IP-MAC real-name binding based network access control system and control method

An IP-MAC and network access technology, applied in the field of network access control systems based on IP-MAC real-name binding, can solve the problem of not realizing the network real-name binding of terminal computer equipment, unable to control the permissions of different resources, and having no terminals Access to intranet control and other issues

Inactive Publication Date: 2016-08-03
霍焕潇
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 1. This technology is only aimed at the access rights of the terminal computer to the intranet, and cannot control its access to different resources in the intranet
[0007] 2. This technology does not realize the network real-name system binding of terminal computer equipment
[0008] 3. The IP address of the terminal computer can be manually specified or obtained from the DHCP server, which may easily cause management confusion
[0009] 4. An access control list or static ARP table must be established on each network device, and the management of the table is only for IP and MAC. Administrators manage dazzling IP and MAC addresses in piles of tables, and the time cost and cost of management are high probability of error
[0010] 5. The time when the terminal computer accesses the intranet cannot be automatically controlled, and the administrator needs to manually change the configuration at the approved access time and prohibited access time
[0012] 1. There is no control over terminal access to the intranet
[0013] 2. There is no control over the access time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP-MAC real-name binding based network access control system and control method
  • IP-MAC real-name binding based network access control system and control method
  • IP-MAC real-name binding based network access control system and control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0073] Embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0074] A network access control system based on IP-MAC real-name binding, such as figure 1 As shown, it includes core switches, DHCP servers, FTP servers, network access database servers, network access control servers, and office network access terminals. The core switch adopts a three-layer switch, which is the gateway of each vlan in the LAN. In the present invention, the core switch uses the DHCPSnooping function and the ARPInspection function to realize the shielding of counterfeit DHCP servers and the shielding of manually configured IP addresses. The DHCP server is directly connected to the core switch or is not directly connected to the same Layer 2 switch as the terminal subject to admission control, and is used for issuing IP addresses and binding IP-MAC. The FTP server and the core switch can access each other on the network, which is used...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of local area network access technologies, in particular to an IP-MAC real-name binding based network access control system and control method. The system comprises a core switch, a DHCP server, an FTP server and an access terminal, wherein the core switch uses a DHCP Snooping function and an ARP Inspection function; and the system further comprises a network access database server, a network access control server, a production network firewall, a server area firewall, an internet firewall and a private firewall. According to the IP-MAC real-name binding based network access control system and control method, Web programs and background programs are built in the network access control server; parameter configuration can be performed on the system through the Web programs; meanwhile, parameters are performed by utilizing the background programs, IP-MAC real-name binding and access authority effective time control can be implemented. Furthermore, due to function configuration of the core switch, shielding on a counterfeit DHCP server and a manually configured IP address can be implemented, so that sequential management of an IP address is facilitated.

Description

technical field [0001] The invention relates to the technical field of local area network access, in particular to a network access control system and control method based on IP-MAC real name binding. Background technique [0002] Generally, IP addresses are used in the local area network to manage the computers in the local area network. In a large LAN, a DHCP server is generally used to automatically assign IP addresses. In the local area network of a large manufacturing enterprise, there may be an office network, a production network, a dedicated line for connection with cooperative enterprises, and a dedicated line for Internet connection. The office network is generally used as the enterprise intranet, the production network is used as the enterprise isolation network, and the private line for connecting with cooperative enterprises and the Internet are generally used as the enterprise extranet. Due to the particularity of the manufacturing industry, it is required to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L61/103H04L63/02H04L63/10H04L63/101H04L67/02
Inventor 霍焕潇刘倩万洋邹晓燕马福华张志峰刘元民曹官准黄杰苏克健孟庆华
Owner 霍焕潇
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products