But a translation of the proposed rules shows its immediate impact on foreign firms may not be as tough as feared.
The draft shows the regulation would initially focus on types of hardware and software where domestic suppliers already have a strong market position compared with their foreign rivals.
Western companies say the rules have not yet been formally adopted, and some said they believed Beijing would retreat on some of the most onerous ideas, including demanding that firms' proprietary source code be reviewable.
Chinese leaders are to review the plan next week, U.S. Tech industry sources said.
On Wednesday, 18 American business groups urged Beijing to postpone rolling out the regulation, which they argued were motivated by protectionism as well as security concerns that intensified in the wake of disclosures of U.S. spying techniques by former National Security Agency contractor Edward Snowden.

The guidelines by the Chinese Banking Regulatory Commission were issued on Dec. 26 in a 22-page paper that outlines security criteria that tech products must meet in order to be considered "secure and controllable" for use in the financial sector, according to sources with knowledge of the matter.
A translation shows an exhaustive table of equipment it applies to, containing 68 categories of tech products from PC servers to wireless routers to automatic teller machines to air conditioners.