Unlock instant, AI-driven research and patent intelligence for your innovation.

Micro-segment deployment method, security device, storage medium and device

A technology of security equipment and deployment devices, applied in the field of communication, can solve the problems of low efficiency of deployment methods, and achieve the effect of accurate security rules and low efficiency.

Inactive Publication Date: 2019-11-26
SANGFOR TECH INC
View PDF13 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0022] The main purpose of the present invention is to provide a micro-segmentation deployment method, security equipment, storage media and devices, aiming to solve the technical problem of low efficiency of the deployment mode existing in the current micro-segmentation automatic deployment scheme

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Micro-segment deployment method, security device, storage medium and device
  • Micro-segment deployment method, security device, storage medium and device
  • Micro-segment deployment method, security device, storage medium and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0081] It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

[0082] refer to figure 1 , figure 1 It is a schematic structural diagram of the security device of the hardware operating environment involved in the solution of the embodiment of the present invention.

[0083] like figure 1 As shown, the security device may include: a processor 1001 , such as a CPU, a communication bus 1002 , a user interface 1003 , a network interface 1004 , and a memory 1005 . Wherein, the communication bus 1002 is used to realize connection and communication between these components. The user interface 1003 may include a display screen (Display). The optional user interface 1003 may also include a standard wired interface and a wireless interface. The wired interface of the user interface 1003 may be a USB interface in the present invention. Optionally, the network interface 1004 may in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a micro-segment deployment method, a security device, a storage medium and a device. According to the invention, the security device obtains a security rule of each device in alocal network, establishes a rule model based on the security rule of each device according to the preset data structure, and adaptively modifies the security rule of each device in the local networkaccording to the rule model so as to realize micro-segment deployment of the local network. According to the invention, the security rules of all devices are stored in one place in a centralized manner; wherein the limited storage mode is that the security rules are stored in a rule model based on a preset data structure; and the rule model further optimizes the stored security rules, so that thesecurity rules applied in the micro-segment deployment process can be more accurate, and invalid or redundant security rules can be removed, thereby solving the technical problem that the efficiencyof the deployment mode of the current micro-segment automatic deployment scheme is too low.

Description

technical field [0001] The present invention relates to the technical field of communications, and in particular to a micro-segmentation deployment method, safety equipment, storage medium and device. Background technique [0002] In the early stage of network transmission, traffic is mainly in the north-south direction. Among them, the north-south traffic mainly refers to the traffic flowing between the internal and external network boundaries. In contrast, the east-west traffic mainly refers to the data center internal network equipment. With the continuous optimization of the deployment structure of the data center and the addition of new devices, the proportion of east-west traffic will gradually increase, but this will lead to a large number of illegal access to the intranet. [0003] This is because the usual security protection, such as firewall and other technologies, is aimed at north-south traffic. When many hosts in the internal network are compromised, they will ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/0263
Inventor 陈晓帆古亮
Owner SANGFOR TECH INC