Authentication method, system and DHCP proxy server
A technology of proxy server and authentication server, which is applied in the field of authentication method, system and dynamic host configuration protocol proxy server, which can solve problems such as inspection and inability to perform terminal security, and achieve a simple effect
Inactive Publication Date: 2011-06-29
NEW H3C TECH CO LTD
View PDF5 Cites 24 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0026] From the above description of the WEB gateway authentication scheme, it can be known that although the WEB gateway authentication scheme can solve the technical problems brought by the IEEE 802.1X scheme, in the specific implementation, the WEB gateway authentication scheme can only pass through the web page (i.e. send HTTP request) for user identity authentication, but cannot perform security checks on the terminal itself (such as: whether to install anti-virus software, etc.), and the WEB gateway authentication scheme usually adopts a private protocol, and requires the use of a private protocol that supports the WEB gateway Access equipment, so it is necessary to transform the existing network architecture of the enterprise network and redeploy and upgrade the access equipment
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0051] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments.
[0052] The authentication method provided by the embodiment of the present invention mainly utilizes the DHCP and DNS service mechanism deployed in the network, which can ensure that the terminal does not need to install an additional client, and does not need the cooperation of the access device to realize identity authentication and security authentication. For details, see image 3 process shown.
[0053] see image 3 , image 3 The basic flowchart provided for the embodiment of the present invention. This procedure is applicable to a system including terminals, authentication server, DHCP server, DNS server, DHCP proxy server, and DNS proxy server.
[0054] In this process, the DHCP proxy server may be a proxy plug-in installed on the DHCP ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides an authentication method, an authentication system and a dynamic host configuration protocol (DHCP) proxy server. The method comprises that: A, the DHCP proxy server intercepts DHCP response message sent to a terminal by a DHCP server and carrying a domain name system (DNS) server address, and judges whether the terminal is secure; if the terminal is not secure, the DHCP proxy server modifies the address of the DNS server in the DHCP response message into the address of a DNS proxy server, and forwards the modified DHCP response message to the terminal, so that the terminal sends a domain name resolving request to the address of the DNS proxy server if an external network resource needs to be accessed after the modified DHCP response message is received; and B, after receiving the domain name resolving request, the DNS proxy server triggers an authentication server to authenticate the terminal. By adopting the method, the system and the DHCP proxy server, authentication of the terminal can be realized without the coordination of access equipment.
Description
technical field [0001] The invention relates to the technical field of network security, in particular to an authentication method, system and dynamic host configuration protocol (DHCP) proxy server. Background technique [0002] With the rapid development of the information age, network security is facing unprecedented challenges. In order to ensure the security and availability of the enterprise network, in network construction, we must not only block illegal intrusions from the periphery of the enterprise network (such as installing firewalls, anti-virus software, various intrusion detection software, etc.), but also control the The legitimacy and security of terminals inside the network before accessing the network. [0003] At present, for the security control of terminal access to the network, various authentication methods have appeared in the industry. Among them, the relatively mature authentication schemes are IEEE 802.1x and WEB gateway schemes, which are describ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): H04L29/06H04L29/08H04L29/12H04W12/08
Inventor 刘安于红
Owner NEW H3C TECH CO LTD