Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for realizing high-performance firewall based on SOC and parallel virtual firewall

A technology of a virtual firewall and an implementation method, which is applied in the field of high-performance firewall implementation, can solve problems such as increased equipment costs, management and maintenance difficulties, achieve multiple security protection functions, improve data packet throughput performance, and improve parallel processing and detection capabilities.

Inactive Publication Date: 2013-01-02
盐城苏富特软件科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, due to the complexity of the current network application structure, the network of the same organization may have multiple entry points and border protection points. difficulties, increasing the cost of equipment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing high-performance firewall based on SOC and parallel virtual firewall
  • Method for realizing high-performance firewall based on SOC and parallel virtual firewall
  • Method for realizing high-performance firewall based on SOC and parallel virtual firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] Below in conjunction with accompanying drawing and specific embodiment the present invention will be further described:

[0040] Step 1: Realize the high-speed network data packet distributor: the chip is implemented by FPGA, including IPv4 / IPv6 dual protocol stack, to realize the preliminary analysis of the data packet, according to the source / destination bit of the packet and the configuration of the firewall security management strategy, the The data packets are distributed to the memory space of each data packet preprocessing chip;

[0041] Step 2: Implement firewall packet preprocessing chip: the chip is a reconfigurable packet filter based on FPGA design, mainly including protocol analyzer, packet filter, packet load filter, expandable module, queue management Module, flow queue management, and virtual firewall memory mapping module, realize the first packet filtering of the firewall, and improve the packet throughput of the firewall;

[0042] Step 3: Provide a s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for realizing a novel high-performance firewall. In the method, hardware chip-based packet filtering is realized by taking an FPGA chip with SDRM interface as a preprocessor for a firewall data packet, so that data packet throughput performance is effectively improved; meanwhile, a plurality of parallel virtual firewalls are realized by adopting virtual machine technology in the technology, so a protected network space can be divided and the virtual firewall can be configured for different network segments respectively, and independent secure configuration management is performed so as to improve the firewall parallel processing and detecting capacity; meanwhile, based on the security management extension function of the virtual machine, more security protection functions and finer security protection capacity can be realized.

Description

Technical field: [0001] The present invention relates to a new type of high-performance firewall implementation technology. This technology adopts SOC technology and operating system to realize IPV6 / IPV4 dual stack, and realizes support for IPv6 and IPv6 / IPv4 network environment; at the same time, it adopts the architecture of parallel virtual machine to realize The parallel way of high-speed network data packet processing improves the throughput of the firewall and realizes fine-grained state detection; this technology supports the collaboration of multiple firewalls, automatic policy configuration, and realizes automatic mapping and conflict detection of firewall policies to achieve more effective Security features. Background technique: [0002] With the development of my country's network construction, and the gradual application of the next-generation Internet protocol IPv6 technology. The high-speed network puts forward higher requirements on the performance of the fi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 傅涛陈志军张敏
Owner 盐城苏富特软件科技有限公司