IPv6网络安全设备技术要求 第2部分：Web应用防护系统（WAF） Technical requirement for IPv6 network security equipment— Part 2： Web application firewall（WAF）  ICS  33.040.40 CCS  M 32   中华人民共和国国家标准 GB/T 44810.2—2024 2024-10-2 6发布 2025-02-0 1实施     国家市场监督管理总局 国家标准化管理委员会 发 布目　　次 前言   ·····································································································   Ⅲ 引言   ·····································································································   Ⅳ 1     范围   ··································································································   1 2     规范性引用文件   ······················································································   1 3     术语和定义   ···························································································   1 4     缩略语   ································································································   1 5     功能性要求   ···························································································   2      5.1     Web应用内容控制   ···············································································   2      5.2     攻击防护   ·························································································   2      5.3     安全审计、告警与统计   ··········································································   3      5.4     异常应急处置   ····················································································   4 6     性能要求   ······························································································   4      6.1     HTTP吞吐量   ····················································································   4      6.2     HTTP请求速率   ·················································································   5      6.3     HTTP并发连接数   ···············································································   5 7     兼容性要求   ···························································································   5      7.1     部署   ······························································································   5      7.2     接口   ······························································································   5      7.3     界面   ······························································································   5      7.4     数据存储   ·························································································   5 8     可靠性要求   ···························································································   5 9     自身安全性要求   ······················································································   5 参考文献   ··································································································   6 GB/T 44810.2—2024     Ⅰ 前　　言 本文件按照GB/T 1.1—2020《标准化工作导则　第1部分：标准化文件的结构和起草规则》的规 定起草。 本文件是GB/T 44810《IPv6网络安全设备技术要求》的第2部分。GB/T 44810已经发布了以下 部分： 第1部分：防火墙； — 第2部分：Web应用防护系统（WAF）； — 第3部分：入侵防御系统（IPS）。 — 请注意本文件的某些内容可能涉及专利。本文件的发布机构不承担识别专利的责任。 本文件由工业和信息化部提出。 本文件由全国通信标准化技术委员会（SAC/TC 485）归口。 本文件起草单位：中国信息通信研究院、北京神州绿盟科技有限公司、华为技术有限公司、北京天 融信网络安全技术有限公司、郑州信大捷安信息技术股份有限公司、北京浩瀚深度信息技术股份有限公 司、国家计算机网络应急技术处理协调中心、中国电信集团有限公司、天翼安全科技有限公司、中国移 动通信集团有限公司、中移（杭州）信息技术有限公司、杭州迪普科技股份有限公司、北京通和实益电 信科学技术研究所有限公司、国家工业信息安全发展研究中心、中国福利会国际和平妇幼保健院、新华 三技术有限公司、北京可信华泰信息技术有限公司、杭州安恒信息技术股份有限公司。 本文件主要起草人：戴方芳、董悦、姜剑、胡俊涛、王雨晨、李翔、黄雅静、寇增杰、刘为华、庞韶敏、 曹政、石桂欣、温森浩、康和、王建民、付炎永、陈东、梁芳、程晋雪、吴庆、左虹、韩娟、刘鑫涌、 孙军、王冲华、陈昌杰、陈磊、万晓兰、杜君、段古纳、田丽丹。   GB/T 44810.2—2024     Ⅲ 引　　言 根据《关于加快推进互联网协议第六版（IPv6）规模部署和应用工作的通知》，为更好面对网络复 杂化和用户规模扩大化带来的安全挑战，推动IPv6网络安全工作的标准化，我国制定了一系列IPv6安 全标准。其中，GB/T 44810《IPv6网络安全设备技术要求》是为规范在IPv6中网络安全产品的适用性 的技术标准，拟由三个部分构成。 第1部分：防火墙。目的在于IPv6部署后，保障防火墙在新的网络环境中的有效应用。 — 第2部分：Web应用防护系统（WAF）。目的在于IPv6部署后，保障Web应用防护系统 （WAF）在新的网络环境中的有效应用。— 第3部分：入侵防御系统（IPS）。目的在于IPv6部署后，保障入侵防御系统（IPS）在新的网 络环境中的有效应用。—   GB/T 44810.2—2024     Ⅳ IPv6网络安全设备技术要求 第2部分：Web应用防护系统（WAF） 1　范围   本文件规定了支持IPv6的Web应用防护系统（WAF）的技术要求。 本文件适用于支持IPv6的Web应用防护系统（WAF）的设计、开发、部署、使用、