Network access control method and system and related equipment

A technology for network access and network equipment, applied in the field of communication, can solve the problems of complex network deployment, poor client security, poor isolation of different services, etc., to achieve the effect of increasing security, enhancing isolation, and reducing the complexity of network deployment

Active Publication Date: 2018-05-25
BEIJING HUAWEI DIGITAL TECH
View PDF7 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the present invention provides a network access control method, related equipment and system, with the purpose of solving the problems of poor client security, complex network deployment, and gaps between different services existing in the prior art in network access authentication methods. The problem of poor isolation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network access control method and system and related equipment
  • Network access control method and system and related equipment
  • Network access control method and system and related equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0078] like figure 2 As shown, it is a schematic flowchart of a network access control method provided by Embodiment 1 of the present invention. The network access control method is applicable to network devices in the network access control system. In this embodiment, through service-based authentication, only services that pass the authentication can access the network, so that different services do not interfere with each other. It achieves the purpose of enhancing the isolation between different services, and achieves the purpose of greatly increasing the security of network access compared with only one user authentication, and realizes the purpose of reducing the complexity of network deployment by authenticating each user Purpose.

[0079] When executing the network access control method, such as figure 2 As shown, first execute steps S100 and S101 to pre-set network devices and authentication servers; then execute steps S102 to S110 to perform service authenticatio...

example 1

[0105] Based on the above-mentioned network access control method disclosed in Embodiment 1 of the present invention, taking the specific application scenario of configuring a controlled port as an example, when the IEEE 802.1p priority of the PORT1 controlled port of the network device is preset as Priority1 and Priority2; The user service authorization information pre-configured by the authentication server indicates that the priority of the service that can be authorized is Priority1;

[0106] When the service types currently available to the user are voice services and streaming media services, the user service types are distinguished through the IEEE 802.1p priority, and the priority of the user's voice service is set as Priority1 (priority 1), and the user's The priority of the streaming media service is set to Priority2 (priority 2); that is, the PORT1 controlled port with the priority of Priority1 corresponds to forwarding the data traffic of the voice service, and the ...

Embodiment 2

[0125]Based on the network access control method disclosed in the above-mentioned embodiments of the present invention, the authentication method adopted in the process of network access control is service authentication. In addition to using the service authentication method, Embodiment 2 of the present invention also discloses Authentication mode network access control, and network access control combined with VLAN authentication mode;

[0126] When combining service authentication and MAC authentication, specifically combining the above-mentioned network access control method disclosed in Embodiment 1 of the present invention, only the difference between the two will be described, and the principles of other execution steps are the same. The description in Embodiment 1 of the invention will not be repeated here:

[0127] When step S100 is performed to pre-set the network device, the network device classifies the service type of the user through the IEEE802.1p priority on th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network access control method and system and related equipment. According to the method, the priorities of service types corresponding to controlled ports in network equipmentare preset, and the priorities of service types capable of being authorized are preset in an authentication server; in the authentication process of network access control, for users executing different service types, only the users passing authentication and executing the service types of which the priorities are consistent with those of the controlled ports in an authorized state can access thenetwork, therefore, it is guaranteed that different services do not intervene one another, and the purpose of enhancing the isolation among different services is achieved; compared with the mode thatonly one user is authenticated, the purpose of greatly improving the network access security is achieved; and by means of the mode of authenticating all the users, the purpose of reducing the networkdeployment complexity is achieved.

Description

technical field [0001] The present invention relates to the technical field of communications, and more specifically, to a network access control method, related equipment and a system. Background technique [0002] Currently, network access control systems such as figure 1 As shown, it generally consists of client A, network device B and authentication server C. The network device B provides the port for the client A to access the LAN, and the authentication server C provides the authentication service for the network device B, wherein, the authentication system (Authenticator) in the network device B is internally provided with a controlled port and an uncontrolled port; According to the authentication result of the authentication server C, when the controlled port is in the authorized state, the controlled port is in the bidirectional connection state and can accept normal data flow to pass through. [0003] In the process of network access by the client, although the p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/06H04W84/12
CPCH04W12/06H04W84/12
Inventor 王凯章成松
Owner BEIJING HUAWEI DIGITAL TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap