North-south flow safety protection system in cloud computing network

A north-south traffic, cloud computing network technology, applied in the field of north-south traffic security protection systems

Inactive Publication Date: 2016-01-13
北京汉柏科技有限公司
View PDF5 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] On the one hand, there is no essential difference between the protection methods of these traffic and the security protection of traditional data centers; on the other hand, cloud security deployment in a virtualized environment has a multi-tenant service model, so the The degree of realization has a higher requirement

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • North-south flow safety protection system in cloud computing network
  • North-south flow safety protection system in cloud computing network
  • North-south flow safety protection system in cloud computing network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in combination with specific embodiments and with reference to the accompanying drawings. It should be understood that these descriptions are exemplary only, and are not intended to limit the scope of the present invention. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concept of the present invention.

[0036] figure 1 is a schematic diagram of the deployment structure according to the first embodiment of the present invention.

[0037] The applicable scenario of this deployment structure is that the tenant needs an independent security system with routing function, and the identification of the tenant depends on the virtualization platform instead of the security system.

[0038] Such as figure 1 As shown, the north-...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a north-south flow safety protection system in a cloud computing network. The system comprises a virtual machine occupied by a tenant, a virtual firewall for monitoring communication between the virtual machine currently occupied by the tenant and a Network, a first network forwarding layer and a second network forwarding layer, wherein the first network forwarding layer is used for judging a source of a message through recognizing a label of the received message, if the message is from the virtual machine, the message is forwarded to the virtual firewall corresponding to the tenant of the current virtual machine, and the message processed by the virtual firewall is sent to the Network via a second-layer switch and a third-layer switch; and the second network forwarding layer is used for receiving the message from the Network, judging the tenant to which the message belongs through recognizing the label of the message, issuing the message to the virtual machine corresponding to the tenant designated by the label of the message, and forwarding the message sent by the virtual machine to the second-layer switch.

Description

technical field [0001] The invention relates to the technical field of cloud computing, in particular to a north-south flow security protection system in a cloud computing network. Background technique [0002] The virtual computing environment is mainly composed of a virtual machine VM and a virtualization system Hypervisor. From the perspective of network border protection, there are security risks such as north-south traffic of virtual machine VMs, east-west traffic access, intrusion, and evasion. [0003] In most cases, the tenant's internal network is cross-node, and most of them have a two-layer network structure (it is not ruled out that there is also a three-layer network structure, but considering the migration of virtual machines across data centers, etc., in most cases, a large two-layer network structure is still used. network structure), so access between virtual machines within tenants has the following characteristics. The virtual machines of the same tenant...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F9/455
CPCH04L63/02G06F9/45504
Inventor 王智民
Owner 北京汉柏科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap