Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security protection method and device

A network security and protection device technology, applied in the Internet field, can solve problems such as failure to update detection features in time, attack traffic amplification, and tenant security threats, so as to improve intrusion detection and defense capabilities, avoid limitations, and reduce defense pressure.

Inactive Publication Date: 2017-05-10
HUAWEI TECH CO LTD
View PDF2 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] This application provides a method and device for network security protection, which are used to solve the problem that each defense system cannot effectively communicate with the upper layer or adjacent defense systems in a single operation, cannot update detection features in time to carry out defense and interception actions, and network attacks break through a single point After the defense system, the defense pressure of another defense system will be greatly increased, and the infinite amplification of attack traffic will easily cause the failure of multiple single-node defense systems, and tenants will face great security threats.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security protection method and device
  • Network security protection method and device
  • Network security protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0121] figure 1 In the security protection system shown, the defense traffic pressure brought about by the single-point defense system being breached by hackers becomes greater. The detection features of a single node defense system are weak and cannot effectively identify new network attack methods. When the defense system of a certain node discovers a new type of attack method, it cannot effectively notify another defense node or it takes a long time to manually notify the operation and maintenance personnel to update the rules. The single operation of each defense system cannot effectively communicate with the upper layer or adjacent defense systems, and cannot update the detection features in time to carry out defensive interception actions.

[0122] In order to overcome these problems, a node controller (also called a node control center) and a management control system (also called a management center) are added to the network security protection system provided by this...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Embodiments of the invention provide a network security protection method and device. According to the network security protection method and device, a first node controller receives the characteristic data of network attacks, wherein the characteristic data of the network attacks are sent by a first prevention system, wherein the first prevention system is any prevention system connected with the first node controller; a new detection and prevention rule is established according to the characteristic data; the new detection and prevention rule is sent to at least one second prevention system, so that the at least one second prevention system can detect and intercept the network attacks according to the detection and prevention rule, wherein the second prevention systems are prevention systems connected with the first node controller; and each prevention system can send the characteristic data of the detected attacks to the node controller, and the node controller generates the detection and prevention rule and sends the detection and prevention rule to the plurality of prevention systems managed by the node controller, so that the plurality of prevention systems can simultaneously detect and prevent the attacks, intrusion discovery and prevention capabilities can be improved, and the prevention pressure of a single prevention system can be effectively reduced.

Description

technical field [0001] The embodiments of the present invention relate to Internet technologies, and in particular to a network security protection method and device. Background technique [0002] With the continuous development of network technology, network viruses, attacks, hackers and other technologies are also more rapid, and virus mutations, attacks are intelligent and multiplied, and the maintenance of network security is particularly important. [0003] figure 1 It is a schematic diagram of a conventional network security protection system, such as figure 1 As shown, in view of the current network attacks and the propagation of viruses and Trojan horses, most enterprises will deploy firewalls Anti-DDos, intrusion detection systems (English: Intrusion Detection Systems, abbreviated: IDS), and intrusion prevention systems (English: Intrusion PreventionSystems) at the network layer. , referred to as: IPS) and firewalls to detect and intercept it; and in the applicati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0263H04L63/1416H04L63/1441
Inventor 高毅杨松
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com