Unlock instant, AI-driven research and patent intelligence for your innovation.
A kind of arp admission control method
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An access control and unified technology, applied in the field of ARP access control, can solve problems such as one-way control, control failure, control instability, etc., and achieve the effect of stable control and guaranteed throughput
Active Publication Date: 2019-01-29
HANGZHOU INFOGO TECH
View PDF5 Cites 0 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
The existing ARP admission control method has the following main defects: (1) the control is unstable, when the ARP response of the server is faster than the ARP response of the admission control server, the control becomes invalid; (2) one-way control, only the terminal is controlled The data flow sent to the server does not control the data flow returned by the server to the terminal. When the terminal is installed with ARP firewall software, the control becomes invalid; (3) only the communication between the terminal and a single IP in the network segment can be controlled at a time, and the entire network cannot be controlled. part
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0037] A method for ARP access control, comprising the steps of:
[0038] Step 1: The admission control server actively obtains the real MAC addresses of the terminal and all other hosts in the same network segment as the terminal;
[0039] Step 2: The access control server performs network access authentication and security rule judgment on the terminal;
[0040] Step 3: The admission control server actively sends an ARP unicast update to the terminal and all other hosts in the same network segment as the terminal.
[0041] As an alternative to this embodiment, the admission control server obtains the real MAC addresses of the terminal and all other hosts in the same network segment as the terminal by using the following specific methods and steps:
[0042] S1: The terminal sends an ARP broadcast request to ask for the real MAC address of any host in the same network segment;
[0043] S2: The inquired host in the same network segment responds to the terminal and informs the...
Embodiment 2
[0053] In this embodiment, there is a terminal and five hosts in the same network segment as the terminal. For the convenience of expressing the problem, the five hosts are respectively named as the first host, the second host, the third host, and the third host. Four hosts, fifth host.
[0054] The ARP admission control method embodied in this embodiment includes the following steps:
[0055] Step 1: The admission control server actively obtains the real MAC addresses of the terminal and the first host, the second host, the third host, the fourth host, and the fifth host;
[0056] Step 2: The access control server performs network access authentication and security rule judgment on the terminal;
[0057] Step 3: The admission control server actively sends an ARP unicast update to the terminal and the first host, the second host, the third host, the fourth host, and the fifth host.
[0058] As an alternative to this embodiment, the admission control server obtains the real M...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The present invention discloses an ARP admission control method. The method comprises the following steps: the step 1, an admission control server actively obtains real MAC addresses of a terminal and all other hosts located at the same network segment as the terminal; the step 2, the admission control server performs the determination of the access authentication and the safety regulations of the terminal; and the step 3, the admission control server actively sends ARP unicast updating to the terminal and all other hosts located at the same network segment as the terminal. The admission control method can perform two-way stable ARP communication control and cannot have the problem that a server APP is too fat in response to fail in the ARP admission environment; the problem cannot be happened that the terminal installs the ARP firewall software to cause the ARP admission control failure, because the gateway switch cannot turn on the ARP firewall function; the ARP admission control method can control the communication between a non-safe terminal and all the host with the same segment; and the terminal can perform normal ARP switching after accessing the net so as to effectively guarantee the network throughput.
Description
technical field [0001] The invention relates to network security defense technology, in particular to an ARP access control method. Background technique [0002] ARP (Address Resolution Protocol) is the Address Resolution Protocol, which is a protocol for obtaining MAC addresses based on IP addresses. The host sends an ARP request broadcast to all hosts on the network, and receives the return message; after receiving the return message, store the IP address and MAC address in the local ARP cache and keep it for a certain period of time, and directly query the ARP cache for the next request. save resources. The address resolution protocol is based on the mutual trust of each host in the network. The hosts on the network can send ARP reply messages independently. When other hosts receive the reply message, they will not check the authenticity of the message and record it. In this way, the attacker can send a fake ARP response message to a certain host, so that the informatio...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More