Unlock instant, AI-driven research and patent intelligence for your innovation.

Network boundary violation inline detection and blocking system

A network boundary and subsystem technology, applied in the field of network security, can solve the problems of difficult deployment and maintenance, illegal access concealment deception, etc., to achieve the effect of improving efficiency and accuracy, avoiding incomplete results, and solving difficult positioning.

Active Publication Date: 2018-05-04
GUIZHOU POWER GRID CO LTD
View PDF2 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The technical problem to be solved by the present invention is to study a detection and blocking system for inline network border violations, to solve the problem of terminal evasion in the existing network border violation control system, and to easily break through the restrictions of switch port binding through MAC cloning + NAT, Illegal access is concealed and deceptive, leading to strict control of the control system, which will make its own deployment and maintenance a difficult problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network boundary violation inline detection and blocking system
  • Network boundary violation inline detection and blocking system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] Example 1: Log in to the system as a super user

[0033] The system provides three types of functions for super users: parameter setting, equipment linkage control management and user management.

[0034] Parameter setting: mainly complete the main operation and management parameter configuration of the system, mainly equipment performance management parameters, scanning address range, setting of main scanning parameters, database maintenance plan, network equipment management, etc.;

[0035] Device linkage control management: mainly completes the management of terminal incident response control. The system provides an emergency response mechanism for violations, so as to quickly and accurately eliminate the threat of violations to network security and improve the efficiency of violation incidents. Emergency response control methods are mainly divided into Three types: 1. Blocking control based on switch ports; 2. Blocking control based on ARP spoofing; 3. Sending email...

Embodiment 2

[0037] Example 2: Management user identity login system

[0038] The management user is the most used user of the system. After the super management user sets the system operation parameters, the subsequent system management and maintenance work is mainly in charge of the management user. The management authority and authorized address range of the management user are specified by the super management user, and the management user maintains and manages the system within the scope of its authorization.

[0039] The main functions of managing users include: query statistics and reports, network management, equipment linkage control management and user management.

[0040] Query statistics and reports: Provide users with relevant information query and statistical functions, including alarm information, IP real-name management, device port information management, IP usage tracking audit, network access tracking audit. Alarm information includes individual and combined query of al...

Embodiment 3

[0044] Embodiment 3: Audit user identity login system

[0045] The audit user is responsible for the audit and supervision of the system. Like the super management user, there is only one such user. The system provides two functions for the audit user: audit and password modification. The audit functions provided by the system for audit users mainly include: user operation log audit, system operation log audit and device operation log audit.

[0046] User operation log audit: perform unified audit management on user login, logout, query, policy management, parameter configuration, user management and other behaviors, and provide corresponding retrieval query conditions, including user name, operation type, operation time period alone and Combined query, without specifying query conditions, the system will query all operation logs by default, and support report generation and printing;

[0047] System operation log audit: Responsible for auditing the operation log of the syste...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network boundary violation inline detection and blocking system. The system comprises a background scan service system, a database system and a foreground user management system. The database system carries out data transmission and storage between the background scan service system and the foreground user management system. The foreground user management system comprisesa network resource management subsystem, a network boundary scan subsystem, an asset identification and management subsystem, a device monitoring subsystem and an emergency response management subsystem. The database system comprises a data communication subsystem, a system authorization management subsystem and a database subsystem. The foreground user management system comprises a foreground user interface subsystem. According to the system, B / S architecture is employed overall; traffic in a network is analyzed, so the problem that a result is incomplete and is not objective possibly resulting from a human factor is avoided; and violation access is detected and positioned by scanning wireless signals through utilization of wireless probes, so the problem that the violation access has concealment and fraudulence and flees from supervision is solved.

Description

technical field [0001] The invention relates to a detection and blocking system for network boundary violation inline, which belongs to the field of network security. Background technique [0002] With the expansion of the network scale, the network boundary is constantly changing and adjusting, and the complete protection of the boundary becomes more and more difficult. Fortresses are easiest to break through from the inside, and any point inside the network may tear a hole in the boundary, secretly Data interaction with the outside world is not subject to any supervision. Currently, the main network BYOD (Bring Your Own Device) refers to the devices you carry. These devices include personal computers, smart phones, tablets and other devices, private connection problems of portable WIFI devices, and private connection problems of wireless / wired routing devices. The harms caused mainly include: 1. The original network boundary is multiplied and destroyed; 2. It is easy to b...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1416
Inventor 张盛安周洋陈卿戴建丽陈常霖张民磊卢妤王劲午付中林周波周浩然张勇杨帆帆陶智强
Owner GUIZHOU POWER GRID CO LTD