Release Notes and Announcements

Release Notes

Product Announcement

Security Advisory

Product Introduction

Overview

Product Category

Strengths

Scenarios

Plans and Editions

Supported Regions

Basic Concepts

Getting Started

FAQs for Beginners

Operation Guide

Overview

Connection Management

Security Operations

Protection Policies

Service Settings

사례 튜토리얼

WAF CCP Overview

Bot Management

API Security

Integration

Protection Configuration

FAQS

Product Consultation

Connection

Usage

Permissions

Sandbox Isolation Status

WAF 정책

개인 정보 보호 정책

데이터 처리 및 보안 계약

WAF CCP Overview

PDF

포커스 모드

폰트 크기

마지막 업데이트 시간: 2023-12-29 14:52:34

WAF meets the major standards of CCP 2.0. According to Information security technology – Baseline for classified protection of cybersecurity (GB/T 22239-2019), WAF meets the security requirements at level 3.
No.
CCP Chapter
CCP No.
CCP Standard Content
Feature Description
1
Access control
8.1.3.2 e)
Access control based on application protocol and content should be implemented for inbound/outbound data flows.
Access control policies at the application layer are configured to implement access control based on application protocol and content for inbound/outbound data flows.
2
Intrusion protection
8.1.3.3 a)
Externally initiated network attacks should be detected, prevented, or blocked on key network nodes.
WAF is deployed on the perimeters to detect and trigger alarms for various attacks and scans.
3
Intrusion protection
8.1.3.3 c)
Technical measures should be adopted to analyze network behaviors, especially new types of network attack behaviors.
WAF can check and block web traffic in real time and supports AI + rule dual-engine protection to prevent zero-day and other new unknown attacks.
4
Intrusion protection
8.1.3.3 d)
When an attack behavior is detected, the attack source IP, type, target, and event should be logged, and alarms should be triggered for serious intrusions.
WAF can detect and block HTTP and HTTPS traffic attacks and log information such as attack type, URL, content, and source IP, hit rule name and ID, risk level, attack time, target host, and executed action.
5
Malicious code protection
8.1.3.4 a)
Malicious code should be detected and cleared on key network nodes, and the malicious code protection mechanism should be upgraded and updated promptly.
WAF basic security and rule engine modules can implement this feature.
6
Security audit
8.1.3.5 a)
Security audit should be performed on the network perimeters and key network nodes and cover every user to audit key user behaviors and security events.
Intrusion events are audited on the perimeters.
7
Security audit
8.1.3.5 c)
Audit logs should be protected and regularly backed up to prevent unexpected log deletion, modification, and overwriting.
Logs are retained for at least six months, during which tenants cannot delete or tamper with them.
﻿

도움말 및 지원

문제 해결에 도움이 되었나요?

더 자세한 내용은 문의하기 또는 티겟 제출 을 통해 문의할 수 있습니다.

피드백

tencent cloud

Web Application Firewall

WAF CCP Overview

도움말 및 지원

No.	CCP Chapter	CCP No.	CCP Standard Content	Feature Description
1	Access control	8.1.3.2 e)	Access control based on application protocol and content should be implemented for inbound/outbound data flows.	Access control policies at the application layer are configured to implement access control based on application protocol and content for inbound/outbound data flows.
2	Intrusion protection	8.1.3.3 a)	Externally initiated network attacks should be detected, prevented, or blocked on key network nodes.	WAF is deployed on the perimeters to detect and trigger alarms for various attacks and scans.
3	Intrusion protection	8.1.3.3 c)	Technical measures should be adopted to analyze network behaviors, especially new types of network attack behaviors.	WAF can check and block web traffic in real time and supports AI + rule dual-engine protection to prevent zero-day and other new unknown attacks.
4	Intrusion protection	8.1.3.3 d)	When an attack behavior is detected, the attack source IP, type, target, and event should be logged, and alarms should be triggered for serious intrusions.	WAF can detect and block HTTP and HTTPS traffic attacks and log information such as attack type, URL, content, and source IP, hit rule name and ID, risk level, attack time, target host, and executed action.
5	Malicious code protection	8.1.3.4 a)	Malicious code should be detected and cleared on key network nodes, and the malicious code protection mechanism should be upgraded and updated promptly.	WAF basic security and rule engine modules can implement this feature.
6	Security audit	8.1.3.5 a)	Security audit should be performed on the network perimeters and key network nodes and cover every user to audit key user behaviors and security events.	Intrusion events are audited on the perimeters.
7	Security audit	8.1.3.5 c)	Audit logs should be protected and regularly backed up to prevent unexpected log deletion, modification, and overwriting.	Logs are retained for at least six months, during which tenants cannot delete or tamper with them.