An external terminal protection device and protection system for data flow control

Abstract

The invention discloses an external terminal protection device for data flow control and a corresponding protection system, wherein the external terminal protection device includes: an interface control module, which is used to provide multiple data interfaces, respectively connected to a protected host and one or A plurality of external devices; a system control module, which is used to monitor the data transmission status of each data interface in the interface control module in real time, and control the data flow of each data interface. The present invention can achieve the functions of protocol filtering and auditing of various types of data traffic without installing traffic monitoring and security protection software on the protected host, and then realize the effects of low-latency network auditing and high-reliability protocol filtering, and comprehensively solve the problem of Potential safety hazards such as virus Trojan implantation and traffic anomalies that may arise from each interface.

Description

technical field [0001] The invention belongs to the technical field of computer security, and in particular relates to an external terminal protection device for data flow control and a corresponding protection system. Background technique [0002] In recent years, the rapid development of computer and network technology has greatly promoted the popularization of the network. While people are increasingly enjoying the convenience brought by the network traffic, it also provides security for the data traffic in the computers used by people in production / life. It brings new threats, such as common traffic attacks, hacker theft, unauthorized access, posing as legitimate users, destroying data integrity, interfering with the normal operation of the system, using the network to spread viruses, and man-in-the-middle eavesdropping, etc. [0003] There are many technical means to solve the problems of intranet computer network traffic control and information security, such as instal...

AI Technical Summary

Problems solved by technology

According to statistics, 70% of computer crimes are caused by the illegal use of key resources such as hosts by insiders, and only 30% of the real threats come from outside. Irregular external equipment, implanted Trojan horse back door, resulting in abnormal data flow or even network paralysis, as well as system misoperation or deliberate destruction, will cause adverse effects or even major losses on agencies, enterprises and institutions.

[0004] At the same time, for some special equipment, such as the host equipped with special software control, the equipment of the engineer station / worker station in some industrial fields, these hosts / equipment are often not suitable for such systems on the market due to the particularity of the system. Network flow control software and security protection software, or the installation of flow control software or security software may easily cause compatibility problems with the original software of the host, or even affect performance

In addition, the hosts of these engineer stations / worker stations will basically not upgrade the operating system after they go online. Even after installing traffic monitoring and security software, they often do not update the anti-malicious code software version and malicious code library in time, which cannot achieve comprehensive protection. Flow control, network data filtering / auditing and security protection

Images