NAT method and method for realizing access control list

A network address translation and access control list technology, which is applied in the field of network security, can solve the problems of not being able to know the historical information of NAT and ACL conversion, not being able to accurately determine the source of the attack and the length of the attack, and not being able to know the time when the user goes online and offline, etc., to achieve reduction Efforts to reduce workload and cost

Inactive Publication Date: 2007-11-28
HUAWEI TECH CO LTD
View PDF0 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] First of all, you can only view the entries currently in use, but cannot know the historical information of NAT and ACL conversion, nor can you know the user's log-off and log-out time;
[0009] Secondly, the fast cache only stores the entries that are currently in use, and deletes them after use. When the network is attacked and the user is offline, it is impossible to accurately determine the source of the attack and the duration of the attack.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • NAT method and method for realizing access control list
  • NAT method and method for realizing access control list
  • NAT method and method for realizing access control list

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The present invention will be further described in detail below in conjunction with the accompanying drawings.

[0054] Referring to FIG. 3 , this figure is a schematic flowchart of an embodiment of a network address translation method provided by the present invention. The network address translation method provided in this embodiment is used to realize the translation between the internal self-defined address of the enterprise and the public address of the external network.

[0055] According to this embodiment, a network address translation entry can be used to cache the network address translation information required by the current user's network address translation. In this embodiment, the network address translation information is the corresponding source IP address of the user in the network. The corresponding relationship between the address + port number and the public IP address + port number corresponding to the user outside the network. In specific implemen...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a control list conversing and accessing method of network address, which comprises the following steps: A. judging whether network address is conversed into network address conversion information through the user data pack; executing the step C if the judging result is to converse; executing the step B if the result is not to converse; B. generating the user data pack to converse the network address into the network address conversion information; recording the journal; C. conversing the network address of the user data pack according to the network address conversion information corresponding to the user data pack. The invention is convenient for user to access the historical information, on-line and off-line time, which is accurate to judge the attack source and attack time when the network is attached and off-line.

Description

technical field [0001] The invention relates to network security technology, in particular to a network address conversion method and a method for realizing an access control list. Background technique [0002] Nowadays, with the rapid development of computer and communication technology and the expansion of network openness, interconnection and sharing, enterprises rely more and more on information and network technology to support their rapid growth and expansion in the global market. But there are also more and more threats, such as hacker attacks, malicious codes, and worms. For this reason, many enterprises have gradually deployed security products such as firewalls and anti-viruses according to the needs of core database and system operations, and equipped with corresponding security policies and network security management equipment. [0003] Network Address Transform (NAT) means that within a network, IP addresses can be freely customized according to needs without ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04Q11/00H04L29/12
Inventor 查敏
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap