Method and device for monitoring flow of virtual network

A technology of virtual network and traffic

Inactive Publication Date: 2016-02-17
BEIJING VENUS INFORMATION SECURITY TECH +1
View PDF2 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are currently a large number of KVM virtualization environments that directly use LinuxBridge as a virtual switch module on the market. LinuxBridge does not support mirroring data packets on it to specific virtual ports, so secure virtual machines cannot be directly deployed in such environments. However, the prior art does not provide a method for monitoring virtual network traffic realized based on LinuxBridge

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for monitoring flow of virtual network
  • Method and device for monitoring flow of virtual network
  • Method and device for monitoring flow of virtual network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0054] image 3 It is a schematic diagram of the deployment method of all related components and modules on the KVM host, such as image 3 As shown, the monitoring agent runs in the user state of the KVM host, and it uses the raw socket (RAWSocket) method to monitor the layer 2 data packets from LinuxBridge1.

[0055] When deploying a secure virtual machine, create virtual network devices such as LinuxBridge2, TAP2, TAP3, and TAP4 for the secure virtual machine, where TAP2 is connected to LinuxBridge1 where the business network is located to provide a management interface for the secure virtual machine; TAP3 is connected to vNIC3 is the packet capture port of the security virtual machine. The difference from other environments is that the data packets are written directly from the monitoring agent to the buffer of the TAP3 device. However, for the security virtual machine, this process is completely transparent and No modification is required; TAP4 is used for some security v...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for monitoring the flow of a virtual network. The method and device are applied to the virtual network which is realized on the basis of Linux Bridge in the KVM virtualization environment, a monitoring agent is set in a host system of the virtual network in advance, the work mode of Linux Bridge in the host system is set as a hybrid mode, and the monitoring agent is used to capture a double-layer data packet of the Linux bridge through which multiple virtual machines are connected. The method comprises that the monitoring agent captures all the double-layer data packets that pass the Linux Bridge; and when the monitoring agent determines that the captured data packets need safety monitoring, the data packets are sent to a safety virtual machine. The monitoring agent captures the double-layer data packets that pass the Linux Bridge, and the transmits the data packets that need safety monitoring to the safety virtual machine for safety detection, and thus, the flow of the virtual network is monitored.

Description

technical field [0001] The invention relates to the field of virtualization technology and information security technology, in particular to a method and device for monitoring virtual network traffic realized based on LinuxBridge (a network bridge of a Linux system) in a kernel virtual machine (KVM, Kernel-basedVirtualMachine) virtualization environment. Background technique [0002] Cloud computing is another new revolution in computers and the Internet. It transfers computing and storage to the cloud, and users can use lightweight portable terminals to perform complex calculations and large-capacity storage. From a technical point of view, cloud computing is not just a new concept, parallel computing and virtualization are the main technical means to realize cloud computing applications. Due to the rapid development of hardware technology, the performance of an ordinary physical server far exceeds the hardware performance requirements of an ordinary single user. Therefore...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26
Inventor 李陟曲武
Owner BEIJING VENUS INFORMATION SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap