Distributed network firewall system of Linux based on defense strategy

A distributed network and firewall technology, applied in the field of distributed firewall system based on defense strategy, can solve the problems of lack of uniformity and efficiency, insufficient implementation of distributed firewall, and distributed firewall staying in model establishment and design, etc. Achieve the effects of reducing errors, protecting against intrusion, and efficient policy configuration

Inactive Publication Date: 2013-04-24
BEIHANG UNIV
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in view of the current domestic and foreign status quo, most of the research on distributed firewalls stays at the model establishment and design stage, and a few distributed firewall products that have been implemented are all based on the underlying configuration language in terms of firewall policy formulation, which is different from configuring each firewall individually. The practice of computer firewall defense rules is basically the same, and the core feature of distributed firewall "policy centralized customization" is not fully realized, thus lacking due uniformity and efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed network firewall system of Linux based on defense strategy
  • Distributed network firewall system of Linux based on defense strategy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be further described in detail below in conjunction with the accompanying drawings.

[0034] The invention is a distributed firewall system based on defense strategies for computers installed with Linux operating system in the local area network. This system is divided into two parts: the server subsystem and the client subsystem, see figure 1 shown. Among them, the server subsystem is responsible for editing the network topology and deploying the defense strategy, mainly converting the defense strategy selected by the user into the underlying defense rules that can be deployed by the client; the client subsystem is responsible for deploying the received underlying defense rules to the user ( PC installed with the client subsystem) in the stand-alone firewall.

[0035] In the present invention, the server subsystem includes a network topology processing module, a strategy integration module, a strategy reasoning engine module, a defense meas...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a distributed network firewall system of Linux based on a defense strategy, which provides network security protection for a computer with a Linux operating system in a local area network. The system has a distributed structure which consists of a server terminal subsystem and a client subsystem. In the network firewall system, a network topologic structure for the local area network is firstly constructed in the server terminal for the local area network to be protected and then services to be protected and possibly attacked manners are selected and a defense rule document is generated. The defense rule document is timely updated in the client system and deployed to achieve the purpose of protection. A plurality of defense rules aiming at different computers and services in the network are generated by means of strategy reasoning and explanation of the client system to protect all computers with the client subsystem and firewall correspondingly. One defense strategy is set for a single network node to safely protect the plurality of network nodes simultaneously.

Description

technical field [0001] The invention relates to a computer firewall system, more particularly, refers to a distributed firewall system based on defense strategies for protecting computers installed with Linux operating systems in local area networks. Background technique [0002] Local Area Network (Local Area Network) is a computer communication network that connects various computers, external devices, and databases within a local geographical area (such as a school, factory, and institution). It can be connected with a remote local area network, database or processing center through a data communication network or a dedicated data circuit to form a large-scale information processing system. LAN for short refers to a computer group formed by interconnecting multiple computers in a certain area. "A certain area" refers to the same office, the same building, the same company and the same school, etc., generally within a few kilometers. Local area network can realize functi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 王海泉杨启朗孙孟涛夏春和
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap