Method, device and system for moving security policy

A technology of security policy and configuration information, applied in the field of optical networks, can solve the problems of virtual machine migration lag, network security policy cannot be automatically migrated, etc., to save time and economic costs, and solve the effect of migration lag

Active Publication Date: 2012-04-11
HUAWEI TECH CO LTD
View PDF5 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Under the traditional layer 2 network security technology, the network security policy cannot be automatically migrated with the migration of the virtual machine
In the currently common virtual machine migration solutions based on network management or virtual machine discovery and configuration protocol (English full name: Virtual Station Interface Discovery and Configuration Protocol, VDP for short), the migration of network security policies has certain limitations compared with the migration of virtual machines. Hysteresis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for moving security policy
  • Method, device and system for moving security policy
  • Method, device and system for moving security policy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Embodiments of the present invention provide a method, device and system for security policy migration. Wherein, when a virtual machine is migrated to a server, the virtual machine is associated with the data center access switch VDP directly connected to the server, and the data center access switch delivers the security policy of the virtual machine. When the virtual machine is migrated out of the server, the virtual machine The virtual machine is disassociated from the data center access switch VDP directly connected to the server, and the data center access switch deletes the security policy of the virtual machine, so that the delivery and deletion of the security policy are closely connected with the VDP association and disassociation , no manual configuration is required, and the problem in the prior art that the migration of the security policy lags behind the migration of the virtual machine is solved, saving a lot of time cost and economic cost.

[0026] The te...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method, a device and a system for moving a security policy. A video data processor (VDP) correlation message transmitted by a server in which a virtual machine is moved is received by a data center access switch, and a VDP correlation state is set as a correlation state according to the VDP correlation message; configuration information of the virtual machine is acquired by the data center access switch, and a security policy is generated according to the configuration information; when the virtual machine is moved out of the server, a VDP disassociation message transmitted by the server is received by the data center access switch, and the VDP correlation state is set as a disassociation state according to the VDP disassociation message; and the security policy of the virtual machine is deleted by the data center access switch. Due to the adoption of the method, the device and the system, the problem that the security policy is moved along with the movement of the virtual machine can be solved.

Description

technical field [0001] The invention relates to the field of optical networks, in particular to a method, device and system for security policy migration. Background technique [0002] A virtualized data center is formed by the deep integration of computing, storage, and network resources. Therefore, the smooth implementation of host virtualization technology must be matched with appropriate network security policies, otherwise everything will be out of the question. The virtualized data center appeared earlier, mainly including cluster computing and other technologies to improve computing performance; while the host virtualization technology is mainly a technology that coexists with multiple operating systems on a physical X86 system in recent years. The main purpose is to shorten the service deployment time and improve resource utilization efficiency. Virtualized data centers bring some challenges to network security, especially the migration of virtual machines, and the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L12/46H04L12/24
Inventor 吴晓东
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap