Unlock instant, AI-driven research and patent intelligence for your innovation.

Network integration depth detection device and method based on rack switch equipment

A rack switch, in-depth detection technology, applied in electrical components, transmission systems, etc., can solve problems such as inability to guarantee performance and effectiveness, hinder dynamic defense effectiveness, and fail to resist network threats, and achieve rapid in-depth and refined security inspection and security. Effects of Forwarding Processing, Fast Deep Security Inspection, and Forwarding Processing

Active Publication Date: 2021-05-07
SHENZHEN FORWARD IND CO LTD
View PDF8 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The current technical solution, traditional network operation and maintenance methods such as SNMP, CLI, SYSLOG, and third-party packet capture tool analysis cannot track network status information in real time, lack of rapid collection of network status and timely optimization of network traffic for corresponding scenarios, and this method It is a passive network protection method and cannot respond quickly to network intrusions and attacks in a timely manner
[0004] Furthermore, the ACL access control policy technology based on L2-L4 fixed fields for data packet filtering and screening is relatively simple in protection mode, and the protection granularity is relatively coarse. It cannot resist new network threats at all, and cannot meet the requirements of some complex networks. Requirements for refinement and intelligent detection of data in the environment
[0005] Based on the above security considerations, although there is currently a new protection system that superimposes a special security detection and filtering system on the general network architecture to perform independent in-depth filtering and detection of data, this method uses switching network equipment and security detection under the traditional network architecture. In the separated and superimposed deployment of filtering devices, the configuration of security protection policies and the scheduling of network traffic exchange are independent of each other, which cannot be effectively unified and linked, and all network traffic needs to be uniformly handed over to the security detection and filtering devices for summary analysis, performance and effectiveness. Unable to guarantee, thus hindering the improvement of dynamic defense effectiveness

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network integration depth detection device and method based on rack switch equipment
  • Network integration depth detection device and method based on rack switch equipment
  • Network integration depth detection device and method based on rack switch equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] Such as figure 1 As shown, the embodiment of the present invention provides a network integrated depth detection device based on rack switch equipment, including a main control board, a switching board, a data service board, a security protection board, and interconnecting the main control board and the switching board , the data service board, and the backplane for data communication among the security protection boards.

[0044] Among them, the main control board is the central nerve of the rack-mounted equipment, which is responsible for the management of the whole machine system and the issuance of instructions; it is used to run all control plane protocols and issue control instructions to other boards.

[0045] The switching board is responsible for scheduling and forwarding the business data and safety monitoring data of the whole system, and is the necessary guarantee center for data communication between the interconnected data service board and the safety protec...

Embodiment 2

[0078] Based on the network integration depth detection device described in Embodiment 1, the embodiment of the present invention also proposes a network integration depth detection method using the device, such as Figure 4 shown, including the following steps:

[0079] S1. Use the service forwarding unit of the data service board to obtain the external user service data received by the corresponding line card;

[0080]S2. Use the service forwarding unit to analyze the data message, perform a first-level defense detection by querying the local access control list, and forward the security data of the first-level defense detection to the switching unit of the switching board;

[0081] S3. Use the switching unit to forward the service data message according to user configuration; if it is necessary to perform secondary defense detection, then forward the service data message to the security protection board, and perform step S4; if it does not need to perform secondary defense ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network integration depth detection device and method based on rack switch equipment. The device comprises a main control board, a switch board, a data service board, a safety protection board and a backboard for interconnecting data communication among the main control board, the switch board, the data service board and the safety protection board. The method optimizes the traditional low-efficiency processing concept of deploying the data security detection equipment at the key position of the network to detect and process the network service by adopting an overlapped deployment mode, adopts a brand new network communication equipment embedded security protection integrated design idea, and considers security detection and data forwarding requirements; and a safety protection module and data exchange equipment are integrally designed; a safety protection system is built in the equipment, a high-speed backboard communication channel of original rack equipment is matched, and a high-performance multi-core engine parallel deep detection technology is carried, so that rapid deep safety detection and forwarding processing of data packets are realized.

Description

technical field [0001] The invention relates to the technical field of network protection, in particular to a network integration depth detection device and method based on rack switch equipment. Background technique [0002] As the scale of the current communication network continues to expand, intrusions against the network and computer systems are gradually increasing. As an important part of network protection, security monitoring and early warning can effectively reduce the degree of threat damage because it can detect threats in time and issue alarms in advance. It can even nip threats in their infancy, so early warning of cyberspace security has attracted much attention. For traditional switch devices, including rack-mounted switches, traditional network operation and maintenance methods such as SNMP, CLI, SYSLOG, and third-party packet capture tool analysis are mostly used for network traffic security protection. The fixed fields of L2-L4 carry out the filtering and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0209H04L63/0227H04L63/101H04L63/1416
Inventor 詹晋川杨鑫
Owner SHENZHEN FORWARD IND CO LTD