20 February 2021, State Administration for Market Regulation (Standardization Administration) issued an announcement (No.1 [2021]), unveiling a mandatory national standard of cybersecurity: GB 40050-2021,General Security Requirement for Key Network Equipment. This standard serves as part of the effort to implement the security requirement for network equipment mentioned in Cybersecurity Law of the People's Republic of China.

Key network equipment is network equipment with higher performance. This kind of equipment is usually recognized as important network node and installed in key parts or systems, which may lead to grave consequences of cybersecurity once destroyed. According to article 23 of Cybersecurity Law of the People's Republic of China(hereinafter referred to as Cybersecurity Law), key network equipment shall be sold or provided  after being certified as qualified by competent institutions or passing the security certification in accordance with the mandatory requirements of relevant national standards. 

In 2017, four departments of Cyberspace Administration jointly issued the announcement of Catalogue of Key Network Equipment and Special Products for Cybersecurity (First Batch), which includes 4 categories--routers, switches, servers and programmable logic controller (PLC) equipment. All these categories have been covered in the security standards of key network equipment developed this time.

Catalogue of Key Network Equipment (First Batch)

GB 40050-2021General Security Requirement for Key Network Equipment will come into effect in 1, August, 2021. Organizations responsible for the security test of key network equipment will be authorized by Certification and Accreditation Administration, Cyberspace Administration, Ministry of Industry and Information Technology, Ministry of Public Security and carry out the test in accordance with the regulations.

For more information please contact assistant@bestao-consulting.com