Unlock instant, AI-driven research and patent intelligence for your innovation.

Network safety gateway product sharing method

A network security and safety technology, applied in the direction of network interconnection, network connection, data exchange through path configuration, etc., can solve the problems of limiting the safety needs of small businesses and even individuals, waste, safety beyond reach, etc.

Inactive Publication Date: 2008-07-16
陈勇
View PDF2 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The performance of the security gateway must be greatly redundant for the protected area. This is to prevent the security gateway from becoming a bottleneck, which is undoubtedly a waste for the owner of the security gateway
[0007] Therefore, these security gateways are generally only used by medium and large enterprises, which limits the security needs of small enterprises and even individuals. For them, security is out of reach.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network safety gateway product sharing method
  • Network safety gateway product sharing method
  • Network safety gateway product sharing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] Embodiment 1: sharing of firewalls

[0035] Traditional firewall protection system, see attached figure 1 In the two cases shown, one is to use firewall FW1 to block between the protected server S1 (or server group) and the Internet, and the other is to block between the protected network (with servers S2-S4 and user machines PC1, PC2) and the Internet. Between (firewall FW2), these two situations are mainly different in emphasis. The former emphasizes Internet access to the server, and the latter emphasizes the protected network’s access to the Internet. However, in fact, access in the opposite direction exists, which can be understood as the same . In addition, if there is a router outside the firewall, the firewall may adopt bridge mode; in some cases, the firewall may adopt routing mode and save the router.

[0036] When the firewall is placed on the Internet to become a security node (Node1-Node5), such as figure 2 Shown:

[0037] The access process of users (...

Embodiment 2

[0052] Embodiment 2: Sharing of email security gateways

[0053] The email security gateway is used to block illegal emails such as spam and virus emails for the email server. The email gateway has a transparent mode (such as image 3 MG1 protects mail server MS1) and forwarding mode (such as image 3 The MG2 protects the mail server MS2). Since the mail uses the application layer store-and-forward protocol, the so-called transparent mode is actually a way of bridge plus interception and forwarding. Therefore, the mail security gateway is the easiest to transform into a mail security node. Shared email security gateway device.

[0054] When the email security gateway is placed on the Internet to become an email security node (such as Figure 4 After MG1):

[0055] The receiving process of the protected mail server becomes like this:

[0056] The MX item resolved by the DNS of the protected mail domain is pointed to the mail security node;

[0057] The sending server tries...

Embodiment 3

[0067] Embodiment 3: Sharing of SSL-VPN gateways

[0068] In view of the inconvenience of traditional VPNs such as IPSec in deploying and distributing keys, SSL-VPN is a security access control device that has emerged in recent years, allowing remote users to use the Internet conveniently and safely when leaving the intranet. access to sensitive internal networks. The complex management and maintenance of IPSec-VPN pushes users and network administrators into a very depressed situation. They regard SSL-VPN as a savior for convenient and safe remote access. In fact, IPSec-VPN and SSL-VPN have their own advantages. SSL-VPN is easy to deploy, does not require remote users to install clients, and can perform detailed security policy control on application layer protocols. It is a very good "user-to-network" connection method; Although IPSec-VPN is troublesome to deploy, its high performance is very suitable for VPN connections of all protocols for infrequently changing network st...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security gateway product sharing method which comprises that: a network security gateway product is arranged in the internet and becomes a security node which can be shared; when an internet user requests to a protected area server or a network, the request of the internet user is led to the security node; the security node forwards a legal request to the server or the network according to the security strategy; the security node receives the response data of the server or the network and forwards to the requesting party according to the security strategy. The embodiment of the invention changes the security gateway from the self-sharing of the owner of the server or network (the owner must purchase alone) to the co-sharing of the servers or networks which are not in the same place (a purchase alone is not needed, and only a collective purchase or a purchasing service is needed). At the same time, for some protected areas, if the flow is large and has a plurality of security demands, the protected areas can be protected by a plurality of security nodes without need to self-purchase a plurality of security gateways to perform protection, which saves the resource.

Description

technical field [0001] The invention relates to the technical field of computer information security, in particular to a method for sharing network security gateway products. Background technique [0002] The Internet is getting closer and closer to people's lives, and people will use known domain names or search engines to find the information and various services they need. But at the same time, the problem of Internet security has become an urgent problem to be solved. For network servers and internal subnets of enterprises, various network security devices are required for protection, such as firewalls, email security gateways, VPN (Virtual Private Network virtual private network, or virtual private network) gateways, etc. [0003] These products are all "network security gateway" devices, because these products are inserted between the protected server or network (hereinafter referred to as the protected area) and the unsafe Internet, acting as a gatekeeper. The reque...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/66H04L12/46
Inventor 陈勇
Owner 陈勇