Deployment optimization method of software defined firewall based on openstack cloud platform

A software-defined and optimized technology, applied in electrical components, digital transmission systems, data exchange networks, etc., can solve problems such as deployment bottlenecks, slow deployment of security resources, and inability to satisfy tenants' rapid response to security services, so as to avoid slow deployment Effect

Active Publication Date: 2018-06-15
STATE GRID CORP OF CHINA +1
View PDF10 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] As a cloud computing framework, OpenStack has the capability of software-defined firewall (FWaaS), but as a security resource, the firewall simply instantiates the firewall without optimizing the deployment and scheduling of the firewall instance. Deployment is slow, deployment distribution is unreasonable, and cannot satisfy tenants' rapid response to security services
[0006] From the perspective of OpenStack firewall deploym...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deployment optimization method of software defined firewall based on openstack cloud platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The present invention will be further described in detail below in conjunction with the drawings and specific embodiments.

[0020] Such as figure 1 As shown, the deployment optimization method of a software-defined firewall based on the openstack cloud platform provided by the present invention includes:

[0021] 1) The firewall is used as the specific implementation module of the FWAAS standard interface, and the firewall interface originally supported by FWAAS is implemented through the firewall.

[0022] 2) Tenants divide business security domains according to their own business through the business security domain module. Each business security domain has an independent business security goal, and can independently configure, implement, manage and operate security services.

[0023] 3) In an independent business security domain, security resource pool management is realized. A security resource pool is composed of one or more security nodes. The specifications of the secur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention discloses a deployment optimization method of a software defined firewall based on an openstack cloud platform. The firewall is taken as a specific implementation module of a FWAAS standard interface; business security domains are partitioned on the basis of tenant businesses; security resource pooling management is realized in independent business security domains; a pre-allocationmechanism is adopted for security resources inside a security resource pool; and nodes can be dynamically selected in the security business domains with an optimized scheduling module during creationof the firewall according to the demand of a tenant on traffic, and a firewall instance is deployed in a security node which meets the demand of the tenant. A quick response can be made to the demandof the tenant on a security business through the method; the ability to quickly deploy the security businesses is provided for the FWAAS of the Openstack through the optimized scheduling module; andsecurity demands corresponding to different businesses are separated through a business security domain module, and the tenant can quickly acquire the firewall instance, so that a security policy is quickly configured, and the problems of slow deployment of firewall instances, delayed response and the like in an original scheme of the Openstack are solved.

Description

Technical field [0001] The invention belongs to the field of network security protection, and particularly relates to a deployment optimization method of a software-defined firewall based on an openstack cloud platform. Background technique [0002] With the popularization of cloud computing, the IT transformation brought about by software-defined data centers is unstoppable. The improvement in IT efficiency and the savings in IT costs brought about by this have benefited major enterprises, institutions, and operators, but they have also enabled traditional data The network security architecture of the center is no longer applicable to the clouded data center. The concept of Software Defined Security (SDS) is based on the principle of combining physical or virtual network security devices with their access modes, deployment methods, and functions For decoupling, the bottom layer is abstracted as resources in the security resource pool, and the top layer is unified through softwar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24H04L29/08
CPCH04L41/0803H04L63/02H04L67/1031H04L67/1036
Inventor 叶卫蔡昊洋王以良王红凯郭亚琼陈超龚小刚沈潇军戚伟强沈志豪裴旭斌耿继朴陈可王剑刘秀喻谦曾君军王豪磊
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap