Safety domain control method and system based on virtual network

A control method and technology of virtual network, applied in the field of security domain control system based on virtual network, can solve problems such as belonging to the same network segment, difficult to solve security domain follow, difficult to build security domain by firewall, etc.

Active Publication Date: 2014-04-30
DAWNING CLOUD COMPUTING TECH CO LTD
View PDF6 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the actual environment, many computers that should be in the same security domain are distributed in various subnets, and they cannot be grouped into the same network segment to set boundaries for control
Moreover, in the virtual network environment, the network is scalable and dynamically changing, so it is difficult to use the traditional way of deploying firewalls to build the function of the security domain, and it is difficult to solve the problem of following the security domain after the migration of the virtual machine
[0004] For the problems in related technologies, no effective solutions have been proposed yet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety domain control method and system based on virtual network
  • Safety domain control method and system based on virtual network
  • Safety domain control method and system based on virtual network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be further described below in conjunction with the accompanying drawings.

[0026] Such as figure 1 Shown is an embodiment of the security domain control method based on the virtual network of the present invention, the method may include the following steps:

[0027] S101, the security domain controller receives the data packet header sent by the OVS switch based on the virtual switching standard OVS, wherein the data packet header is the data packet header of the data packet in the data stream flowing into the OVS switch;

[0028] S102. The security domain controller instructs the OVS switch to release the data flow when determining that the data flow received by the OVS is a safe data flow according to the information carried in the data packet header and the preset white list in the security domain.

[0029] Such as figure 2 As shown, in an optional embodiment of the present invention, before step S101, the method further includes:

[...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a safety domain control method based on a virtual network. The safety domain control method and system based on the virtual network comprises the steps that a safety domain controller receives a data package head which is based on a virtual exchange standard OVS and is transmitted by an OVS exchanger, wherein the date package head is a data package head of a data package in a data stream flowing into the OVS exchanger; the safety domain controller indicates the OVS exchanger to release the data stream when the safety domain controller confirms that the data stream received by the OVS is a safe data stream according to information carried by the data package head and a preset white list in a safety domain. In addition, the invention further provides a safety domain control system based on the virtual network.

Description

technical field [0001] The present invention relates to the field of computer technology, and more specifically, to a virtual network-based security domain control method and a virtual network-based security domain control system. Background technique [0002] A security domain is a collection of network elements that have the same or similar security protection requirements and protection strategies, trust each other, and are interrelated in the same network. In a traditional network, the general implementation method is to deploy a firewall at the border. Through the firewall policy, it is controlled which IPs are allowed to access this domain, which IPs are not allowed to access this domain, which IPs / network segments are allowed to be accessed by this domain, and which are not allowed. Which IPs / network segments to visit. [0003] In an actual environment, many computers that should be in the same security domain are distributed in various subnets, and they cannot be gr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 张翔王军林唐明徐博成书晟
Owner DAWNING CLOUD COMPUTING TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap