Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
alez8882014-11-15 11:56:16
firewall
alez888, 2014-11-15 11:56:16

What is the principle of dividing Firewalls into classes and levels?

Hello, as far as I know, Firewalls are divided into: ME class, NDVB level, ISPDn class. Please explain in more detail what this means? What determines the class, level ... and what is needed for what purposes. Thank you.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
K
Kevin, 2014-11-16
@Klanc

To begin with, the terms:
FSTEC - Federal Service for Technical and Export Control ( link )
NDV - undeclared capabilities: software functionality that is not described or does not correspond to those described in the documentation, the use of which may violate the confidentiality, availability or integrity of the information being processed.
From the point of view of the FSTEC, certified firewalls come in five classes from ME1 to ME5 ( here is a good table on the characteristics of the levels), while the higher the class, the more stringent the requirements ( link to the requirements document).
Certification according to NDV means fulfillment of the requirements of another governing document of the FSTEC:document . Four levels of control (from the lowest fourth to the highest first), invented back in 1999, are designed with varying degrees of confidence to guarantee the absence of all kinds of bugs, back doors, etc. in the software (including the firmware of hardware devices). Such checks involve opening source codes in one way or another.
ISPDn - Personal Data Information System. The ISPD class defines the type of such a system, the ISPD classification is given in this document , and here you can also find a brief description of the ISPD classes.
Now let's group this information:
For example, take thisa list of firewalls, in the table we see three columns: "Class Firewall" - this is the class of the firewall, which is assigned (by a certain authority of the Russian Federation) in accordance with certain parameters of the Firewall itself, that is, this is what the Firewall is capable of (roughly speaking), further there is a column - "NDV Level", this is the level that determines the approximate probability that the ME can be deceived / bypassed / hacked, in general, the reliability of the ME, then comes the column "ISPDn Class" - this is the class of the personal data information system for which this ME is suitable.
That is, these three criteria are not directly related (perhaps indirectly in some aspects), and each criterion (ME Class, NDVB Level, ISPD Class) is determined in accordance with the rules that are in the documents given above.

Similar questions
A
Alexander Vladimirovich2014-11-27 09:00:04
How to close the port for everyone except localhost in Windows 7? 2Reply
H
HighMan2020-01-03 01:39:23
Why isn't the port being forwarded by Firewalld? 2Reply
K
Konstantin Khairov2016-12-14 16:58:10
Iptables not working? 2Reply
D
Daniel Demidko2019-05-18 08:44:24
Firewall and console application? 1Reply
M
Michail Wowtschuk2017-02-05 18:45:36
What is the difference between fail2ban and FIREWALL? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question