1.1 Technical Requirements
1.1.1 Physical Security
1.1.1.1 Physical Location Selection (G3)
The requirements include:
A) The computer room and office space should be located in buildings with earthquake, wind and rain protection capabilities;
B) The site of the machine room should not be located in the upper floors or basement of the building, and the lower floors or adjacent to the water equipment.
1.1.1.2 Physical Access Control (G3)
The requirements include:
A) The entrance and exit of the machine room shall be manned by special personnel to control, identify and record the personnel entering;
B) Visitors who need to enter the machine room shall go through the application and approval process, and restrict and monitor their activity scope;
C) The equipment room shall be divided into areas for management, physical isolation devices shall be set up between areas, and delivery or installation shall be set up before important areas
Loading and other transition area;
D) Electronic access control system shall be installed in important areas to control, identify and record personnel entering.
1.1.1.3 Anti-Theft and Anti-Sabotage (G3)
The requirements include:
A) The main equipment should be placed in the machine room;
B) The equipment or major components shall be fixed and marked with obvious markers that are not easy to remove;
C) Communication cables should be laid in hidden places, underground or in pipelines;
D) Media shall be classified and identified and stored in media library or archives;
E) Light, electricity and other technologies should be used to set up the anti-theft alarm system in the machine room;
F) Monitoring and alarm system shall be set up in the machine room.
1.1.1.4 Lightning Strike Protection (G3)
The requirements include:
A) Lightning protection device shall be installed in the machine room building;
B) Lightning protection device should be set up to prevent lightning induction;
C) The GROUND cable of the AC power supply should be set in the equipment room.
7.1.1.5 fire (G3)
The requirements include:
A) Automatic fire fighting system shall be set up in the machine room, which can automatically detect the fire, automatically alarm and automatically extinguish the fire;
B) The machine room and related working rooms and auxiliary rooms shall be built with fire-resistant materials;
C) Fire prevention measures should be taken to isolate important devices from other devices in the equipment room.
1.1.1.6 Waterproof and Moisture Proof (G3)
The requirements include:
A) Water pipes shall not be installed under the roof and movable floor of the machine room;
B) Measures shall be taken to prevent rainwater from penetrating through the Windows, roof and walls of the machine room;
C) Measures should be taken to prevent the transfer and infiltration of water vapor condensation and underground water in the machine room;
D) Water-sensitive detection instruments or components should be installed to conduct waterproof detection and alarm in the machine room.
1.1.1.7 Esd Preventive Measures (G3)
The requirements include:
A) Necessary grounding anti-static measures shall be adopted for main equipment;
B) Use an ESD floor in the equipment room.
1.1.1.8 T/H Control (G3)
The equipment room should be equipped with automatic temperature and humidity adjustment facilities to ensure that the temperature and humidity change within the allowed range.
1.1.1.9 Power Supply (A3)
The requirements include:
A) Voltage regulator and over-voltage protection equipment should be installed on the power supply line of the machine room;
B) Short-term backup power supply shall be provided to at least meet the normal operation requirements of major equipment in the event of power outage;
C) Redundant or parallel power cable lines should be set up to supply power to the computer system;
D) A backup power supply system shall be established.
1.1.1.10 Electromagnetic Protection (S3)
The requirements include:
A) Grounding shall be adopted to prevent external electromagnetic interference and parasitic coupling interference of equipment;
B) Power cables and communication cables shall be laid separately to avoid mutual interference;
C) Electromagnetic shielding shall be implemented for critical equipment and magnetic media.
1.1.2 Network Security
1.1.2.1 Structural Security (G3)
The requirements include:
A) It shall ensure that the business processing capacity of major network equipment has redundant space to meet the demand of business peak;
B) Ensure that the bandwidth of each part of the network meets the demand of business peak;
C) Routing control shall be conducted between business terminals and business servers to establish secure access paths;
D) Network topology structure diagram consistent with the current operation should be drawn;
E) Subnets or network segments shall be divided according to the work function, importance and importance of the information involved, etc.
Assign address segments to subnets and network segments based on the principle of convenient management and control.
F) It should be avoided to deploy important network segments at the network boundary and directly connect to external information systems. It should be adopted between important network segments and other network segments
Reliable means of technical isolation;
G) The priority level of bandwidth allocation shall be specified according to the order of importance to business services to ensure priority protection in case of network congestion
Important hosts.
1.1.2.2 Access Control (G3)
The requirements include:
A) Access control devices should be deployed at the network boundary to enable access control functions;
B) It should be able to provide clear ability to allow/deny access to data flows according to session state information, and the control granularity is port level;
C) Information content entering and leaving the network should be filtered to implement HTTP, FTP, TELNET, SMTP, and POP3 at the application layer
【Related reading】:
Editor in charge:Shanghai Yue Fei Enterprise Management Consulting Co., Ltd.
Copyright:http://www.yf-iso.com/ Please indicate the source of the reprint
Share 
Collection 
