Unlock instant, AI-driven research and patent intelligence for your innovation.

Data transmission method, system, computer readable storage medium and electronic device

A data transmission method and data transmission system technology, applied in the field of information security, can solve problems such as unsuccessful mapping, large performance loss, and inability to add NSH

Active Publication Date: 2022-04-29
SANGFOR TECH INC
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above prior art needs to add / remove NSH multiple times for the security components in the same device, and the performance loss is relatively large
And when the security component has SNAT and DNAT, if there are multiple service chains passing through the security component, the Proxy agent cannot add a specific NSH, resulting in unsuccessful mapping based on quintuple and NSH

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data transmission method, system, computer readable storage medium and electronic device
  • Data transmission method, system, computer readable storage medium and electronic device
  • Data transmission method, system, computer readable storage medium and electronic device

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0093] Example 1. Implementation scheme of Bypass function

[0094] Step 1: When receiving the service chain adjustment instruction, determine the first target security component corresponding to the service chain adjustment instruction;

[0095] Wherein, the service chain adjustment command can be a Bypass trigger command or a Bypass recovery command. When the service chain adjustment command is a Bypass trigger command, it means that the virtual machine corresponding to the first security component is in a power-off state or in a crash state. When the service chain adjustment command is a Bypass recovery command The instruction indicates that the virtual machine corresponding to the first security component has recovered from a power-off state or a crash state to a normal state, and can participate in the data cleaning operation.

[0096] Step 2: Modify the input and output port states of the first target security component in all service chains corresponding to the first ta...

example 2

[0098] Example 2. Implementation scheme of high availability of business chain

[0099] Step 1: When it is detected that the second target security component is faulty, perform an active-standby switchover operation to replace the second target security component with a standby security component;

[0100] Step 2: Replace the input and output ports of the second target security component with the input and output ports of the standby security component, and update the service chain.

[0101] Among them, this embodiment is equivalent to the active-standby switching operation, replacing the faulty second target security component with a standby security component, and replacing the input and output ports of the second target security component in the service chain with the input and output ports of the standby security component . Specifically, different security components can have the same function, and when used as a master-standby switchover, when the master security compon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application discloses a data transmission method, which is applied to a business chain. The data transmission method includes: after the current security component cleans the data packets, judge the current security component and the next security component according to the configuration information of the business chain Whether it is a security component of the same device; wherein, the data packet is specifically the data packet after stripping the NSH; if so, the data packet is transmitted to the next security component; if not, in the data packet Adding a target NSH, and transmitting the data packet after adding the target NSH to the next security component. The method can reduce the performance loss of adding and stripping NSH in the process of data transmission in the service chain, and improve the efficiency of data transmission. The application also discloses a data transmission system, a computer-readable storage medium and an electronic device, which have the above beneficial effects.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a data transmission method and system, a computer-readable storage medium and an electronic device. Background technique [0002] In the security resource pool scenario, data packets need to go through various service nodes from the external network (public network) to the internal network (user network), or from the external network to the internal network, so as to ensure fast and secure , Stable network service. These service nodes include well-known vIDS, vNGFW, vAC, vAD, etc. Network data packets need to pass through designated network service nodes sequentially in the order required by specific business logic, which is the business chain. [0003] The implementation method of the service chain in the prior art is: use the Proxy agent to receive the data packet forwarded by SFF (Service Function Forwarder, a module responsible for the traffic forwardin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L12/46H04L41/0663
CPCH04L63/0281H04L63/0272H04L12/4633H04L12/4641H04L41/0663
Inventor 翟云箭张锋陈晓帆古亮丁万夫
Owner SANGFOR TECH INC