ICS

33.040.40

CCS

M32

中華人民共和國國家標準

GB/T44810.3—2024

IPv6網絡安全設備技術要求

第3部分:入侵防御系統(IPS)

TechnicalrequirementforIPv6networksecurityequipment—

Part3:Instrusionpreventionsystem(IPS)

2024-10-26發布2025-02-01實施

國家市場監督管理總局發布

國家標準化管理委員會

GB/T44810.3—2024

目次

前言

·····································································································

Ⅲ

引言

·····································································································

Ⅳ

1

范圍

··································································································

1

2

規范性引用文件

······················································································

1

3

術語和定義

···························································································

1

4

縮略語

································································································

1

5

功能性要求

···························································································

2

5.1

數據監測

·························································································

2

5.1.1數據收集5.1.1

···············································································

2

5.1.2協議分析

····················································································

2

5.1.3行為監測

····················································································

2

5.1.4流量監測

····················································································

2

5.1.5流量過濾

····················································································

2

5.2

入侵分析

·························································································

2

5.2.1數據分析

····················································································

2

5.2.2入侵取證

····················································································

2

5.2.3攻擊防護

····················································································

2

拒絕服務攻擊防護

······································································

2

漏洞攻擊防護

···········································································

3

Web攻擊防護

··········································································

3

僵木蠕攻擊防護

········································································

3

自動化攻擊威脅防護

····································································

3

攻擊逃逸防護

···········································································

4

外部系統協同防護

······································································

4

威脅情報庫

·············································································

4

5.3

入侵響應

·························································································

4

5.4

管理控制

·························································································

4

5.5

檢測結果處理

····················································································

4

5.6

安全策略

·························································································

4

5.7

異常應急處置

····················································································

4

6

性能要求

······························································································

4

6.1

網絡層吞吐量

····················································································

4

6.2

混合應用層吞吐量

···············································································

4

6.3

TCP新建連接速率

··············································································

4

Ⅰ

GB/T44810.3—2024

6.4

TCP并發連接數

·················································································

5

6.5

誤攔截率

·························································································

5

6.6

漏攔截率

·························································································

5

7

兼容性要求

···························································································

5

8

可靠性要求

···························································································

5

9

自身安全性要求

······················································································

5

參考文獻

··································································································

6

Ⅱ

GB/T44810.3—2024

前言

本文件按照GB/T1.1—2020《標準化工作導則第1部分：標準化文件的結構和起草規則》的規

定起草。

本文件是GB/T44810《IPv6網絡安全設備技術要求》的第3部分。GB/T44810已經發布了以下

部分：

—第1部分：防火墻；

—第2部分：Web應用防護系統（WAF）；

—第3部分：入侵防御系統（IPS）。

請注意本文件的某些內容可能涉及專利。本文件的發布機構不承擔識別專利的責任。

本文件由中華人民共和國工業和信息化部提出。

本文件由全國通信標準化技術委員會（SAC/TC485）歸口。

本文件起草單位：中國信息通信研究院、華為技術有限公司、北京神州綠盟科技有限公司、北京天

融信網絡安全技術有限公司、鄭州信大捷安信息技術股份有限公司、北京浩瀚深度信息技術股份有限公

司、國家計算機網絡應急技術處理協調中心、中國電信集團有限公司、天翼安全科技有限公司、杭州迪

普科技股份有限公司、北京通和實益電信科學技術研究所有限公司、國家工業信息安全發展研究中心、

中國福利會國際和平婦幼保健院、北京元支點信息安全技術有限公司、新華三技術有限公司、深圳大

學、北京可信華泰信息技術有限公司、杭州安恒信息技術股份有限公司。

本文件主要起草人：董悅、戴方芳、王雨晨、李翔、陳宏偉、趙粵征、畢程、王龑、劉為華、

龐韶敏、陳陸穎、石桂欣、嚴寒冰、康和、龔超、吳慶、左虹、路云鵬、王欣萍、程曦、余果、

陳昌杰、季新華、楊志衛、史晨偉、萬曉蘭、杜君、段古納、田麗丹。

Ⅲ

GB/T44810.3—2024

引言

根據《關于加快推進互聯網協議第六版（IPv6）規模部署和應用工作的通知》，為更好面對網絡復

雜化和用戶規模擴大化帶來的安全挑戰，推動IPv6網絡安全工作的標準化，我國制定了一系列IPv6安

全標準。其中，GB/T44810《IPv6網絡安全設備技術要求》是為規范在IPv6中網絡安全產品的適用性

的技術標準，擬由三個部分構成。

—第1部分：防火墻。目的在于IPv6部署后，保障防火墻在新的網絡環境中的有效應用。

—第2部分：Web應用防護系統（WAF）。目的在于IPv6部署后，保障Web應用防護系統

（WAF）在新的網絡環境中的有效應用。

—第3部分：入侵防御系統（IPS）。目的在于IPv6部署后，保障入侵防御系統（IPS）在新的網

絡環境中的有效應用。

Ⅳ

GB/T44810.3—2024

IPv6網絡安全設備技術要求

第3部分:入侵防御系統(IPS)

1范圍

本文件規定了支持IPv6的入侵防御系統的安全技術要求。

本文件適用于支持IPv6的入侵防御系統的設計、開發、部署、使用、維護與測試。

2規范性引用文件

下列文件中的內容通過文中的規范性引用而構成本文件必不可少的條款。其中，注日期的引用文

件，僅該日期對應的版本適用于本文件；不注日期的引用文件，其最新版本（包括所有的修改單）適用

于本文件。

GB/T25069—2022信息安全技術術語

GB/T28451—2023信息安全技術網絡入侵防御產品技術規范

GB/T44810.1—2024IPv6網絡安全設備技術要求第1部分：防火墻

3術語和定義

GB/T25069—2022、GB/T28