《IPv6网络安全设备技术要求》是为规范在IPv6中网络安全产品的适用性
的技术标准,拟由三个部分构成。
—第1部分:防火墙。目的在于IPv6部署后,保障防火墙在新的网络环境中的有效应用。
—第2部分:Web应用防护系统(WAF)。目的在于IPv6部署后,保障Web应用防护系统
(WAF)在新的网络环境中的有效应用。
—第3部分:入侵防御系统(IPS)。目的在于IPv6部署后,保障入侵防御系统(IPS)在新的网
络环境中的有效应用。
Ⅳ
GB/T44810.3—2024
IPv6网络安全设备技术要求
第3部分:入侵防御系统(IPS)
1范围
本文件规定了支持IPv6的入侵防御系统的安全技术要求。
本文件适用于支持IPv6的入侵防御系统的设计、开发、部署、使用、维护与测试。
2规范性引用文件
下列文件中的内容通过文中的规范性引用而构成本文件必不可少的条款。其中,注日期的引用文
件,仅该日期对应的版本适用于本文件;不注日期的引用文件,其最新版本(包括所有的修改单)适用
于本文件。
GB/T25069—2022信息安全技术术语
GB/T28451—2023信息安全技术网络入侵防御产品技术规范
GB/T44810.1—2024IPv6网络安全设备技术要求第1部分:防火墙
3术语和定义
GB/T25069—2022、GB/T28451—2023界定的以及下列术语和定义适用于本文件。
3.1
安全事件incident
对网络和信息系统或者其中的数据造成危害的事件。
4缩略语
下列缩略语适用于本文件。
API:应用程序编程接口(ApplicationProgrammingInterface)
CC:挑战黑洞(ChallengeCollapsar)
CSRF:跨站请求伪造(Cross﹘siterequestforgery)
DNS:域名系统(DomainNameSystem)
HTTP:超文本传输协议(HypertextTransferProtocol)
HTTPS:安全超文本传输协议(HypertextTransferProtocolSecure)
ICMP:网间控制报文协议(InternetControlMessagesProtocol)
IP:互联网协议(InternetProtocol)
IPv6:互联网协议第六版(InternetProtocolVersion6)
NDP:邻居发现协议(NeighborDiscoveryProtocol)
SIP:会话初始协议(SessioninitializationProtocol)
SQL:结构化查询语言(StructuredQueryLanguage)
TCP:传输控制协议(TransportControlProtocol)
UDP:用户数据报协议(UserDatagramProtocol)
1
定制服务
推荐标准
- DB5107/T 124-2023 饲用麦类作物栽培技术规范 2023-07-13
- DB37/T 5000.3-2023 《建设工程优质结构评价标准 第三部分:交通工程》 2023-07-03
- DB5107/T 126-2023 山区马铃薯原原种一年两季繁育技术规程 2023-07-13
- DB5107/T 125-2023 设施番茄水肥一体化栽培技术规范 2023-07-13
- DB5107/T 123-2023 珠芽魔芋种植技术规程 2023-07-13
- DB37/T 5252-2023 《房屋建筑施工扬尘防治技术规程》 2023-07-03
- DB5107/T 130-2023 附子优质种根繁育技术规程 2023-07-13
- DB37/T 5000.4-2023 《建设工程优质结构评价标准第四部分:水利工程》 2023-07-03
- DB5107/T 127-2023 丘陵区麦(油)茬杂交稻节水保肥栽培技术规程 2023-07-13
- DB5107/T 129-2023 工业专用高芥酸油菜全程机械化栽培技术规程 2023-07-13