Session record generation method and device and storage medium
A technology of session record and session table, which is applied in the field of communication security, can solve problems such as difficulty in obtaining session records, firewall networking obstacles, and high cost of use
Pending Publication Date: 2020-11-17
TENCENT TECH (SHENZHEN) CO LTD
View PDF0 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Data packet A flows through firewall A and a session record can be generated in the session table of firewall A, therefore, firewall A can quickly obtain the passage decision of other data packets with the same session record as data packet A according to the session record; but the firewall It is difficult for other firewalls in the cluster except firewall A to obtain the session record, so it is impossible to directly obtain the passage decision for other data packets with the same session record as data packet A based on the session table
[0004] Of course, in order to realize the sharing of session records, existing technologies can also exchange session records between different firewalls based on private protocols. here comes a new obstacle
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0026] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.
[0027] It should be noted that the terms "first" and "second" in the description and claims of the present invention and the above drawings are used to distinguish similar objects, but not necessarily used to describe a specific sequence or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the invention described herein can be practiced in sequences other than those illustrate...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a session record generation method and apparatus, and a storage medium. The session record generation method comprises the steps of obtaining mirror image traffic of a servicedata flow; transmitting the mirror image traffic to a firewall, so that the firewall generates a session record based on the mirror image traffic, and a data packet in the mirror image traffic comprises quintuple information, wherein the firewall is used for generating a session record for a data packet when the data packet in the mirror image traffic is not hit by a session table and is allowed to pass through the firewall; and storing the session record into the session table. According to the invention, the firewall is triggered to generate the session record in a mirror image flow manner,so that even if the original service data flow corresponding to the mirror image flow does not pass through the firewall, the firewall can still obtain the adaptive session record for the service dataflow, session record synchronization is not needed. Session record sharing obstacles in the prior art are bypassed.
Description
technical field [0001] The invention relates to the field of communication security, in particular to a session record generation method, device and storage medium. Background technique [0002] With the rapid development of the industrial Internet and digitalization, internal data in all walks of life are facing security threats. Therefore, network security is becoming more and more important. Existing technologies usually require the deployment of firewalls at the network border to protect the company's internal network from being easily invaded by the outside world. . In order to adapt to scenarios with large business traffic, firewall clusters can be used in the prior art to increase the security isolation of the internal and external networks. Each firewall can filter the network traffic passing through the firewall based on the session table. If the data packets are recorded in If the session record in the session table is matched, the firewall allows the data packet ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): H04L29/08H04L29/06
CPCH04L67/1095H04L67/14H04L63/02
Inventor 杨志华邢陪邻陆素建
Owner TENCENT TECH (SHENZHEN) CO LTD