A PC/server protection appliance can trigger customs classification, cybersecurity import licensing, civil cryptography review, ICT conformity, import labeling and technical dossier checks at the same time. This guide provides an E2E (End-to-End) map for reviewing HS code, proposed taxes, C/O, specialized policy, customs documents and pre-ETA risks before shipment arrival.

QUICK FACT

Review item	Operational recommendation
Product scope	PC/server protection appliance in hardware form for protecting PCs/servers, managing endpoints, filtering malware, enforcing endpoint policy or acting as an endpoint protection gateway.
Not automatically covered	Software-only Mobile Security, endpoint agents/licenses, firewall/NAC/IPS/IDS/DDoS/SIEM/UTM, VPN appliance, WAF or web app security appliance if the model/function differs.
Reference HS	8517.62.59 if the goods are network data transmission/reception equipment with Ethernet/SFP ports and endpoint/server protection functions over a network.
Proposed taxes	Ordinary import duty: 5% reference; MFN import duty: 0%; VAT: 10%; special preferential duty under C/O: usually reviewed toward 0% if the C/O is valid and FTA conditions are met.
Key policies	Review cybersecurity product import license; civil cryptography if encryption/authentication/key-management functions exist; ICT Group-2 conformity if telecom/radio functions exist; used/refurbished IT goods policy if applicable.
Technical dossier	Catalogue, datasheet, user manual, model list, security function description, encryption statement, software/license list and test report if available.

SCOPE OF APPLICATION

This article covers PC/server protection appliance only. It must not be automatically applied to Mobile Security software, endpoint protection gateway, firewall, VPN appliance, NAC, IPS/IDS, UTM, WAF, web application security appliance or any product with different specifications/functions.

Legal note: Review by catalogue, datasheet, model and actual import purpose. Do not conclude that no license is required without checking the exact model, firmware, security functions, encryption functions, interfaces, license package and import purpose.

CLASSIFICATION & TECHNICAL IDENTIFICATION

Identify the goods by catalogue, datasheet, model, main function, hardware configuration, network interfaces, firmware, security function, license package, condition and actual use. Generic descriptions such as “security appliance” may lead to wrong HS code, wrong license position or missing technical evidence.

Criteria to check	Documents to compare	Risk if misdescribed	Suggested goods description
Product nature	Catalogue, datasheet, user manual	Confusion among network equipment, server appliance, software license and specialized security product	PC/server protection appliance, model…, brand…, new 100%, for endpoint/server protection
Network interfaces	Datasheet, Ethernet/SFP photos	Wrong HS between heading 8517 and 8471	Security gateway appliance with Ethernet ports and endpoint/server protection function
Security functions	Security datasheet, admin guide	Cybersecurity product license may be missed	Protection appliance for PC/server, anti-malware/endpoint policy management
Encryption/VPN/authentication	Encryption statement, firmware feature list	Civil cryptography review may be triggered	Describe encryption/VPN functions based on technical dossier if any
Software/license package	PO, invoice, license sheet	Incorrect customs value and unclear split between hardware/software	Separate hardware appliance, embedded software and subscription/license if any
Goods condition	Invoice, serial list, labels	Used/refurbished policy risk	Declare new/refurbished/used accurately before shipment

HS CODE – DUTY – C/O

HS classification depends on technical nature: network data transmission/reception equipment, ADP unit or software/license. Do not classify solely by the commercial term “protection appliance”.

Reference HS code	Application condition	Risk of wrong classification	Documents to compare
8517.62.59	Network data transmission/reception appliance used to protect PCs/servers over a network.	Wrong telecom/cybersecurity policy, wrong duty and customs queries.	Catalogue, datasheet, network diagram, gateway functions.
8471.50.90 / 8471.80.90	Only considered if the product is essentially an ADP processing unit rather than network communication equipment.	Wrong technical policy and customs explanation.	CPU/RAM/storage, OS, system architecture.
8523 or software-related heading	Only if the import is software/license/subscription without hardware.	Wrong valuation and goods nature.	PO, license certificate, delivery method, activation key.

Duty and C/O review table

Item	Specific proposed level	Application condition	Risk note
Main proposed HS	8517.62.59	When the product is a network data transmission/reception appliance.	Confirm against actual model and customs tariff at declaration date.
Ordinary import duty	5% reference	Used as a planning reference where preferential schemes are not available.	Re-check current tariff before customs declaration.
MFN import duty	0%	Reference data for HS 8517.62.59.	Not a binding customs classification ruling.
VAT	10%	Reference data for HS 8517.62.59.	Review VAT policy at import date.
Special preferential duty under C/O	Usually reviewed toward 0% if valid	Depends on FTA, C/O form, origin criterion and goods description.	Wrong C/O form, HS or description may lead to rejection.

SPECIALIZED POLICY MATRIX

Goods situation	Possible policy	Documents to check	Authority/portal if identified	Recommended timing	Risk note
Standard PC/server protection appliance	Cybersecurity product import license review.	Catalogue, datasheet, security functions, model list.	MIC/AIS or relevant public service portal.	Before ETA, preferably before PO.	Do not conclude “no license” without list review.
Endpoint protection gateway	Cybersecurity product policy and HS 8517.62.59 review.	Network diagram, admin guide.	Specialized authority/customs.	Before shipping documents.	May be confused with firewall/VPN/NAC/UTM.
Encryption/VPN/key management functions	Civil cryptography review if listed.	Encryption statement, firmware guide.	Government Cipher Committee/related portal if applicable.	Before ETA.	General encryption and licensed civil cryptography must be separated by dossier.
Wireless module integrated	ICT Group-2/conformity/radio review if applicable.	RF specification, test report.	MoST/MIC or designated bodies.	Before ETA.	May trigger conformity/quality procedures.
Software/license/subscription	Customs valuation and software nature review.	PO, invoice, license certificate.	Customs/tax review if necessary.	Before invoice finalization.	Avoid unclear aggregation with hardware value.
Used/refurbished goods	Used IT goods policy review.	Condition statement, serial list.	Customs/specialized authority.	Before purchase.	High risk if declared new while serial/labels show refurbished.

LEGAL DOCUMENTS TO REVIEW

Document group	Document number/name	Issuing body	Effective date/timing	Role in procedure	Key article/appendix if any	Review note
Law	Law on Cyberinformation Security No. 86/2015/QH13	National Assembly	Review current validity	Legal foundation for cybersecurity and civil cryptography products.	Relevant provisions on products/services.	Review implementing documents.
Decree	Decree 108/2016/ND-CP	Government	Effective from 01/07/2016	Conditions for cybersecurity products/services business.	Product/service conditions.	Check amendments if any.
Circular	Circular 13/2018/TT-BTTTT	MIC	Effective from 01/12/2018	List and licensing procedure for imported cybersecurity products.	Appendix/list and licensing dossier.	Review with Circular 10/2022.
Amending Circular	Circular 10/2022/TT-BTTTT	MIC	Effective from 15/09/2022	Amends Circular 13/2018.	Amended list/procedure if applicable.	Use consolidated/updated text.
Circular	Circular 29/2025/TT-BKHCN	MoST	Effective from 31/12/2025	ICT Group-2 goods and conformity review.	Appendices/QCVN where applicable.	Apply only if the model/function is listed.
Decree	Decree 211/2025/ND-CP	Government	Effective from 09/09/2025	Civil cryptography activities and import/export licensing.	Appendices for civil cryptography products.	Apply only if functions are listed.
Labeling	Decree 43/2017/ND-CP and Decree 111/2021/ND-CP	Government	Review current validity	Import labeling.	Mandatory label contents.	Model, origin and importer must match.
Tariff	Current import/export tariff and customs database	MoF/GDVC	At declaration date	Duty, VAT and FTA rates.	HS 8517.62.59 and alternatives.	Re-check before declaration.

VIEW / DOWNLOAD ORIGINAL LEGAL TEXTS

Enterprises should re-check the official legal database or the issuing authority website before application.

Circular 13/2018/TT-BTTTT Circular 10/2022/TT-BTTTT Circular 29/2025/TT-BKHCN Decree 211/2025/ND-CP

CUSTOMS DOCUMENT DOSSIER

Commercial documents

Commercial Invoice.
Packing List.
Bill of Lading/Air Waybill.
Sales Contract/Purchase Order if any.
Certificate of Origin – C/O if preferential duty is claimed.
Catalogue, datasheet, user manual, model list, serial list and product label photos.

Specialized documents if applicable

Cybersecurity product import license.
Civil cryptography dossier/license where applicable.
ICT conformity/quality inspection dossier where applicable.
Test report, security datasheet, encryption statement, software/license list.
Import labeling dossier.

Document group	Required documents	Used for	Usually prepared by	Common error	Pre-ETA check
Commercial	Invoice, Packing List, Contract/PO	Declaration, valuation, C/O	Importer/seller/docs team	Generic goods description	Approve drafts before issue.
Technical	Catalogue, datasheet, manual, model/serial list	HS and policy explanation	Supplier/importer technical team	Wrong model datasheet	Lock model list before shipment.
Cybersecurity/crypto	License/dossier, security functions, encryption statement	Specialized policy	Importer/compliance/supplier	Functions not clearly separated	Review product list before ETA.
C/O	C/O draft/original	Preferential duty	Seller/exporter/importer	Wrong HS/form/description	Check C/O draft before issuance.
Labeling	Original label, Vietnamese sub-label	Circulation/post-clearance	Importer/warehouse	Missing model/origin/importer	Prepare sub-labels before distribution.

