Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for controlling connections of network security equipment

A network security and connection control technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of network security equipment (firewall cannot work normally, etc.)

Inactive Publication Date: 2009-09-30
BEIJING LEADSEC TECH
View PDF0 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since no new connection can be created, the network security device (firewall) cannot process subsequent packets, which will cause the network security device (firewall) to fail to work normally

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling connections of network security equipment
  • Method and device for controlling connections of network security equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] In this embodiment, an accelerated aging threshold and a threshold for the number of concurrent connections are preset. When a new connection needs to be created and the number of concurrent connections reaches the threshold, the process of accelerating the aging connection is started. , it is necessary to release the original connection and provide resources for establishing a new connection. Here, the accelerated aging threshold is smaller than the threshold of the number of concurrent connections.

[0044] refer to figure 1 , the connection control method provided by the embodiment of the present invention includes the following steps:

[0045] S01, the firewall needs to create a new connection after receiving the message, detect and obtain the current number of concurrent connections;

[0046] S02, comparing the current number of concurrent connections with the accelerated aging threshold and the threshold of the number of concurrent connections;

[0047] S03, pro...

Embodiment 2

[0058] refer to figure 2 , a controllable connection network security device 200 provided by an embodiment of the present invention includes:

[0059] The receiving unit 210 is configured to receive the message and notify that a new connection needs to be created;

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for controlling the connections of network security equipment, which comprises the following steps: when a message for establishing new connections is received, detecting and obtaining the number of the current concurrent connections; comparing the number of the current concurrent connections with an accelerated ageing threshold value and a concurrent connection threshold value; establishing the new connections according to the comparative result; when the number of the concurrent connections reaches or exceeds the accelerated ageing threshold value, starting the accelerated ageing process; and when the number of the concurrent connections reaches the concurrent connection threshold value, releasing releasable connections first and then establishing the new connections. Thus, when reaching the maximum number of the concurrent connections, certain connections which are not closed completely and are about to overtime can be aged in advance so as to vacate the memory space for establishing the new connections so that the network security equipment is capable of establishing the new connections continuously and supporting more connections to the maximum limit, and the performance of the network security equipment can be sufficiently excavated and used.

Description

technical field [0001] The invention relates to the technical field of network and information security, in particular to a connection control method and equipment for network security equipment. Background technique [0002] Network security devices (such as firewalls) include service access rules, verification tools, packet filtering, and application gateways, which are usually set between the internal network and the external network, between the private network and the public network, and protect the internal network by detecting and filtering packets Free from intrusion and malicious attacks by illegal users. In order to effectively filter illegal packets, the network security device (firewall) needs to track and record the connection status to realize the ability to track the connection, but the establishment, maintenance and deletion of the connection will consume system resources. As the number of connections increases, the time spent searching for connections will ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/56
Inventor 徐停芳
Owner BEIJING LEADSEC TECH