China certification: Cybersecurity product category updated

Critical Network equipment

1.Router

Entire system  throughput capacity (two-way)≥12Tbps

Entire system routing table capacity≥550,000 lines

2.Switch

Entire system  throughput capacity (two-way)≥30Tbps

Entire system packet forwarding rate≥10Gpps

3.Server (Rack mounted)

CPU number≥8

Single CPU core number≥14

Memory capacity≥256GB

4.Programmable Logic Controller (PLC)

Controller instruction execution time≤0.08 ms

Special network security product

1.Data backup integrated machine

Can back up and restore information system data, and

Products that manage the backup and recovery process.

2.Firewall

Analyze the data flow and access control

Products with safety protection functions.

3.Intrusion detection system (IDS)

Using data packets on the network as the data source, all data packets of the protected network node are monitored and analyzed to find abnormal behavior products.

4.Intrusion Prevention System (IPS)

It is deployed on a network path in the form of a bridge or gateway, detects network behaviors with intrusion characteristics by analyzing network traffic, and intercepts the products before they pass into the protected network.

5.Network and terminal isolation products

Security control points are established between different network terminals and network security domains to provide controllable access services between different network terminals and network security domains.

6.Anti-Spam Product

Software or combinations of software and hardware that can identify and process spam, including but not limited to anti-spam gateways, anti-spam systems, anti-spam software installed on mail servers, and anti-spam products integrated with mail servers.

7.Network security audit system

Records and activity data of networks, information systems and their components are collected and stored and analyzed to enable event traceability and the discovery of security breaches or anomalies.

8.network vulnerability scanning products 

Software or a combination of software and hardware that uses scanning to detect possible security weaknesses in a target network system.

9.security database system

A database system that follows a complete set of system security policies from all stages of system design, implementation, use and management, is designed to ensure data security at the database level.

10. Website data recovery products

Provide website data monitoring, anti-tampering, and data backup and recovery and other security functions of the product.

11. Virtual private network products

A product that establishes a dedicated secure transmission channel on a public communication infrastructure network such as an Internet link.

12. Antivirus gateway

The product is deployed between networks, analyzes the communication between the network layer and the application layer, and protects against viruses on the network based on predefined filtering rules and protection policies.

13.Unified threat management product (UTM)

A unified security policy integrates multiple security functions to comprehensively defend against security threats to networks and application systems.

14.Virus control products

Products used to detect or prevent the spread of malicious code and tampering, theft and destruction of host operating system applications and user files.

15. Secure operating system

The operating system from system design, implementation to use and other stages follow a complete set of security policies, the purpose is to ensure system security at the operating system level.

16. Secure network storage

A dedicated storage device connected to a server over a network based on different protocols.

17. Public key infrastructure

Support public key management system, provide authentication, encryption, integrity and undeniable service infrastructure.

18. Cybersecurity situational awareness products

By collecting network traffic, asset information, logs, vulnerability information, alarm information, threat information and other data, analyzing and processing network behavior and user behavior and other factors, grasp the network security status, predict the network security trend, and display, monitor and warn the product.

19. Information system security management platform

The platform implements unified management of the security policy of information system and the security mechanism of the secure computing environment, security zone boundary and secure communication network that execute the policy.

20. Network-based flow control products

A traffic management system that monitors traffic and controls bandwidth on the network in the security domain.

21. Load balancing product

It provides link load balancing, server load balancing, network traffic optimization, and intelligent processing.

22. Information filtering products

Text, pictures and other network information screening control products.

23.Denial of service attack resistant products

Products used to identify and intercept denial of service attacks and ensure system availability.

24.Terminal access control products

The product provides the access control function for terminals that access the network.

25. USB mobile storage media management system

The mobile storage device uses identity authentication, access control, and audit mechanisms to implement trusted access between the mobile storage device and host devices.

26. File encryption product

Protects data stored in files from attackers and ensures data security.

27.Data breach protection products

By controlling and auditing the main channels for the output of sensitive information inside the security zone, it prevents unauthorized disclosure of sensitive information inside the security zone.

28.Data destruction software products

Information technology is used to clear the underlying data at the logical level and completely destroy the products of the data carried by the storage media.

29. Security configuration Check the product

The product detects asset security configuration and analyzes asset compliance based on security configuration requirements, and generates security configuration suggestions and compliance reports.

30. Operation and maintenance security management products

The product implements single sign-on, centralized authorization, centralized management, and audit during the maintenance of important information system assets.

31.Log analysis product

A security product that collects log data from information systems and performs centralized storage and analysis.

32. Identity authentication product

Products that require users to provide identification information based on electronic information or biological information to confirm the identity of users of the application system.

33. Terminal security monitoring products

Monitor and control terminal security to detect and block unauthorized use of system and network resources.

34.Electronic document security management products

By creating or converting secure electronic documents into secure electronic documents, you can manage, monitor, and audit secure electronic documents in a unified manner.