JSS2018D009Q
3
5
5
6
7
7
9
9
9
10
10
10
11
11
12
13
45
45
45
45
47
50
50
51
61
64
1
1
JSS2018D009Q
1
1
260
2 :
1.
2.
3.
4. (www.creditchina.gov.cn)(www.ccgp.gov.cn)
3
www.zjzfcg.gov.cnwww.jsztb.org
4
20183130900
1.
2. 20183130900
5
25000 [email protected]
3922628784630570-4962111
201839235959
6
1. [200928]
2. 0570-4033197
5
3. [2011]1816%[2017]1416%
7
13567011466
0570-4031937
9
2018212
4 64
http://www.jsztb.org/
2
1
1.
2.
3.
260
4.
5.
90
6.
3922628784630570-4962111201839235959
7.
8.
201831309:00:00
9.
10.
201831309:00:00
11.
7
12.
13.
5
14.
10%
15.
7
16.
2
1.
2.
2.1
2.2
2.3
2.4
2.5
2.6
3.
4.
5.
6.
7.
,
8.
8.1
8.2
8.3
8.4
8.5 ,,49
9. [2011]1816%
[2011]300
3
10.
10.1
10.2
10.3
10.4
10.5
10.6
11.
11.1 1510315
4
12.
12.1
12.2
12.3
13.
13.1
13.1.1
13.1.2
13.1.3
13.1.4
13.1.5
13.1.6
13.1.7 CC
13.1.8
13.1.9
13.1.10
13.2
13.2.1
13.2.2
13.2.3 49
13.2.4
13.2.5
13.2.6
13.2.7
13.2.8
13.2.9
13.3
13.3.1
13.3.2
14.
14.1
14.2
14.3
14.4
14.5
14.6
14.7
14.8
15.
15.1
15.2
15.3
16.
16.1 90
5
17.
6
18.
19.
20.
21.
22.
23.
23.1
23.2
7
24.
25.
25.1
25.2
25.3
25.4
25.5
8
26.
26.1
26.2
26.3
26.4 ;
26.5
26.6
26.7
26.8
26.9
26.10
26.11
9
27.
27.1
27.2
27.3
10
28.
28.1
28.2
29.
29.1 ,
29.2 ,
30.
30.1 ,,,
30.2 :
31.
31.1 31.,
31.2 ,
32.
33.
33.1 ,
33.2 ,
11
34.
34.1
34.2 10%
34.3 ,
34.4
34.5
34.6
12
35. ,,,,,,,,;,:
35.1 ;
35.2 ;
35.3 ;
35.4 ;
35.5 ,;
35.6
13
36.
6 64
http://www.jsztb.org/
3
1
2:
3
1. (GB_T 22240-2008)
2. (GB_T 22239-2008)
3. GB/T 28448-2012
4. GB/T 28449-2012
5. YDT3169-2016
6. 2015
7. 33
8. 82
9.
10.
75IP
ACL
1
4,22FW/IPS
2
2
442220000
1
3
Web
42BYPASS)4210GE21Tb6GbpsHTTP35448
1
web
4
6GE32G4*4T
1
5
41T300600
1
6
41TSyslogSNMP TrapOPSecFTP
1
7
WebABC50IP610/100/1000M2SFP
1
8
,200G/1000/1000/
1
9
VPN
64,SSL500Mbps3800400/150SSL VPN
1
10
200
1
11
(5)(2)2CISP
1
12
36010
1
internet
13
332
1
22610/100/1000BASE-T
20Gbps10Gbps350
802.1Q VLAN TrunkaccessVLAN
0x81000x9100VLAN Tag QINQ
LACP
6
//
IPIP/MACIP/MAC
DNSDNS Docting DNS Doctoring
VPN
L2TPPPTPGREIPSECSSLVPN
RIPv1/v2OSPFv2/v3BGP
IPv6
/IP/
IPIP
IP/
IP
4000
NATIPV6URL
2100
IPv4v6 NATIPIPIP
DDOSCCIPSYNACK
IPSec VPNSSL VPNGREGRE over OSPFGRE over IPSecVPN
VPN
150
URLURLGETPOSTHTTPS
SMTPPOP3IMAP
DoS/DDoS
LandSmurfFraggleWinNukePing of DeathTear DropIP SpoofingSYN FloodIPv4IPv6 ICMP FloodUDP FloodDNS FloodARP FloodIPARPIPTCP
NTPNTPNTP
DOS/DDOS/
IPIPIPDoS
IPICMPTCPUDPDNSHTTPNTP
UDPUDPUDPUDPTCPTCP
ICMPUPDSYNDNS FloodDDoS
8000
HTTPFTPSSHSMTPIMAPPOP3 RDPRloginSMBTelneWeblogicVNCMySQLOracleMSSQL
SSHFTPRDPVNCNetbiosMySQLOracleMSSQL
IP
0day/1day
/---
WEBcpu
/
IPmacURL
A/SA/A
IP URL
6Gb
7,000,000
20000
4422
1TB
BYPASS
--
VMvare
IPv6
IPv6IPv6
web/CPU/
IPsec VPN
IPSec VPNIPSec VPNIPsec VPN
1.
2.VPN
3.
Web
1.web
2.
3.web
1.
2.IP
3.1PC2PC
AP
1.WPA-PSK/WPA2-PSKWPA/WPA2()
2.
3.Dos
4.
5.
SSID
SSID
1. 6
2.
3.
60002500900
SSL
SSLweb
SSL
SSLweb
1QQMSNIM
2APPIOSandroid
3Wind
P2P
P2PP2P
IPIPIP
Wan-lan
IPIP
DCDC
////
/
OFFICE
EAL3
IPv6 Ready Phase-2
Web
2U1+1
2*GE4*GE4*SFP210GE
6000Mbps
HTTP350000
HTTP(CPS)30000
IPTCPTCP
IPTCP
IPWAF
VLANVLAN
-BYPASSBYPASS
IP
ipv4/ipv6
WEB
WEBVLAN
(XSS)SQL Cookie
WebshellWeshell
WEB
CookieCookieCookieCookie Httponly
URL
IP
WAF
WAF
URL
IP
WEB
ISCCC
CC
URLIP
URLURL
IPIP+URLIPX_Forwarded-For
WAF302jsCC
ISCCC
IP
IP
IP IP
,
HTTPURLUserAgentPOSTcookie
PCI-DSS
WORD,PDF
Syslog
URLIP
SSL
HTTPSWEBHTTPSHTTPS
SSLIPIP
WEB
WAFWeb
HTTPS
WAF
LDAP
614USB16TB
IPPC
/
,
Web
webweb
web
11003000
IT
209000+
HTTPFTPSSHSMTPIMAPMySQLOracleMSSQL
WEB
WEBSQLXSS
CSRF
ASP,PHP,JSPwebshell
Web
WebWeb3000
40CNCERTVIRUSTOTAL
DNS
DNSFlowDNS
Webshell
HttpFlowwebshell
/
DoS
NetFlowUEBADoSIP
IPIP
/TOP10
/
htmlIT
TB;
/IPIDURL
syslog
/IP
7*242()
61484
,IPTCP, URL,,URL ,(IP)
11003000URL4000CVE
,,,,IPARPIPTCP;
ICMPUPDSYNDNS FloodDDoS
HTTPFTPSSHSMTPIMAPMySQLOracleMSSQL
Web
HTTP 1.0/1.1HTTPS
B/SSQLXSSCSRFASP,PHP,JSPwebshellWeb
WebWeb3000
Web
40
IPIP
TCPWebSQLDNSLDAP
5
CPU
MTBF6
1U610/100/100011,111Console,114CPU()
B/SHTTPS
1TBSOC
50
300
600
cpuWEB
WEB
telnetsshCLI
FTPSFTP
WindowsRDPUnixXwindow
clientODBCJDBC
WebWebJDK
RDPVNCX11SSHTELNETFTP
SSHTelnetx11FTP/SFTP
IPIP
RDPVNCX11SyslogIPIP
RDPRDP
/
USBKEY
SSO
Google,
C/S,
webC/S
IP
IBM AIXOS400Hewlett-PackardHP-UX SunSolaris CompaqTru64 UnixRedhat LinuxTurbo LinuxBluepointXtermLinuxSlackwareFreeBSDNetBSDSCO UnixWinNTWin2000WinXPWin98WinMeNovellNetware5
IT
1TBSOC
1U610/100/1000MBase-T(RJ45)151ConsoleConsole50
10000EPS3000EPS5000EPS
syslogsnmp trapnetflowjdbcodbcwindowsEVTagent
50,5,,, ()
syslog()
IP
IPIP
/IP
50ip
/NIDS/
USB key
HTTPS
3C
62SFP1CONSOLE
1U
WEBIP
B/SC/S
Web
Windows
LinuxUnix
CiscoJuniper
CGI
IPIPIP
IP
Web
OracleMySQLSQLserverSQL
XSS
ApacheTomcatIIS
WebCPU
URLURLID
WebIPCVE ID
WebSNMPv1SNMPv2SNMPv3Syslog
WebPDF\WORD\EXECL\HTML
WebWebWebWeb
SSLWebSSLConsoleWebshell
pingtcpdumpifconfigurl
200G/1000/1000/
B/SWeb
SSL
USB-Key
,
/
VARCHARVARCHAR2CHARNUMBERDATECLOBBLOBIMAGE
13003003020101030CAD300
OracleMysqlSQLserverDb2Informix
RedisHBaseMongoDB
OA
SharePointExchange Server IBMLotus Domino/NotesCoreMail
httphttpssmtpimapftpTCP
RDSOTSOCSOSS
PDFTIFFJPGBMPOFD
60+
PDFWordCSV
VPN