Cloud desktop management system based on security gateway and security access control method thereof

Abstract

The invention discloses a cloud desktop management system based on a security gateway and a security access control method thereof. The method comprises the steps of providing a uniform security entrance by an SAG (Security Access Gateway) security gateway, and shielding an internal network; supporting a cluster, and dispatching and distributing requests by a management node; adopting a token mechanism; providing a management interface. The method provided by the invention comprising the steps of building the mapping between an external connecting port and the internal network by adopting a linux firewall NAT (Network Address Translation) technology, and providing the uniform security entrance to shield the internal network; supporting the cluster, supporting a frame of a plurality of management nodes and a plurality of Agent nodes by adopting a flexible frame and a flexible deployment way, and distributing requests by the management nodes; adopting the token mechanism to map the port and keeping the connection, and ensuring the manageability of client access and connection. The network isolation between the client and an application server can be realized, i.e. the client and the applying server are arranged at different network segments, therefore the client cannot directly visit the applying server, but can visit the resource of the applying server through a virtual machine, and the security of the virtual resources can be ensured.

Description

technical field [0001] The invention relates to a security gateway-based cloud desktop management system and a security access control method thereof. Background technique [0002] Cloud computing is a new type of computing model based on computer networks that is provided in the form of services. It is the development of a service-oriented computing model, enabling service users to access centralized shared computing resources (such as servers, storage, networks, applications, services, etc.) ), its computing resources are dynamic, scalable, and virtualized, enabling service providers to achieve flexible supply and rapid release of computing resources with minimal management interaction. [0003] Cloud desktop technology, also known as virtual desktop or desktop cloud technology, can provide users with remote computer desktop services in the cloud. The service provider runs the operating system and application software required by the user on the server in the data center,...

AI Technical Summary

Problems solved by technology

In the traditional cloud desktop system, the client's access to the virtual machine is distributed, and centralized access and control cannot be realized. Moreover, the process of accessing the virtual machine needs to involve the internal network, which cannot provide a unified security entrance, nor can it provide reasonable port mapping management.

Images