This standard specifies the firewall in terms of security technical requirements, testing and evaluation approaches and security grade division.
This standard is applicable to design, development and testing of firewalls.
2 Normative References
The following documents for the application of this document are essential. Any dated reference, just dated edition applies to this document. For undated references, the latest edition of the normative document (including any amendments) applies.
GB/T 18336.3-2008 Information Technology - Security Techniques - Evaluation Criteria For IT Security - Part 3: Security Assurance Requirements
GB/T 25069-2010 Information Security Technology - Glossary
3 Terms and Definitions
For the purposes of this document, the terms and definitions established in GB/T 25069-2010 and the following ones apply.
3.1
Firewall
Security gateway products which are allocated among security domains to control and filter the access to network layer and with the function of application layer protocol analyses, control and contents testing, which are applicable to IPv4 and IPv6.
3.2
Deep packet inspection
It is based on flow testing and control technology of application layer and will obtain all the application program contents by reading IP packet loads and reconstructing the information of application layer and then it also deal with the contents depending on the policy of system definition.
3.3
Deep content inspection
It is able to make a deep analyses for application protocol, identifies all elements therein (such as HTTP protocol, specifically cookie, Get parameters and Post form) and all the protocol service (such as data contents included in the protocol or documents in the business system interaction) and then analyze quickly the data to restore the original communicating information. It also can test whether threat or sensitive contents are included based on the original information.
3.4
SQL injection
