Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Data transmission method and system based on virtualized network and network security equipment

A technology of virtualized network and security equipment, applied in the field of data transmission method, device and system based on virtualized network, can solve problems such as uncontrollable, unable to defend in a fundamentally effective way, affecting client resource access, etc. The effect of improving network security, improving security, preventing intrusion attacks

Active Publication Date: 2021-08-10
北京宇创瑞联信息技术有限公司
View PDF2 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, the risks at the software level are mainly reflected in: (1) The traditional network security defense method is to passively detect virus samples, intrusion signature samples and other mechanisms. What can be released and what can be blocked, but in actual network communication, hackers are often simulated as ordinary users who can be released to access, and are directly released by the network security gateway to enter the user's intranet, which causes uncontrollable risks; (2) The traditional network security is a tower defense. Various security software products are stacked and accumulated, and various static passive defenses are superimposed on each other. It is impossible to defend in a fundamentally effective way. Dynamic + unknown automatic defense; (3) Traditional application software, network equipment, and network security equipment are all marked with clear IP identifiers, such as IP addresses or MAC addresses, which will create opportunities for hackers to scan and detect network IP with hacking tools. Address or MAC address and then find the risk of corresponding vulnerabilities to attack; (4) In addition, common application software or system software often expands and borders infinitely due to system vulnerabilities or patches, etc. If hackers exploit software vulnerabilities, they will The risk of launching an intrusion attack, thus bringing new risks and hidden dangers
[0005] In terms of hardware-level risks, traditional network security devices operate in an inline mode for network operation and maintenance, so that it is convenient to connect and debug their own devices remotely. At this time, there will be a potential risk of , the network security protection device is exposed in the network, that is to say, any node in the network can connect to this device as long as the network route is reachable. At that time, hackers can use brute force password cracking to continuously Try the user name, password, or log in to the browser vulnerability of this security device or find the back door to carry out intrusion attacks; at the same time, the network security device itself also has crystal oscillator attacks on the CPU and side-channel attacks on memory resources through physical attacks. The attack method can directly bypass any security protection and directly take over the core control unit, achieving the risk of arbitrary manipulation of equipment
In addition, there is another problem that if you want to disconnect the client's access to a certain resource of the server, you need to disconnect the actual physical link to really prevent the client from accessing, and the disconnection of the actual physical line will affect the client's access to the server. Access to other business resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data transmission method and system based on virtualized network and network security equipment
  • Data transmission method and system based on virtualized network and network security equipment
  • Data transmission method and system based on virtualized network and network security equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in further detail below in conjunction with the embodiments and accompanying drawings. Here, the exemplary embodiments and descriptions of the present invention are used to explain the present invention, but not to limit the present invention.

[0045] Here, it should also be noted that, in order to avoid obscuring the present invention due to unnecessary details, only the structures and / or processing steps closely related to the solution according to the present invention are shown in the drawings, and the related Other details are not relevant to the invention.

[0046] It should be emphasized that the term "comprises / comprises / has" when used herein refers to the presence of a feature, element, step or component, but does not exclude the presence or addition of one or more other features, elements, steps or components.

[0047] In o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a data transmission method and system based on a virtualized network and network security equipment. The method comprises the following steps: a plurality of data messages sent from a plurality of first end communication equipment is hijacked by first security equipment; the first security equipment determines a mapping relationship between real network information and virtual network information of the first end communication equipment and the opposite end communication equipment based on a predetermined compiling strategy, and creates a virtualized network on a physical line established between each first end communication equipment and the opposite end communication equipment based on the mapping relationship; a data message is sent to an opposite-end communication equipment based on the created virtualized network; the first safety equipment receives a data message which is sent by second safety equipment on the opposite-end communication equipment side and comes from the opposite-end communication equipment, and analyzes and restores a virtual network address of the opposite-end communication equipment based on a pre-stored compiling strategy; and after successful restoration, the restored data message of the real network address of the opposite-end communication equipment is transmitted to the corresponding first-end communication equipment.

Description

technical field [0001] The present invention relates to the technical field of data security, in particular to a virtualized network-based data transmission method, device and system. Background technique [0002] In recent years in our country, with the development of network technology and the popularization and enrichment of network applications, the problem of network security has become increasingly serious. High-tech crimes using information technology have shown an increasing trend. Therefore, building a safe communication environment is an inevitable trend. [0003] Due to the diversity of connection forms, the uneven distribution of terminals, and the openness and interconnectivity of the network, it is possible for attackers to detect and scan asset devices in the network, eavesdrop on information on the network, and steal user information. Passwords, database information; it is also possible to tamper with the contents of the database, forge user identities, and d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/1441
Inventor 于洪姜春晓吴胜于芷澜于业浩杨丽萍
Owner 北京宇创瑞联信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products