Method for processing data stream between different fire-proof walls

A technology of firewall and data flow, applied in the field of virtual firewall, it can solve the problem of not being able to achieve the function of firewall protection, and achieve the effect of network security protection

Inactive Publication Date: 2007-04-18
HUAWEI TECH CO LTD
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the transit data flow and the non-transit data flow cannot be distinguished, it is impossible to better adopt reasonable security policie

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for processing data stream between different fire-proof walls
  • Method for processing data stream between different fire-proof walls
  • Method for processing data stream between different fire-proof walls

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0037] The core idea of ​​the present invention is as follows: in each virtual firewall and the root firewall, a private security zone and a virtual security zone for transferring data flow are respectively set, and the ports belonging to each virtual firewall and the root firewall are respectively set at any location of the respective firewalls. On a private security zone; set security policies between the private security zones of each firewall, and set security policies between each private security zone of each firewall and its own virtual security zone; when the data flow crosses between virtual firewalls or across the root firewall and When transmitting between virtual firewalls, the sender uses the security policy between the source security zone of the firewall to which the data stream belongs and the virtual security zone to filter the data stream, and the receiver uses the destination security zone of the firewall to which the data stream arrives and the virtual securi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for processing data stream between different firewalls, both arranging virtual safty region on virtual firewall and root firewall, and setting safety policies between each virtual safety region and other private safety regions of the firewall it belongs to, and when data stream is transmitted between virtual firewalls or between root firewall and virtual firewall, adopting source safety region of the firewall that the data stream belongs to, and the safety policies between virtual safety regions to filter the data stream at the transitting end, and adopting destination safety region of the firewall that the data stream reaches, and the safety policies between virtual safety regions to fitler the data stream at the receiving end. And it adopts reasonable safety policies and filteration to the data stream, and makes the firewalls play the role of protecting network safety.

Description

technical field [0001] The invention relates to a virtual firewall technology, in particular to a method for processing data flows across different virtual firewalls or between a root firewall and a virtual firewall. Background technique [0002] A firewall (FW, Firewall) refers to a combination of a series of components set between different networks, such as a trusted intranet and an untrusted public network or network security domain. A firewall can protect the network by monitoring, restricting, and changing the data flow across the firewall, and shielding the information, structure, and operation of the network from the outside as much as possible. The firewall effectively monitors the data exchange between the internal network and the external network, ensuring the security of the internal network. [0003] At present, firewalls often formulate security policies based on security zones rather than interfaces. Common security zones include Trusted Network (Trust) Zone,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/06
Inventor 王宁雷奕康齐志张日华朱志强唐正斌
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap