Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for automatically establishing Ethernet communication safety rules

A communication security and Ethernet technology, which is applied in the field of automatic establishment of Ethernet communication security rules, can solve the problems of error-prone adding rules, troublesome configuration of firewall rules, and blocking of legal communication packets, so as to improve efficiency and accuracy and ensure real-time Effects on Sexuality and Data Integrity

Inactive Publication Date: 2014-05-07
BEIJING LIKONG HUACON TECH
View PDF11 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The firewall rule configuration process is very troublesome. Before configuration, you must first collect a large amount of network information, such as which devices are in the network, which devices’ communication packets are allowed to pass, and which devices are denied to pass, etc.; after collecting and sorting out information, you need to add it to It is in the list of firewall rules, but it is easy to make mistakes when adding rules. Once the rule configuration is wrong, some legal communication packets may be blocked, affecting normal communication. In industrial networks, its impact is even greater, because in industrial networks, need Ensure real-time transmission and data integrity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for automatically establishing Ethernet communication safety rules

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0035] The security device connected to the network intercepts the message trying to pass through the protocol analysis module, and the analysis results are as follows:

[0036] Source IP: 172.18.16.121;

[0037] Source port: 1032

[0038] Target IP: 172.18.16.122;

[0039] Destination port: 502;

[0040] device address: 1;

[0041] Function code: 3;

[0042] Start address: 100;

[0043] The address length is: 20;

[0044] Send the analysis result information to the rule wizard module, and the rule wizard module will automatically form two rules for the security device, which are firewall rules and industrial communication protocol rules, as follows:

[0045] Firewall rules:

[0046] 172.18.16.121:1032 -> 172.18.16.122:502;

[0047] Industrial communication protocol rules:

[0048] Device address 1, function code 3, register address range is 100-119.

[0049] Add firewall rules and industrial communication protocol rules into communication security rules to complete ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for automatically establishing an Ethernet communication safety rule. The steps are as follows: 1, a safety device is connected to a network; 2, the safety device acquires a data packet in the Ethernet passively; 3, the safety device sends the acquired data packet to a protocol analysis module; 4, the protocol analysis module analyzes the content of the data packet, acquires information of the type of a communication protocol, and determines whether the communication protocol is an industrial communication protocol or not; 5, if the communication protocol is the industrial communication protocol, key information in the data packet is analyzed and extracted; 6, the extracted information is sent to a rule auxiliary generation guide module; and 7, the rule auxiliary generation guide module receives the information and forms the safety rule after judging the information is complete. The method provided by the invention form the safety rule according to data information in actual communication, enables setting of the safety rule to be targeted, not missing and convenient for labor saving, and ensures the real-time performance of transmission and the integrity of data in an industrial network.

Description

technical field [0001] The invention relates to the field of communication security, in particular to a method for automatically establishing Ethernet communication security rules. Background technique [0002] When firewalls currently on the market are deployed on a network, it is first necessary to configure rules for the firewall. The firewall rule configuration process is very troublesome. Before configuration, you must first collect a large amount of network information, such as which devices are in the network, which devices’ communication packets are allowed to pass, and which devices are denied to pass, etc.; after collecting and sorting out information, you need to add it to It is in the list of firewall rules, but it is easy to make mistakes when adding rules. Once the rule configuration is wrong, some legal communication packets may be blocked, affecting normal communication. In industrial networks, its impact is even greater, because in industrial networks, need ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 谷永国何迪江
Owner BEIJING LIKONG HUACON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com