Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This document is developed in accordance with the rules given in GB/T 1.1-2020 Directives for standardization - Part 1: Rules for the structure and drafting of standardizing documents.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the Ministry of Industry and Information Technology of the People's Republic of China.
Critical network devices security common requirements
1 Scope
This document specifies the common security function requirements and security assurance requirements of the critical network devices.
This document is applicable to the critical network devices, which can provide a basis for network operators to purchase the critical network devices, and is also applicable to guide the research and development and testing of the critical network devices.
2 Normative references
The following documents contain provisions which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 25069 Information security technology - Glossary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 25069 and the following apply.
3.1
component
module or assembly consisting of several parts and capable of realizing specific functions
3.2
malicious program
program specially designed to attack a system, damage or destroy the system’s confidentiality, integrity or availability
Note: Common malicious programs include viruses, worms, Trojans, spyware, etc.
3.3
vulnerability
weaknesses in assets or controls that may be used by a threat
[Source: GB/T 29246-2017, 2.89, modified]
3.4
sensitive data
data that may endanger network security once leaked, illegally provided or abused
Note: Common sensitive data of critical network device includes passwords, keys, critical configuration information, etc.
3.5
robustness
the degree to which the functions of critical network device or component can keep operating correctly under invalid data input or high-intensity input environment
[Source: GB/T 28457-2012, 3.8, modified]
3.6
private protocol
protocol which is dedicated and uncommon
3.7
critical network device
device that supports networking function and has high performance among similar network devices, which is usually used in important network nodes, important parts or important systems, and may cause major network security risks once damaged
Note: High performance means that the performance index or specification of the device meets the range specified in the Catalogue of critical network devices and special network security products.
3.8
abnormal packet
various packets that fail to meet the standard requirements
3.9
user
user who configures, monitors and maintains the critical network device
3.10
pre-installed software
software installed or provided before device delivery and necessary to ensure the normal use of the device
Note: There are differences in pre-installed software for different types of devices. Pre-installed software for routers and switches usually includes boot firmware and system software, etc., that for servers usually includes out-of-band management software, etc.
4 Abbreviation
For the purposes of this document, the following abbreviations apply.
HTTP Hypertext Transfer Protocol
IP Internet Protocol
MAC Media Access Control
SNMP Simple Network Management Protocol
SSH Secure Shell
TCP Transmission Control Protocol
UDP User Datagram Protocol
5 Security functional requirements
5.1 Device identification security
The identification of critical network device shall meet the following requirements.
a) The complete hardware and main components shall have unique identification.
Note 1: The main components of routers and switches: main control panel card, service board card, switching network board, fan module, power supply, board card of storage system software, hard disk or flash memory card, etc. The main components of servers are: CPU, hard disk, memory, fan module, power supply, etc.
Note 2: Common unique identification method: serial number, etc.
b) Unique identification shall be made for different versions of pre-installed software, service pack/upgrade patch.
Note 3: Common unique identification methods for version: version number, etc.
5.2 Redundancy, backup recovery and anomaly detection
The redundancy, backup recovery and anomaly detection functions of critical network device shall meet the following safety requirements.
a) The complete machine shall support the main/standby switching function, or its critical components shall support the redundancy function. It shall be provided with automatic switching function. If the device or critical components are in abnormal operating state, it shall be switched to redundant device or redundant components to reduce security risks.
Note: The critical components of routers and switches supporting redundancy function: main control panel card, switching network board, power supply module, fan module, etc. The common critical components of servers supporting redundant function: hard disk, power supply module, fan module, etc.
b) It shall support backup and recovery functions for pre-installed software and configuration files, and support the integrity check of pre-installed software and configuration files when using recovery function.
c) It shall support the identification of abnormal state and generate prompt information for relevant errors.
5.3 Prevention of vulnerabilities and malicious programs
Critical network device shall meet the following requirements for preventing vulnerabilities and malicious programs.
a) It shall have no published vulnerabilities, or shall have remedial measures to prevent vulnerability security risks.
b) The pre-installed software, service pack/upgrade patch shall have no malicious programs.
c) It shall have no undeclared functions and access interfaces (including remote commissioning interfaces).
5.4 Startup and update security of pre-installed software
The pre-installed software startup and update function of critical network device shall meet the following security requirements.
a) It shall support the integrity check function at startup to ensure that the system software is not tampered with.
b) It shall support the update function of pre-installed software for device.
c) It shall have the function to ensure the security of software update operation.
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviation
5 Security functional requirements
5.1 Device identification security
5.2 Redundancy, backup recovery and anomaly detection
5.3 Prevention of vulnerabilities and malicious programs
5.4 Startup and update security of pre-installed software
5.5 User identification and authentication
5.6 Access control security
5.7 Log audit security
5.8 Communication security
5.9 Data security
5.10 Cryptographic requirements
6 Security assurance requirements
6.1 Design and development
6.2 Production and delivery
6.3 Operation and maintenance
Bibliography
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This document is developed in accordance with the rules given in GB/T 1.1-2020 Directives for standardization - Part 1: Rules for the structure and drafting of standardizing documents.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the Ministry of Industry and Information Technology of the People's Republic of China.
Critical network devices security common requirements
1 Scope
This document specifies the common security function requirements and security assurance requirements of the critical network devices.
This document is applicable to the critical network devices, which can provide a basis for network operators to purchase the critical network devices, and is also applicable to guide the research and development and testing of the critical network devices.
2 Normative references
The following documents contain provisions which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 25069 Information security technology - Glossary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 25069 and the following apply.
3.1
component
module or assembly consisting of several parts and capable of realizing specific functions
3.2
malicious program
program specially designed to attack a system, damage or destroy the system’s confidentiality, integrity or availability
Note: Common malicious programs include viruses, worms, Trojans, spyware, etc.
3.3
vulnerability
weaknesses in assets or controls that may be used by a threat
[Source: GB/T 29246-2017, 2.89, modified]
3.4
sensitive data
data that may endanger network security once leaked, illegally provided or abused
Note: Common sensitive data of critical network device includes passwords, keys, critical configuration information, etc.
3.5
robustness
the degree to which the functions of critical network device or component can keep operating correctly under invalid data input or high-intensity input environment
[Source: GB/T 28457-2012, 3.8, modified]
3.6
private protocol
protocol which is dedicated and uncommon
3.7
critical network device
device that supports networking function and has high performance among similar network devices, which is usually used in important network nodes, important parts or important systems, and may cause major network security risks once damaged
Note: High performance means that the performance index or specification of the device meets the range specified in the Catalogue of critical network devices and special network security products.
3.8
abnormal packet
various packets that fail to meet the standard requirements
3.9
user
user who configures, monitors and maintains the critical network device
3.10
pre-installed software
software installed or provided before device delivery and necessary to ensure the normal use of the device
Note: There are differences in pre-installed software for different types of devices. Pre-installed software for routers and switches usually includes boot firmware and system software, etc., that for servers usually includes out-of-band management software, etc.
4 Abbreviation
For the purposes of this document, the following abbreviations apply.
HTTP Hypertext Transfer Protocol
IP Internet Protocol
MAC Media Access Control
SNMP Simple Network Management Protocol
SSH Secure Shell
TCP Transmission Control Protocol
UDP User Datagram Protocol
5 Security functional requirements
5.1 Device identification security
The identification of critical network device shall meet the following requirements.
a) The complete hardware and main components shall have unique identification.
Note 1: The main components of routers and switches: main control panel card, service board card, switching network board, fan module, power supply, board card of storage system software, hard disk or flash memory card, etc. The main components of servers are: CPU, hard disk, memory, fan module, power supply, etc.
Note 2: Common unique identification method: serial number, etc.
b) Unique identification shall be made for different versions of pre-installed software, service pack/upgrade patch.
Note 3: Common unique identification methods for version: version number, etc.
5.2 Redundancy, backup recovery and anomaly detection
The redundancy, backup recovery and anomaly detection functions of critical network device shall meet the following safety requirements.
a) The complete machine shall support the main/standby switching function, or its critical components shall support the redundancy function. It shall be provided with automatic switching function. If the device or critical components are in abnormal operating state, it shall be switched to redundant device or redundant components to reduce security risks.
Note: The critical components of routers and switches supporting redundancy function: main control panel card, switching network board, power supply module, fan module, etc. The common critical components of servers supporting redundant function: hard disk, power supply module, fan module, etc.
b) It shall support backup and recovery functions for pre-installed software and configuration files, and support the integrity check of pre-installed software and configuration files when using recovery function.
c) It shall support the identification of abnormal state and generate prompt information for relevant errors.
5.3 Prevention of vulnerabilities and malicious programs
Critical network device shall meet the following requirements for preventing vulnerabilities and malicious programs.
a) It shall have no published vulnerabilities, or shall have remedial measures to prevent vulnerability security risks.
b) The pre-installed software, service pack/upgrade patch shall have no malicious programs.
c) It shall have no undeclared functions and access interfaces (including remote commissioning interfaces).
5.4 Startup and update security of pre-installed software
The pre-installed software startup and update function of critical network device shall meet the following security requirements.
a) It shall support the integrity check function at startup to ensure that the system software is not tampered with.
b) It shall support the update function of pre-installed software for device.
c) It shall have the function to ensure the security of software update operation.
Contents of GB 40050-2021
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviation
5 Security functional requirements
5.1 Device identification security
5.2 Redundancy, backup recovery and anomaly detection
5.3 Prevention of vulnerabilities and malicious programs
5.4 Startup and update security of pre-installed software
5.5 User identification and authentication
5.6 Access control security
5.7 Log audit security
5.8 Communication security
5.9 Data security
5.10 Cryptographic requirements
6 Security assurance requirements
6.1 Design and development
6.2 Production and delivery
6.3 Operation and maintenance
Bibliography