Method for realizing personal virtual application firewall based on Openstack

A technology that uses firewalls and virtual applications. It is applied in the field of network security protection in desktop virtualization. It can solve problems such as blurred network boundaries, undeployable boundary firewalls, and unfavorable network boundary security.

Inactive Publication Date: 2017-09-22
SHENZHEN Y& D ELECTRONICS CO LTD
View PDF2 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

After network virtualization, the network border is blurred, and traditional border firewalls cannot be deployed, which is not conducive to the security of the network border.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing personal virtual application firewall based on Openstack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the technical problems solved by the present invention, the technical solutions adopted, and the technical effects obtained easy to understand, the specific implementation manners of the present invention will be further described below in conjunction with the specific drawings.

[0023] Such as figure 1 As shown, a method for implementing a personal virtual application firewall based on Opensatck, the operation steps are as follows:

[0024] 1. Protocol analysis engine selection;

[0025] Select nDPI to complete the application identification engine. nDPI is OpenDPI, which remains highly popular. It is released under the GPL certificate. Its goal is to add new protocols, expand the original library, and detect application layer protocols. It can detect non-standard ports. For example, http protocol other than port 80; or detect standard ports, such as skype protocol on port 80. Supports identification of 186 application protocols.

[0026] 2. Extend...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for realizing a personal virtual application firewall based on Openstack. The method comprises the following operation steps of selecting a protocol analysis engine; expanding Neutron security group rules; designing a Neutron application security group model; increasing models and tables for personal application firewall rules; expanding a Neutron client part and increasing definition of personal application firewall rule group management interfaces; expanding a Neutron server part and increasing storage and issuance of a personal application firewall rule group; increasing the query response of ovs-agent to the security group rules; expanding an agent end and realizing the effect of the personal application firewall through iptables+ndpi+tc. The method has the beneficial effects that the Openstack realizes the security group, the security group is equivalent to a personal state firewall of a PC end in a physical network, through expansion of the security group, the fined control for an application is realized, and the security of network boundaries is facilitated.

Description

technical field [0001] The invention relates to a network security protection method in desktop virtualization, in particular to an application firewall method for protection against a virtual desktop cloud office environment. Background technique [0002] Openstack provides a basic cloud platform, and it is a quick solution to implement desktop virtualization based on Openstack. Desktop virtualization includes network virtualization, computing virtualization, and storage virtualization. After network virtualization, the network border is blurred, and traditional border firewalls cannot be deployed, which is not conducive to the security of the network border. Contents of the invention [0003] The problem to be solved by the present invention is to provide a fine network security protection method for virtual desktop users. Openstack implements a security group, which is equivalent to a personal stateful firewall on the PC side in a physical network. By extending the s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 戚建淮李波
Owner SHENZHEN Y& D ELECTRONICS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap