Release Notes and Announcements

Release Notes

Product Announcement

Security Advisory

Product Introduction

Overview

Product Category

Strengths

Scenarios

Plans and Editions

Supported Regions

Basic Concepts

Getting Started

FAQs for Beginners

Operation Guide

Overview

Connection Management

Security Operations

Protection Policies

Service Settings

プラクティスチュートリアル

WAF CCP Overview

Bot Management

API Security

Integration

Protection Configuration

FAQS

Product Consultation

Connection

Usage

Permissions

Sandbox Isolation Status

WAF ポリシー

プライバシーポリシー

データ処理とセキュリティ契約

WAF CCP Overview

PDF

フォーカスモード

フォントサイズ

最終更新日: 2023-12-29 14:52:34

WAF meets the major standards of CCP 2.0. According to Information security technology – Baseline for classified protection of cybersecurity (GB/T 22239-2019), WAF meets the security requirements at level 3.
No.
CCP Chapter
CCP No.
CCP Standard Content
Feature Description
1
Access control
8.1.3.2 e)
Access control based on application protocol and content should be implemented for inbound/outbound data flows.
Access control policies at the application layer are configured to implement access control based on application protocol and content for inbound/outbound data flows.
2
Intrusion protection
8.1.3.3 a)
Externally initiated network attacks should be detected, prevented, or blocked on key network nodes.
WAF is deployed on the perimeters to detect and trigger alarms for various attacks and scans.
3
Intrusion protection
8.1.3.3 c)
Technical measures should be adopted to analyze network behaviors, especially new types of network attack behaviors.
WAF can check and block web traffic in real time and supports AI + rule dual-engine protection to prevent zero-day and other new unknown attacks.
4
Intrusion protection
8.1.3.3 d)
When an attack behavior is detected, the attack source IP, type, target, and event should be logged, and alarms should be triggered for serious intrusions.
WAF can detect and block HTTP and HTTPS traffic attacks and log information such as attack type, URL, content, and source IP, hit rule name and ID, risk level, attack time, target host, and executed action.
5
Malicious code protection
8.1.3.4 a)
Malicious code should be detected and cleared on key network nodes, and the malicious code protection mechanism should be upgraded and updated promptly.
WAF basic security and rule engine modules can implement this feature.
6
Security audit
8.1.3.5 a)
Security audit should be performed on the network perimeters and key network nodes and cover every user to audit key user behaviors and security events.
Intrusion events are audited on the perimeters.
7
Security audit
8.1.3.5 c)
Audit logs should be protected and regularly backed up to prevent unexpected log deletion, modification, and overwriting.
Logs are retained for at least six months, during which tenants cannot delete or tamper with them.
﻿

ヘルプとサポート

この記事はお役に立ちましたか？

営業担当者にお問い合わせいただくかチケットを提出してサポートを求めることができます。

フィードバック

tencent cloud

Web Application Firewall

WAF CCP Overview

ヘルプとサポート

No.	CCP Chapter	CCP No.	CCP Standard Content	Feature Description
1	Access control	8.1.3.2 e)	Access control based on application protocol and content should be implemented for inbound/outbound data flows.	Access control policies at the application layer are configured to implement access control based on application protocol and content for inbound/outbound data flows.
2	Intrusion protection	8.1.3.3 a)	Externally initiated network attacks should be detected, prevented, or blocked on key network nodes.	WAF is deployed on the perimeters to detect and trigger alarms for various attacks and scans.
3	Intrusion protection	8.1.3.3 c)	Technical measures should be adopted to analyze network behaviors, especially new types of network attack behaviors.	WAF can check and block web traffic in real time and supports AI + rule dual-engine protection to prevent zero-day and other new unknown attacks.
4	Intrusion protection	8.1.3.3 d)	When an attack behavior is detected, the attack source IP, type, target, and event should be logged, and alarms should be triggered for serious intrusions.	WAF can detect and block HTTP and HTTPS traffic attacks and log information such as attack type, URL, content, and source IP, hit rule name and ID, risk level, attack time, target host, and executed action.
5	Malicious code protection	8.1.3.4 a)	Malicious code should be detected and cleared on key network nodes, and the malicious code protection mechanism should be upgraded and updated promptly.	WAF basic security and rule engine modules can implement this feature.
6	Security audit	8.1.3.5 a)	Security audit should be performed on the network perimeters and key network nodes and cover every user to audit key user behaviors and security events.	Intrusion events are audited on the perimeters.
7	Security audit	8.1.3.5 c)	Audit logs should be protected and regularly backed up to prevent unexpected log deletion, modification, and overwriting.	Logs are retained for at least six months, during which tenants cannot delete or tamper with them.