Implementation method of north-south micro-isolation architecture

An implementation method and architecture technology, which is applied in the implementation field of north-south micro-isolation architecture, can solve problems such as inability to form isolation, hundreds or thousands, or even tens of thousands, and hidden dangers in network security, so as to improve security. Effect

Pending Publication Date: 2021-12-14
中科星启(北京)科技有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in terms of current north-south traffic and access, from terminals to firewalls, IDS / IPS, WAF, etc., all accesses are integrated to form a huge and complex network architecture. For example, for a company, its terminals may be several Hundreds or thousands, even tens of thousands
Such a huge number of terminals are mixed together. When encountering network attacks, it is difficult to achieve efficient processing, and at the same time cannot form effective isolation, which brings huge hidden dangers to network security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Implementation method of north-south micro-isolation architecture

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0017] Such as figure 1 As shown, the implementation method of a north-south micro-isolation architecture disclosed in the present invention includes the following steps:

[0018] (1) In the entire north-south network architecture, a zero-trust micro-isolation architecture is used for comprehensive reconstruction. The network elements in the micro-isolation architecture include but are not limited to terminals, next-generation firewalls, and application / service security. Gatekeeper / data exchange and data center; the described micro-isolation architecture can be:

[0019] 1) Based on the micro-isolation of the host agent, the data flow in the network is visible, and the data flow is transmitted to the central server through the agent located in the network endpoint.

[0020] 2) Micro-isolation is realized based on the virtual machine monitorin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an implementation method of a north-south micro-isolation architecture, which comprises the following steps: in the whole north-south network architecture, carrying out comprehensive reconstruction by using a zero-trust micro-isolation architecture, and grouping network elements according to different attributes; in the security processing process of the terminal, the next-generation firewall, the application / service security, the gatekeeper / data exchange and the data center, performing targeted processing by adopting different processing strategies according to the classification; when security risks are detected at a terminal, a next-generation firewall, application / service security, a gatekeeper / data exchange and a data center, performing linkage processing through a linkage module, processing being automatically carried out according to grouping, and different management strategies being issued to corresponding micro-isolation groups. A systematized micro-isolation architecture is formed, and the security of the network is improved through a linkage mechanism of each network element.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method for realizing a north-south micro-isolation architecture. Background technique [0002] In recent years, with the rapid development of cloud computing, the structure of the data center has also changed to meet the emerging needs. At the same time, the scale of the original security problems is expanding, and new security problems and challenges are emerging. The traffic in the virtual network is invisible, the security level of multiple tenants is different, and the security policies are diversified. Traditional network firewalls are somewhat powerless. [0003] At present, there have been a series of improvements in network security architecture in the past few years. Among them, more and more people in the industry believe that network security cannot rely solely on network firewalls at the perimeter to stop network attackers. Therefore, by dividi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/0209
Inventor 雷奕康
Owner 中科星启(北京)科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap