A configuration method, device, SDN controller, and medium of a security entry

A security meter and controller technology, applied in the field of communication, can solve the problems of unable to filter messages, heavy configuration workload, and low efficiency, and achieve the effects of ensuring terminal security, reducing configuration workload, and improving configuration efficiency

Active Publication Date: 2022-04-22
NEW H3C BIG DATA TECH CO LTD
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there will inevitably be some terminals using static IP addresses in the network, and the packets carrying static IP addresses cannot be effectively filtered through the IP Source Guard function.
[0005] If you manually configure the binding entries of terminals using static IP addresses for each interface, you need to configure the interfaces in the branch network one by one, which requires a lot of configuration work and low efficiency.
If the SDN controller is used to implement branch network deployment, the administrator needs to collect static IP addresses and Media Access Control (MAC) addresses. Once the administrator enters the wrong IP address and MAC address, the terminal cannot be connected normally. access to the network, or cannot effectively filter packets, the security of terminal access cannot be guaranteed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A configuration method, device, SDN controller, and medium of a security entry
  • A configuration method, device, SDN controller, and medium of a security entry
  • A configuration method, device, SDN controller, and medium of a security entry

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0085] In order to reduce the configuration workload and improve configuration efficiency under the premise of ensuring the security of terminal access, the embodiment of the present application provides a method for configuring security entries, which can be applied to massive small branches through the SDN controller. In the scenario where the network is used for management. Exemplary, such as figure 1 As shown, the embodiment of the present application can...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Embodiments of the present invention provide a security entry configuration method, device, SDN controller and medium, and relate to the technical field of communications. The embodiment of the present application includes: collecting the DHCP Snooping entry, the ARP Snooping entry and the WLAN Snooping entry of each AP in the controlled network topology; according to the collected DHCP Snooping entry, ARP Snooping entry and WLAN Snooping The table item generates a security table item; receives the information of the terminal to be bound, and statically binds the security table item of each terminal to be bound to the switch or AP connected by the terminal to be bound, so that the switch and AP in the network topology are based on the static The bound security entry performs packet filtering. On the premise of ensuring terminal access security, the configuration workload can be reduced and configuration efficiency can be improved.

Description

technical field [0001] The present invention relates to the field of communication technologies, in particular to a configuration method and device, an SDN controller and a medium of a security entry. Background technique [0002] Network security is very important to the network of every enterprise. At present, there are some small-scale outlets, such as small-scale business outlets in the financial industry, outlets in the retail industry, etc., which have the characteristics of small network scale and small number of access users. And each small-scale network also needs to communicate with the headquarters, which is responsible for deployment and management. [0003] This kind of massive small branch network is suitable for management through the software defined network (Software Defined Network, SDN) controller. The network administrator does not need to be familiar with the configuration method of each network device. Batches of network configurations are delivered to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L61/103H04L61/5014
CPCH04L61/103H04L61/5014
Inventor 霍晓宇
Owner NEW H3C BIG DATA TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap