ISO/IEC 27033-4:2014 信息技术 安全技术 网络安全 第4部分：使用安全网关的网络间的安全通信

标准编号：ISO/IEC 27033-4:2014

中文名称：信息技术 安全技术 网络安全 第4部分：使用安全网关的网络间的安全通信

英文名称：Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways

发布日期：2014-03

标准范围

ISO/IEC 27033-4:20 14提供了使用安全网关（防火墙、应用防火墙、入侵防护系统等）根据安全网关的文档化信息安全策略保护网络之间通信的指南，包括:识别和分析与安全网关相关联的网络安全威胁；基于威胁分析定义安全网关的网络安全需求；使用用于设计和实现的技术来解决与典型网络场景相关联的威胁和控制方面；和解决与实施、操作、监控和审查网络安全网关控制相关的问题。

ISO/IEC 27033-4:2014 gives guidance for securing communications between networks using security gateways (firewall, application firewall, Intrusion Protection System, etc.) in accordance with a documented information security policy of the security gateways, including:

1. identifying and analysing network security threats associated with security gateways;
2. defining network security requirements for security gateways based on threat analysis;
3. using techniques for design and implementation to address the threats and control aspects associated with typical network scenarios; and
4. addressing issues associated with implementing, operating, monitoring and reviewing network security gateway controls.

标准预览图