A VPN connection separation method based on operating system desktop

A separation method and operating system technology, which is applied in the field of VPN connection separation based on the operating system desktop, can solve problems such as security loopholes, and achieve the effect of protecting sensitive data of enterprises

Active Publication Date: 2008-08-13
ARRAY NETWORKS BEIJING
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, because the four-layer VPN runs on the operating system layer, and Symantec's virtual desktop runs on the application program layer, when the user establishes a VPN connection in the virtual desktop, the applications running in the real desktop can also access the corporate intranet through the VPN , which creates a very serious security hole

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A VPN connection separation method based on operating system desktop

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0009] The present invention will be described in detail below in conjunction with the accompanying drawings and examples.

[0010] like figure 1 Shown, the inventive method comprises the following steps:

[0011] 1. Set up a security proxy device at the front end of the enterprise intranet, which is a VPN access gateway device. The client computer first connects to the security proxy device through the Internet, and then the security proxy device connects to the corporate intranet.

[0012] 2. When an application program on the client computer wants to access the VPN connection, the client computer first downloads the VPN proxy program from the security proxy device, and then establishes a VPN connection with the security proxy device through the VPN proxy program.

[0013] 3. After receiving the access request, the VPN proxy program will trace back the application program that initiated the access terminal, then enumerate the running windows of the application program, and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a VPN connection separating method based on a operating system desktop, comprising: 1) setting a secure proxy equipment at the front end of a corporation inner net; 2) when an application program on a client machine accesses the VPN connection, firstly, the client machine downloads a VPN proxy program on the secure proxy equipment; 3) the VPN proxy program traces the application program sending the access after receiving the access require, then enumerates the operating windows of the application program, and finds corresponding desktop based on the windows; 4) the VPN proxy program judges whether the desktop is a virtual desktop; and 5) if the desktops is a virtual desktop, the VPN proxy program allows the application program accessing the VPN connection, and if the desktops is a real desktop, the VPN proxy program refuses the application program accessing the VPN connection. The invention makes only the application program operating on Symantec virtual desktop access the inner net resource of the corporation, while other programs operating in a real desktop of the operation system are forbidden to access the VPN connection to protect the sensitive information of the corporation.

Description

technical field [0001] The invention relates to a computer network security management method, in particular to a VPN connection separation method based on an operating system desktop. Background technique [0002] VPN (Virtual Private Network, Virtual Private Network) provides great convenience for corporate employees to access corporate intranet resources when they are on business trips or at home, but it also brings great hidden dangers to corporate confidential information and intranet security. Employees on business trips may access corporate sensitive information through the hotel or client’s computer, and download the information to the client. If the employee does not clear the sensitive information from the computer after using it, it may cause information leakage, which may cause damage to the enterprise. Potential threats to business and information security. [0003] Through the virtual desktop of Symantec (Symantec), customers can be limited to initiate VPN con...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00H04L12/02
Inventor 胡延锐陈阅苗磊
Owner ARRAY NETWORKS BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap