摘要
2019年颁布的《信息安全技术网络安全等级保护基本要求(GB/T 22239-2019)》(信安字[2019]12号)[1]在原有《网络安全等级保护基本要求(GB/T 22239-2008)》(信安字[2007]12号)[2]基础上进行了修订,使之更加切合当今中国的网络环境。针对新修版中的网络和通信安全层面部分内容,如:通信传输、边界防护、访问控制、入侵防范、恶意代码和垃圾邮件防范等控制点安全测评进行了综述,分析了与旧版之间的区别和重要改变,并将今后网络和通信安全测评的主要方法和思路进行了总结。对等保2.0时代的网络和通信安全测评工作有一定的借鉴意义。
The newly promulgated Basic Requirements for Network Security Grade Protection of Information Security Technology in 2019 has been revised on the basis of the original Basic Requirements for Network Security Grade Protection, so as to make it more suitable for the network environment of China today. This paper reviews some aspects of network and communication security in the new edition, such as communication transmission, border protection, access control, intrusion prevention, malicious code and spam prevention, analyzes the differences and important changes between the old edition and the new edition, and summarizes the main methods and ideas of network and communication security evaluation in the future. The work of network and communication security evaluation staff in the era of peer-to-peer insurance 2.0 has certain reference significance.
作者
张珂
ZHANG Ke(Network Information Center,Shanxi Normal University,Xi'an 710062)
出处
《微型电脑应用》
2020年第1期130-133,共4页
Microcomputer Applications
关键词
网络安全
等级保护测评
网络及通信安全测评
Network security
Hierarchical protection evaluation
Network and communication security evaluation
