Firewall service system and method based on virtual network

A virtual firewall and service system technology, applied in the field of virtual network firewall, can solve problems such as difficult to meet the security needs of virtual network users, and achieve the effect of achieving independence

Active Publication Date: 2014-04-30
DAWNING CLOUD COMPUTING TECH CO LTD
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, traditional firewall technology is difficu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall service system and method based on virtual network
  • Firewall service system and method based on virtual network
  • Firewall service system and method based on virtual network

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach

[0022] The present invention will be further described below in conjunction with the accompanying drawings.

[0023] like figure 1 As shown, what is shown is the virtual network-based firewall service system of the present invention, and the system includes a distributed firewall manager 10 and a firewall service node 20 .

[0024] Specifically, the distributed firewall manager 10 is used to obtain all virtual machine network interface information in the user network according to the user's network identifier; it can also determine the corresponding firewall service node 20 according to the virtual machine network interface information; and the user's Firewall configuration information and / or firewall security policies are distributed to corresponding firewall service nodes 20 .

[0025] Further, the firewall service node 20 can be configured on the OVS switch based on the open virtual switching standard OVS, and is used to manage the data flow passing through the OVS switch ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a firewall service system based on a virtual network. The firewall service system based on the virtual network comprises a distributed type firewall manager and firewall service nodes, wherein the distributed type firewall manager is used for obtaining information of all virtual machine network interfaces in a user network according to the network identity of a user, determining the corresponding firewall service nodes according to the information of the virtual machine network interfaces, and distributing firewall configuration information and/or firewall security strategies of the user to the corresponding firework service nodes; the firewall service nodes are configured on an OVS switch based on OVS and are used for managing data flow passing through the OVS switch according to the received firewall configuration information and/or the received firewall security strategies of the user. The invention further provides a method for obtaining a virtual network firewall. By the adoption of the firewall service system based on the virtual network and the method for obtaining the virtual network firewall, through the deployment and the distributed management of the firewall service nodes, establishment of the distributed virtual network firewall is achieved.

Description

technical field [0001] The present invention relates to the field of computer technology, more specifically, to a virtual network-based firewall service system and a method for realizing a virtual network firewall. Background technique [0002] Traditional network firewalls are generally deployed at the border of the network, on links that can monitor all traffic in the network. Filter the data packets sent to the internal network, and refer to the set firewall security policy to forward or discard the data packets. [0003] In a virtualized network environment, physical network resources are shared by all virtual network users, but for users, the network is exclusive and isolated from other user networks. Each user or service flow network has different network security requirements according to its own network service characteristics, and has different requirements for firewall deployment and security policies. Due to the scalability of the virtual network, the user's net...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 张翔王军林唐明徐博成书晟
Owner DAWNING CLOUD COMPUTING TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap