GOST R ISO/IEC 27033-4-2021 PDF

Full title and description

GOST R ISO/IEC 27033-4-2021 — Information technology. Security techniques. Network security. Part 4. Securing communications between networks using security gateways. (Russian title: ГОСТ Р ИСО/МЭК 27033-4-2021. Информационные технологии. Методы и средства обеспечения безопасности. Безопасность сетей. Часть 4. Обеспечение безопасности межсетевого взаимодействия с использованием шлюзов безопасности.).

Abstract

This standard provides guidance for securing communications between networks by means of security gateways (for example: firewalls, application-layer gateways, intrusion prevention systems and similar gateway devices). It covers identifying and analysing threats associated with gateways, defining gateway security requirements, selecting and applying security controls and design techniques, and guidance for implementing, operating, monitoring and reviewing gateway controls. The content is aligned with the corresponding ISO/IEC part.

General information

• Status: Active / National standard in force (GOST R adoption of ISO/IEC 27033-4).
• Publication date: 30 November 2021 (introduced into force 30.11.2021).
• Publisher: Published as a Russian national standard under the authority of the Federal Agency on Technical Regulating and Metrology (Rosstandart); published distribution via national standards publishers (e.g., Standartinform).
• ICS / categories: 35.030 (Information technology — IT security / Network security).
• Edition / version: National adoption (GOST R) of ISO/IEC 27033‑4 technical content; adopted 2021 (the underlying international text is ISO/IEC 27033‑4 published 2014).
• Number of pages: 26 (typical published PDF / print count for the GOST R edition).

Scope

Guidance for securing communications between networks through security gateways. The standard addresses threat identification and analysis for gateways, deriving gateway security requirements from threat analysis, recommending design and implementation techniques to mitigate identified threats in typical network scenarios, and providing operational guidance for deploying, managing, monitoring and reviewing gateway controls. It is intended to be used in conjunction with other parts of the ISO/IEC 27033 series and with broader information security management standards.

Key topics and requirements

• Overview of security gateway concepts and typical gateway architectures (single‑homed, dual‑homed, multihomed, bastion hosts).
• Identification and analysis of network security threats related to gateway deployment and configuration.
• Deriving gateway security requirements from documented information security policies and threat analysis.
• Security control types and techniques (packet filtering, stateful inspection, application‑level proxies, content filtering, NAT, IPS/IDS integration).
• Design and implementation guidance for gateway placement, segmentation, redundancy and secure configurations.
• Guidance for product selection, configuration hardening, logging, monitoring, incident response and regular review of gateway controls.

Typical use and users

Used by network security architects, system/network administrators, security engineers, security auditors and IT risk managers who design, deploy or operate network perimeter and inter-segment security controls. Also useful for procurement teams when specifying gateway/security appliance requirements and for compliance/audit personnel assessing gateway configurations against organisational policies.

Related standards

Part of the ISO/IEC 27033 network security family (other parts include overview/terminology and specific guidance on intra-network security and VPNs). It is commonly used alongside ISO/IEC 27001 and ISO/IEC 27002 (information security management and control guidance) and other national GOST R adoptions of ISO/IEC 27000‑series documents. Related GOST R adoptions for the 27033 series and nearby parts were introduced in the same 2021 national package.

Keywords

network security; security gateway; firewall; application firewall; intrusion prevention; IPS/IDS; packet filtering; stateful inspection; proxy gateway; gateway architecture; segmentation; gateway hardening; network design; GOST R; ISO/IEC 27033.

FAQ

Q: What is this standard?

A: GOST R ISO/IEC 27033-4-2021 is the Russian national adoption of ISO/IEC 27033‑4, giving guidance on securing communications between networks using security gateways (firewalls, application gateways, IPS, etc.). It was introduced into force in Russia on 30 November 2021.

Q: What does it cover?

A: It covers threat analysis for gateway scenarios, specification of gateway security requirements, selection and design of gateway controls (packet filters, stateful inspection, proxies, content filtering, NAT, IPS integration), and operational guidance for deployment, monitoring and review.

Q: Who typically uses it?

A: Network security architects, system and network administrators, security engineers, procurement/specification teams, and auditors or compliance staff responsible for gateway/security appliance selection and configuration.

Q: Is it current or superseded?

A: The GOST R adoption (GOST R ISO/IEC 27033-4-2021) was introduced into force on 30 November 2021 and is listed as active. The underlying international text is ISO/IEC 27033‑4 originally published in 2014 (the international part remains the reference technical text). Users should check national catalogs or Rosstandart notifications for any later revisions or amendments.

Q: Is it part of a series?

A: Yes — it is part of the ISO/IEC 27033 series on network security (multiple parts addressing overview/terminology, intra-network security, gateway guidance, VPNs, etc.), and it is published in Russia as part of the 2021 GOST R adoptions of several ISO/IEC 27000‑series parts.

Q: What are the key keywords?

A: Network security, security gateway, firewall, application gateway, IPS, packet filtering, stateful inspection, proxy gateway, gateway design, segmentation, gateway hardening, GOST R, ISO/IEC 27033.