On 3 July, CAC, MIIT, MPS, and CNCA jointly released the 2023 edition of the Catalogue of Critical Network Equipment and Specialized Cybersecurity Products (hereinafter referred to as the “Catalogue”). The 2023 Catalogue designates 38 network products subject to mandatory Critical Network Equipment and Specialized Cybersecurity Products Certification (hereinafter referred to as the “CNESCP certification”).
The first edition of the Catalogue was released in 2017, with the aim of supporting the implementation of Article 23 of the Cybersecurity Law, which stipulates that critical network equipment and specialized cybersecurity products shall be certified, or meet the requirements of security inspection prior to being sold or provided to the Chinese market.
The 2017 edition of Catalogue identified 4 critical network equipment and 11 specialized cybersecurity products subject to CNESCP certification; minimum technical parameters for compliance were specified. The 2023 edition of the Catalogue, instead, removes the minimum technical parameters of the specialized cybersecurity products, and at the same time adds 20 new specialized cybersecurity products. Consequently, the 2023 Catalogue now contains 4 critical network equipment and 34 specialized cybersecurity products. The full list is provided below:
