Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security service chain dynamic arrangement device

A security service and dynamic technology, applied in the field of network security, can solve the problems of non-uniform management and control interfaces of security protection equipment, lack of continuous upgrade, dynamic maintenance of security policies, dynamic deployment and adjustment of security functions on demand, and lack of technology, etc., and achieve wide application. Prospects, improve the effectiveness of security management and control, and improve the effect of flexibility

Active Publication Date: 2020-10-09
NO 54 INST OF CHINA ELECTRONICS SCI & TECH GRP
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] (1) The static and passive border security protection system is the main one. Once the existing security protection equipment is installed and deployed, it will be in a static state, lacking the ability to continuously upgrade, dynamically maintain security policies, and dynamically deploy and adjust security functions on demand in complex network environments;
[0004] (2) The management and control interfaces of safety protection equipment are not unified, which adds a lot of inconvenience for operators to use and configure safety protection equipment
[0008] However, there is still a lack of technology that can meet the above needs in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security service chain dynamic arrangement device
  • Security service chain dynamic arrangement device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be further described below in conjunction with the accompanying drawings.

[0036] Such as figure 1 As shown, a security service chain dynamic orchestration device includes a resource layer traffic transceiver module, a vSwitch virtual switch module, a security function virtual machine module, and a security function template management module of the management layer, a security service chain template management module, and a log Management module, user management module, and SDN controller module of the control layer; in addition, the control layer also includes a traffic classification module, a security function virtual machine management module, a lightweight virtual security resource management platform, a network management module, and a flow table generation module ;in:

[0037] The traffic classification module is used to perform traffic classification according to the five-tuple information of the traffic received by the traffic tran...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security service chain dynamic arrangement device, and relates to the technical field of network security. The device comprises a flow classification module, a security function virtual machine management module, a lightweight virtual security resource management platform, a network management module and a flow table generation module. The flow classification module is used for generating a flow classification result flow table; the security function virtual machine management module performs management operation on the security function virtual machine; the lightweight virtual security resource management platform realizes operations of creating, starting, deleting and the like of the security function virtual machine; the network management module realizes network configuration of the security function virtual machine; the flow table generation module is used for generating a flow traction flow table. According to the invention, through a security function service chain mode, differentiated security protection capabilities can be provided for different flows according to security requirements and network states, fine-grained, definable and diversified security protection ways are provided for the network. The method has the broad application prospect.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a security service chain dynamic orchestration device. Background technique [0002] Existing network security protection measures include multi-layer security protection equipment such as host security, network security, application security, and security management, realizing the improvement from single-device protection to in-depth security defense capabilities for the entire network. However, there is still a certain gap in dealing with high-intensity confrontation under the conditions of future informationized warfare. Mainly manifested in the following aspects: [0003] (1) The static and passive border security protection system is the main one. Once the existing security protection equipment is installed and deployed, it will be in a static state, lacking the ability to continuously upgrade, dynamically maintain security policies, and dynamically deploy and adju...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/455H04L12/24H04L12/851H04L29/06
CPCG06F9/45558H04L63/20H04L47/2441H04L41/0803G06F2009/45562G06F2009/45595
Inventor 贾哲朱晓明张林杰李吉良曹丽惠刘蓓刘晓东张海锋
Owner NO 54 INST OF CHINA ELECTRONICS SCI & TECH GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com