Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Simple network management protocol (SNMP)-based terminal security access control method

A control method and terminal security technology, applied in the direction of digital transmission system, electrical components, transmission system, etc.

Inactive Publication Date: 2013-05-01
西安交大捷普网络科技有限公司
View PDF3 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The technical problem solved by the present invention is to provide a method that can solve the problem of illegal access of terminals in the enterprise local area network environment, and at the same time realize roaming control of mobile terminals in large and medium-sized environments Function, which solves the security problem of illegal terminal access in enterprises, and at the same time realizes the needs of mobile office, adopts SNMP protocol to realize, strong network adaptability, reduces the cost and difficulty of overall system migration, and can make full use of the existing network architecture , a control method for terminal security access based on SNMP protocol that does not require expensive network architecture transformation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Simple network management protocol (SNMP)-based terminal security access control method
  • Simple network management protocol (SNMP)-based terminal security access control method
  • Simple network management protocol (SNMP)-based terminal security access control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] It mainly realizes the specific port binding between the terminal and the specific switch. In this method, the terminal access control system and the switch jointly realize the port access control. The specific method includes the following steps:

[0029] Step 1: Enable the SNMP module of the switch, configure the switch to trap the host as the terminal access control system, configure the SNMP host information of the switch in the terminal access control system, and set the legal MAC address corresponding to the specific port;

[0030] Step 2: The terminal device is connected to a certain switch port, and the switch uses a TRAP message to send the port access information to the terminal access control system;

[0031] Step 3: The terminal access control system uses SNMP to obtain the dynamic MAC table learned by the current access port, and compares and matches with the legal MAC address information corresponding to the port to determine whether the current port access...

Embodiment 2

[0035] It mainly realizes the binding between the terminal and a specific switch. In this method, the terminal access control system and the terminal switch jointly realize the port access control. The specific method includes the following steps:

[0036] Step 1: Enable the SNMP module of the switch, configure the trap host on the switch as the terminal access control system, configure the SNMP host information of the switch on the terminal access control system, and set the legal MAC address set corresponding to the switch;

[0037] Step 2: The terminal device is connected to a certain switch port, and the switch uses a TRAP message to send the port access information to the terminal access control system;

[0038] Step 3: The terminal access control system uses SNMP to obtain the dynamic MAC table learned by the current access port, and compares and matches with the legal MAC address information corresponding to the switch to determine whether the current port access MAC add...

Embodiment 3

[0042] It mainly realizes the binding between terminals and all switches in a specific security domain. This method realizes port access control jointly by the terminal access control system and switches. The specific method includes the following steps:

[0043] Step 1: Enable the SNMP module of the switch, configure the switch to trap the host as the terminal access control system, configure the SNMP host information of the switch in the terminal access control system, and set the legal MAC address set of the entire security domain corresponding to the switch;

[0044] Step 2: The terminal device is connected to a certain switch port, and the switch uses a TRAP message to send the port access information to the terminal access control system;

[0045] Step 3: The terminal access control system uses SNMP to obtain the dynamic MAC table learned by the current access port, and compares and matches with the legal MAC address information corresponding to the entire security domain...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a simple network management protocol (SNMP)-based terminal security access control method. The control method comprises the following steps of: setting a relationship between a port of a switch and a media access control (MAC) address, and providing control over the access of the MAC address of terminal equipment to a network; when the terminal equipment accesses the switch through a network cable, reporting the MAC address accessed to a control system in form of TRAP message by using the terminal switch, and when the control system judges that the access of the MAC address from the port is allowed, configuring the port of the switch into an enabled state; when the access of the MAC address is judged to be illegal, disabling the port; and after an illegal access connecting cable is removed, transmitting the state of the port of the terminal switch as a default state through an SNMP by using the control system to realize control over the access of a single MAC address to a specific terminal switch or a plurality of switches in a specific region. The overall migration cost and difficulty of a system are lowered, much infrastructure deployment cost can be greatly saved for an enterprise, and infrastructures are easy to deploy and operate.

Description

technical field [0001] The invention relates to the field of terminal security access control, in particular to a method for controlling terminal security access based on the SNMP protocol. Background technique [0002] At present, the security problem of enterprise LAN environment is prominent. Enterprises are facing the pressure of terminal access control brought by internal threats, branches, visitors and mobile office. Professional hackers driven by profit often target enterprise terminals and exploit security loopholes in terminals. Obtain unauthorized access to important resources, and then launch attacks on core business systems, resulting in data eavesdropping or destruction, core business interruption, malicious code, information leakage and other security incidents, resulting in loss of business and reputation. [0003] SNMTP (Simple Network Management Protocol), as a general security management standard protocol, can monitor the running status and data exchange i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/911H04L29/12
Inventor 何建锋刘亚轩
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products