Virtualization data exchange safety system for virtualization network

Abstract

The invention provides a virtualization data exchange safety system for a virtualization network, and relates to the field of data exchange safety management in a virtualization system in the field of computers and operating systems. The virtualization data exchange safety system comprises a server and a virtual exchange system arranged inside the server. The virtualization data exchange safety system is structurally characterized in that the virtual exchange system is further provided with a virtual exchange interface definition module, a service registration and authentication module, an illegal data repair module and a data routing module. All virtual address serial numbers in a virtual machine virtual address are in one-to-one correspondence with all interface serial numbers in the virtual exchange interface definition module and then are connected to a virtual switch virtual address, and the virtual switch virtual address is connected to a data forwarding module through an access control module, the service registration and authentication module, the illegal data repair module and the data routing module in sequence. The virtualization data exchange safety system for the virtualization network ensures safe exchange of virtualization data through virtual ports and a safety management module, thereby having the advantages of being authentic, practical and safe.

Description

technical field [0001] The invention relates to the field of data exchange security management under a virtualization system in the field of computers and operating systems, in particular to a virtualization data exchange security system. Background technique [0002] In the prior art, the data exchange in the virtualized environment only communicates through the network card address, and lacks the virtual interface management for the virtual switching system, so that the security management technology based on the port number identification in many physical switching technologies cannot be used in the virtualized environment. difficult to achieve, such as figure 1 shown. With such a technical solution, once data packet spoofing occurs in a virtualized environment, the virtualized switching network system will face a huge challenge. Flood attack paralysis, man-in-the-middle interception attack listens to data between virtual machine virtual addresses, and flood attack any...

AI Technical Summary

Problems solved by technology

Its technical solution only has the IP-MAC-interface recording method, which is only applied to physical switches and cannot build virtual interfaces in virtualized systems

Another example is the "Cisco UCS Virtualization Technology White Paper", which only describes virtual links, does not mention virtual ports and virtual port working methods, and does not mention the subsequent security policy construction and implementation under virtualization and virtualized ports. method

Images