Security policy configuration system and method for virtual security gateway

A security policy and security gateway technology, applied in the field of cloud computing virtual security protection, can solve the problems of inability to configure and manage security policies, inconvenient VSG operation and maintenance, and open VSG management rights.

Active Publication Date: 2015-06-17
CHINA TELECOM CORP LTD
View PDF4 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, the security policy of VSG cannot be configured and managed from the user's perspective, which will make the operation and maintenance of VSG very inconvenient, and it is difficult to open VSG management authority to users, and VSG cannot provide users with better personalized network communication security monitoring service

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security policy configuration system and method for virtual security gateway
  • Security policy configuration system and method for virtual security gateway
  • Security policy configuration system and method for virtual security gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] Various exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. It should be noted that the relative arrangements of components and steps, numerical expressions and numerical values ​​set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.

[0066] At the same time, it should be understood that, for the convenience of description, the sizes of the various parts shown in the drawings are not drawn according to the actual proportional relationship.

[0067] The following description of at least one exemplary embodiment is merely illustrative in nature and in no way taken as limiting the invention, its application or uses.

[0068] Techniques, methods and devices known to those of ordinary skill in the relevant art may not be discussed in detail, but where appropriate, such techniques, methods and devices should be considered part of the descript...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a security policy configuration system and method for a virtual security gateway. The method comprises the steps that user security policies are generated according to user configuration; with virtual network interface cards as minimum units, the user security policies of all users are split into minimum unit user security policies respectively; a user information base is inquired for obtaining information of a virtual machine which the virtual network interface cards belong to, information of a physical machine which the virtual machine belongs to, and VSG information deployed on the physical machine, and obtaining VSG security policies from the user information base, wherein the information of the virtual machine, the information of the physical machine and the VSG information correspond to all the minimum unit user security policies respectively; with the virtual network interface cards as the minimum units, all the VSG security policies are split into minimum unit VSG security policies; the minimum unit user security policies are utilized for updating the minimum unit VSG security policies, the updated minimum unit VSG security policies are combined with VSGs as units to generate the latest VSG security policies, and the latest VSG security policies are issued to all the VSGs. According to the system and the method, the VSG security policies of a Hypervisor mode can be configured from user dimensionality.

Description

technical field [0001] The invention relates to cloud computing virtual security protection technology, in particular to a security policy configuration system and method for a virtual security gateway. Background technique [0002] Virtual Security Gateway (Visual Security Gateway, VSG) is an emerging cloud computing security product. VSG is deployed on the cloud platform in the form of a virtual machine, which can provide security detection and control for network communication between virtual machines hosted on the cloud platform. At present, there are various implementation methods of VSG products in the industry, among which VSG in hypervisor mode is one of the most promising implementation methods. The implementation principle of VSG in hypervisor mode is as follows: Some mainstream virtualization software providers open application programming interfaces (APIs) to third-party security partners. , so that third-party security partners can couple their security gatewa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0227
Inventor 樊宁何明沈军金华敏
Owner CHINA TELECOM CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap