1. Home
  2. Russian standards
  3. GOST
  4. GOST R ISO/IEC 27033-5-2021

GOST R ISO/IEC 27033-5-2021 PDF

GOST R ISO/IEC 27033-5-2021

Name in English:
GOST R ISO/IEC 27033-5-2021

Name in Russian:
ГОСТ Р ИСО/МЭК 27033-5-2021

Description in English:

Information technology. Security techniques. Network security. Part 5. Securing communications across networks using Virtual Private Networks (VPNs)

Description in Russian:
Информационные технологии. Методы и средства обеспечения безопасности. Безопасность сетей. Часть 5. Обеспечение безопасности межсетевого взаимодействия с помощью виртуальных частных сетей (ВЧС)
Document status:
Active
Format:
Electronic (PDF)
Page count:
20
Delivery time (for English version):
4 business days
Delivery time (for Russian version):
1 business day
SKU:
GOST44885
Choose Document Language:
€10

Full title and description

GOST R ISO/IEC 27033-5-2021 — Information technology. Security techniques. Network security. Part 5: Securing communications across networks using Virtual Private Networks (VPNs). (Russian designation: ГОСТ Р ИСО/МЭК 27033-5-2021.)

Abstract

This national adoption (GOST R) reproduces guidance from the ISO/IEC 27033 series on securing communications across networks using Virtual Private Networks (VPNs). It provides recommendations for selecting, implementing and monitoring the technical controls required to protect inter-network communications and remote access connections, covering VPN architectures, protocols, authentication and key management, and operational monitoring and auditing to mitigate threats such as intrusion and denial of service.

General information

  • Status: Active (national adoption).
  • Publication date: 30 November 2021.
  • Publisher: Rosstandart / Federal Agency on Technical Regulating and Metrology (Russian national standards body).
  • ICS / categories: 35.030 (Information technology — Security techniques — Network security).
  • Edition / version: GOST R ISO/IEC 27033-5-2021 (adoption of ISO/IEC 27033-5:2013 guidance).
  • Number of pages: 20 pages (approx.).

Scope

The standard gives guidelines for the selection, implementation and operation of technical controls to secure network communications using VPN technologies. It addresses VPN use for interconnecting networks and for providing secure remote access, discusses relevant VPN architectures and deployment scenarios, outlines protocol and cryptographic considerations, and recommends practices for authentication, key management, traffic protection and monitoring of VPN links.

Key topics and requirements

  • Overview of VPN architectures and deployment scenarios (site-to-site, remote access, hub-and-spoke, mesh).
  • Selection criteria for VPN technologies and vendors based on security, interoperability and manageability.
  • Recommended cryptographic protections for confidentiality, integrity and replay protection (protocol-level guidance such as IPsec/TLS considerations).
  • Authentication and authorization requirements for VPN endpoints and users, including multi-factor considerations.
  • Key management and lifecycle practices (generation, distribution, rotation and revocation).
  • Security gateway and tunnelling considerations, including coexistence with firewalls and security appliances.
  • Operational monitoring, logging, intrusion detection and incident response for VPN links.
  • Threats and risk mitigations specific to VPNs (intrusion, DoS, endpoint compromise, misconfiguration).

Typical use and users

Intended for network security architects, system and network engineers, IT security managers, security auditors and integrators who design, deploy or operate VPN solutions to interconnect corporate sites or provide secure remote access. Also useful to compliance officers and procurement teams evaluating network security controls and VPN products.

Related standards

ISO/IEC 27033 series (parts 1–4, 6–7), ISO/IEC 27002 (security controls guidance), ISO/IEC 27001 (ISMS requirements). The document supersedes or replaces earlier network-security guidance derived from ISO/IEC 18028 series in the context of VPN-specific controls.

Keywords

VPN, virtual private network, network security, security gateway, IPsec, TLS, authentication, key management, remote access, VPN architecture, monitoring.

FAQ

Q: What is this standard?

A: It is the Russian national adoption (GOST R) of ISO/IEC 27033‑5, offering guidance on securing communications across networks using Virtual Private Networks (VPNs).

Q: What does it cover?

A: Selection, implementation and operational guidance for VPN technologies and controls — including architectures, protocol and cryptographic considerations, authentication and key management, gateway configuration, and monitoring/incident response for VPN links.

Q: Who typically uses it?

A: Network security architects, network and systems engineers, IT security managers, auditors, integrators, and procurement or compliance personnel responsible for secure network interconnections and remote access.

Q: Is it current or superseded?

A: Published as GOST R ISO/IEC 27033-5-2021 (30 November 2021) and represents a national adoption of the ISO/IEC 27033‑5 guidance (original ISO edition published in 2013). Users should verify whether later revisions of the ISO/IEC 27033 series or subsequent national updates exist when planning long-term compliance.

Q: Is it part of a series?

A: Yes — it is Part 5 of the ISO/IEC 27033 network security multi‑part series, which also includes parts covering overview and concepts, design guidance, reference scenarios, security gateways, wireless IP access and network virtualization security.

Q: What are the key keywords?

A: VPN, virtual private network, network security, IPsec, TLS, authentication, key management, security gateway, remote access.