CLEARANCE DECISION POINTS THAT MAY HOLD THE SHIPMENT

Decision point	Question to answer	Supporting document	Consequence if unclear	Recommended handling
HS code	Network appliance, ADP unit or software/license?	Catalogue, datasheet, diagram	Wrong duty/policy	Finalize HS before ETA.
Cybersecurity license	Is the model listed as licensed cybersecurity product?	Circular 13/2018, 10/2022, function list	License/explanation request	Review list before purchase.
Civil cryptography	Does it include listed encryption/key management?	Encryption statement	License risk	Get supplier confirmation.
Model/license	Are hardware and license separated?	Invoice, PO, license certificate	Valuation and description risk	Split clearly in documents.
C/O	Correct form, HS, description and origin criterion?	C/O draft, invoice	FTA rejected	Review draft before shipment.
Condition	New, demo, refurbished or used?	Serials, labels, invoice	Used-goods policy risk	Verify before contract.

PRACTICAL E2E PROCESS

Pre-ETA review. Finalize HS, taxes, C/O, cybersecurity, civil cryptography, ICT conformity, labeling, goods condition and import purpose.

Lock documents and technical dossier. Confirm Invoice, Packing List, B/L/AWB, catalogue, datasheet, model/serial list, security function list and encryption statement.

Apply for license/specialized procedure if applicable. Prepare cybersecurity, civil cryptography or ICT conformity dossier by exact model before the goods arrive.

Submit customs declaration. Prepare explanations for value, HS, product name, model, license, C/O, catalogue and specialized policy under Yellow/Red channel.

Clearance, delivery and post-clearance control. Release goods, apply sub-labels if required, archive dossier by shipment and manage license/software records.

PRE-ETA RISK CHECKLIST

Risk	Consequence	Pre-ETA control	Documents to check
Generic “security appliance” description	Additional query and delay	Use detailed model/function description	Invoice, PL, catalogue
Wrong HS between 8517 and 8471	Wrong duty/policy	Confirm technical nature	Datasheet, diagram
Missing cybersecurity license review	Possible license request	Review Circular 13/2018 and 10/2022	Security function list
Encryption functions not checked	Civil cryptography risk	Get written encryption statement	Firmware/admin guide
Model mismatch	Specialized dossier rejected	Lock model/serial list	Invoice, label, datasheet
C/O mismatch	FTA benefit lost	Review C/O draft	C/O, invoice, B/L
Refurbished/used misdeclared	Penalty/re-export risk	Verify goods condition	Invoice, serial, statement

FAQ

Does a PC/server protection appliance need an import license?

Possibly, if the exact model is listed as a cybersecurity product requiring import licensing. Do not conclude without reviewing model, firmware and security functions.

Is it a civil cryptography product?

Only after checking encryption, authentication, key management, VPN and use purpose. If listed, a separate license may be required.

Can HS 8517.62.59 be used for all models?

No. It is only a reference where the goods are network data transmission/reception appliances. Server appliances or software-only imports require separate review.

Is Vietnamese labeling required?

If the goods circulate in Vietnam, import labeling requirements should be reviewed and the label must match model, origin and importer information.

Does C/O reduce duty?

It may. Although MFN may already be 0% for the reference HS, C/O is still important for FTA preference and origin control.

Should license/subscription be declared separately?

Review the contract, invoice and delivery method. If separately priced, customs value and goods description must be controlled clearly.

EXECUTION SUPPORT FROM TGIMEX

This article provides a map of HS code, duties, documents and specialized policy. In real shipments, enterprises still need to review catalogue, datasheet, model, documents, origin and import purpose.

Pre-ETA reviewHS, cybersecurity, civil cryptography, ICT conformity, C/O, tax, labeling and technical dossier.

Compliance controlCross-check Invoice, Packing List, B/L/AWB, C/O, catalogue, security functions and labels.

International logisticsCoordinate agents, carriers/airlines, ETA, pre-alert and transport documents.

Declaration & post-clearancePrepare customs dossier, handle Green/Yellow/Red channels and archive records.

For shipments with potential specialized inspection, licensing, C/O or labeling issues, enterprises should not wait until arrival to start dossier review.

Có liên quan

QUICK CONSULTATION

NEED TO REVIEW IMPORT PROCEDURES OR A SHIPPING PLAN?

Send us the product name, shipping route, current dossier, or implementation request in advance so we can suggest a suitable approach that is practical, focused, and aligned with your shipment.

CALL NOW

HOTLINE 0963 856 664 / 0982 135 393

EMAIL info@tgimex.com

SUITABLE FOR International shipping · Customs procedures · Import licenses · B2B logistics

ELECTRICAL – ELECTRONICS – IT EQUIPMENT

F&B

MACHINERY

HOUSEHOLD GOODS

COSMETICS – PERSONAL CARE