Safety isolation method for virtual network and physical network of cloud computing

A technology of virtual network and physical network, applied in the field of cloud computing virtual network and physical network isolation security, can solve problems such as security risks, physical network and virtual network are not isolated, and restrict cloud computing maturity.

Inactive Publication Date: 2011-11-23
GCI SCI & TECH
View PDF3 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] like figure 1 As shown, the physical network and the virtual machine network of the current cloud computing platform are interoperable, which poses a major security risk to the security of the cloud computing network and restricts the maturity of cloud computing technology.
[0008] The physical network and the virtual network are not isolated, and the two networks will communicate with each other, causing great security risks; When a hacker invades any machine in the virtual network, it can infiltrate the physical network machine and invade the user's internal network, thus causing a great security risk

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety isolation method for virtual network and physical network of cloud computing
  • Safety isolation method for virtual network and physical network of cloud computing
  • Safety isolation method for virtual network and physical network of cloud computing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The present invention will be further described below in conjunction with the accompanying drawings.

[0032] Such as figure 2 As shown, the present invention discloses a security method for isolating a cloud computing virtual network and a physical network,

[0033] The methods include:

[0034] 1) Set the interface connected to the physical network card of the physical switch to trunk mode;

[0035] 2) The node server divides one or more virtual machines contained in multiple different vlans through the virtual network bridge and virtual switch, and performs vlan tagged and untagged operations on the data frames sent from the physical network card of the node server. The data frame identifies the data frame according to the vlan id information of the corresponding tag header, and realizes the isolation of the two-layer network;

[0036] Layer 2 network isolation can perform VLAN tagged and untagged operations on data frames through the VLAN function provided by th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a safety isolation method for a virtual network and a physical network of cloud computing, wherein the isolation between the both layers of networks is realized by carrying out VLAN (Virtual Local Area Network) tagged and untagged operations on data frames, the access control of three layers is realized by a fire wall, the dynamic safety control is realized with the addition of IDS (Intrusion Detection System) software, so that not only can the communication between different VLANs be controlled, but also the access of other machines in the inner network to the cloud inner network can be controlled. Simultaneously, the network isolation can be performed between virtual machines or between virtual machines and physical machines by employing the VLAN, so that the physical machines and the virtual machines are divided in the different VLANs, namely, the isolation between the physical network and the virtual network can be realized.

Description

technical field [0001] The invention relates to the network technology security field of cloud computing technology, in particular to a method for isolating a cloud computing virtual network and a physical network for safety. Background technique [0002] Cloud computing provides IT resources through the network in the form of services. It has the advantages of paying on demand, reducing costs, anytime, anywhere, energy saving and consumption reduction. It is another industrial revolution after large computers, PCs and the Internet. [0003] Cloud computing will promote traditional equipment providers to enter the service field, promote the transformation of software companies to service, reintegrate the industrial chain, and give birth to emerging service formats that integrate across industries, which will have a positive and far-reaching impact on industrial upgrading and structural adjustment. [0004] Cloud computing is a new way of resource management. In this mode, mu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 纪求华何文聪
Owner GCI SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap