Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Virtual machine migration system and method

A virtual machine migration and virtual machine technology, applied in the field of network security, can solve the problems of inability to migrate session information at the same time, virtual firewall policy redundancy, and low policy matching performance

Pending Publication Date: 2022-03-04
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the need for safe operation, maintenance and management of the data center or other reasons such as server power failure, it is sometimes necessary to migrate the virtual machine, that is, to migrate to other server nodes in the cloud environment. The security policy management method issued by the management platform, the management platform issues all the security policies to each virtual protection wall. When the virtual machine is migrated, no matter which node it is on, it will be able to match the security policy corresponding to the virtual machine. However, in practice, it is found that , all the security policies are sent to each virtual firewall, which will easily lead to redundancy of virtual firewall policies, resulting in low policy matching performance. At the same time, session information cannot be migrated at the same time when the virtual machine is migrated, thus affecting the business of the virtual machine communication performance
It can be seen that the existing virtual machine migration method easily leads to redundant virtual firewall policies, reduces policy matching performance, and also affects the communication performance of virtual machine services

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtual machine migration system and method
  • Virtual machine migration system and method
  • Virtual machine migration system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] Please see figure 1 , figure 1 A schematic flowchart of a virtual machine migration system is provided for the embodiment of the present application. Wherein, the virtual machine migration system includes a security management platform 110 , a first virtual firewall 120 , a second virtual firewall 130 , a target virtual machine 140 and a cloud platform 150 .

[0055] S201. Before the cloud platform 150 detects the migration action of the target virtual machine 140, the security management platform 110 registers relevant information of the connected cloud platform 150, and obtains authentication information of the cloud platform 150 according to the relevant information.

[0056] In the embodiment of the present application, the authentication information includes the virtual machine migration notification function and the communication address of the security management platform 110, etc., which is not limited in the embodiment of the present application.

[0057] In ...

Embodiment 2

[0112] Please see figure 2 , figure 2 It is a schematic flowchart of another virtual machine migration method provided in the embodiment of the present application. like figure 2 As shown, wherein the virtual machine migration method is applied to the first virtual firewall 120 shown in Embodiment 1, including:

[0113] S301. Receive migration notification information for the target virtual machine 140 sent by the security management platform 110 .

[0114] S302. Generate a target key-value pair according to the migration notification information; the target key-value pair includes the communication address of the migrated second virtual firewall 130 and policy and session information of the target virtual machine 140 on the first virtual firewall 120 .

[0115] S303. Add the target key-value pair to the preset global key-value database, so that the second virtual firewall 130 monitors the newly added target key-value pair in the global key-value database, and according ...

Embodiment 3

[0121] Please see image 3 , image 3 It is a schematic flowchart of a method for migrating a virtual machine provided in the embodiment of the present application. like image 3 As shown, the virtual machine migration method is applied to the safety management platform 110 of Embodiment 1, including:

[0122] S401. Register relevant information of the connected cloud platform 150, and call an authentication interface of the cloud platform 150 to perform user password authentication according to the relevant information.

[0123] S402. Determine whether the authentication is passed. If yes, perform steps S404 to S407; if not, perform step S403.

[0124] S403. Report the cloud platform 150 authentication error prompt information, and end this process.

[0125] S404. Obtain a safety management certification certificate.

[0126] S405. Decrypt the safety management certification certificate to obtain certification information; and register a virtual machine migration functio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a virtual machine migration system and method, and the method comprises the steps: an installation and management platform sends migration notification information for a target virtual machine to a first virtual firewall when the target virtual machine is migrated, the first virtual firewall generates a target key value pair according to the migration notification information, and adds the target key value pair to a preset global key value database, the second virtual firewall monitors a newly added target key value pair in the global key value database and establishes connection with the first virtual firewall according to the target key value pair, and the first virtual firewall synchronizes the policy and session information to the second virtual firewall; when the migration action of the target virtual machine is completed, the installation and management platform sends migration completion notification information to the first virtual firewall; and the first virtual firewall receives the migration completion notification information, and deletes the policy and session information in the first virtual firewall, so that the problem of policy redundancy of the virtual protection wall can be avoided, the performance of the virtual firewall is ensured, and meanwhile, the communication performance of the service of the virtual machine is not influenced.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a virtual machine migration system and method. Background technique [0002] At present, service virtualization technology has been widely used in data centers at all levels. Through this technology, multiple independent VM virtual machines can be virtualized on a single physical server, and these VM virtual machines can be regarded as an independent physical server. , which has its own IP address and MAC address, its own operating system and various applications. Due to the need for safe operation, maintenance and management of the data center or other reasons such as server power failure, it is sometimes necessary to migrate the virtual machine, that is, to migrate to other server nodes in the cloud environment. The security policy management method issued by the management platform, the management platform issues all the security policies to each virtual p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L41/0894H04L41/28G06F9/455G06F16/23G06F16/245G06F16/27
CPCH04L63/0218H04L63/20H04L41/0893H04L41/28H04L63/083H04L63/0823G06F9/45558G06F16/2358G06F16/245G06F16/27G06F2009/4557G06F2009/45587G06F2009/45595
Inventor 黄永平
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com