CN103929323A - Health degree monitoring method of cloud network equipment - Google Patents
Health degree monitoring method of cloud network equipment Download PDFInfo
- Publication number
- CN103929323A CN103929323A CN201310700345.3A CN201310700345A CN103929323A CN 103929323 A CN103929323 A CN 103929323A CN 201310700345 A CN201310700345 A CN 201310700345A CN 103929323 A CN103929323 A CN 103929323A
- Authority
- CN
- China
- Prior art keywords
- client
- software
- server
- network
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
Provided is a health degree monitoring method of cloud network equipment. The method includes the steps that state scanning is conducted on a client; state information obtained through scanning is sent to a server; the server conducts health degree analysis and processing according to the state information. According to the method, an active mode is used for monitoring the safety of the cloud equipment in a cloud network uniformly, and the situation that client equipment in the cloud network is threatened can be effectively avoided; dynamic centralized monitoring is conducted on scanning software installed on the cloud equipment, the safe state of the cloud equipment is analyzed, therefore, corresponding safety processing actions can be sent out in real time so as to conduct processing uniformly, and the overall safety risk of the cloud equipment in the cloud network is reduced to the minimum level.
Description
Technical field
The present invention relates to networking technology area, relate to particularly a kind of health degree method for supervising of the cloud network equipment.
Background technology
Under the flourish drive of cloud network and network application market, network security marketplace has welcome high-speed development period in recent years, one side is along with the extension of network, network size expands rapidly, it is day by day complicated that safety problem becomes, and construction can be managed, controlled, believable network is also the prerequisite that further advances network applications evolve; The business of carrying along with network is on the other hand day by day complicated, guarantees that application layer security is the new direction of network security development.
For the equipment on cloud network, the mode of current use is that each equipment is safeguarded voluntarily, for equipment, can fill antivirus software, if do not fill antivirus software, the system of equipment meeting automatic-prompting equipment is dangerous, and user can according to circumstances judge whether to need safe antivirus software voluntarily.
But, this method is only to have utilized the network health degree situation of equipment monomer user judgement and awareness apparatus, cannot extract the service condition of application software, therefore cannot judge the holistic health degree situation of equipment all in a certain network area, and can not analyze and carry out corresponding solution behavior act to the health degree degree of equipment.
Summary of the invention
In view of above-mentioned technical problem, the object of this invention is to provide a kind of health degree of the mode unified monitoring cloud network equipment of taking the initiative and make the cloud network equipment health degree method for supervising that solves behavior act.
For achieving the above object, technical scheme of the present invention is: a kind of health degree method for supervising of the cloud network equipment, and the method comprises:
Client is carried out to status scan;
The state information that scanning is obtained sends to server;
Server carries out the analysis of health degree degree and processes based on state information.
Wherein, the state information of described client comprises one or more in following: operating system version number and the security breaches that exist thereof, the bogusware existing in system and/or wooden horse software, the application software of current installation and version number thereof, the unloading information of software, the system vulnerability information existing in application software, the antivirus software of current installation and version number thereof.
Wherein, client is in scanning mode information send to server on following opportunity: when client is opened, client is first during access network, and client is when installing new software or unloading old software.
Wherein, before described step of client being carried out to status scan, also comprise server is carried out to the step that safety arranges, describedly server is carried out to step that safety arranges comprise at least one in following: bogusware information list is set, the list of wooden horse software information is set, the list of leak software information is set, client is set and recommends the antivirus software that maybe must install and/or upgrade bag.
Wherein, the processing that described server carries out comprises one or more in following: send warning message, forbid installing, Compulsory Removal, remind or force client executing software upgrading, remind or force client unloading application software, disconnect network or/and interconnection network.
Further, the processing that described server carries out comprises one or more in following:
If client exists bogusware or wooden horse software, server sends instruction Compulsory Removal;
If contain bogusware or wooden horse software in the software that client is being installed, server sends instruction to be forbidden installing;
If there is obvious leak in the software that client has been installed or installed, server sends warning message, reminds client not install or force client executing software upgrading;
If the operating system of client is windows7 and following windows version, server gives a warning or mandatory requirement is installed certain antivirus software;
If the operating system of client is in windows8 and above version, linux system or mac system, server is not carried out warning or is forced action.
Further, the processing that described server carries out also comprises:
If there is virus or wooden horse software in client device, or the pressure action of client refusal execution server indication, server is processed this client executing suspension, and sends alert message to client;
When client is by unloading virus or wooden horse software, or process and reach after safe class according to server indication execution, the network that server is opened this client connects.
Further, the processing that described server carries out also comprises: for client health status all in a certain network area, carry out statistical analysis, and the integral device health status of output network.
The beneficial effect of the inventive method is: method of the present invention adopts the safety of the equipment in active mode unified monitoring cloud network, can effectively prevent that in cloud network, client device is on the hazard; By carrying out dynamic centralized monitor to scanning software is installed on equipment, and the safe condition of analytical equipment, can send in real time corresponding safe handling and move and process with unified, the general safety risk of cloud equipment in network is reduced to floor level in time.
Accompanying drawing explanation
Fig. 1 is the flow chart of the health degree method for supervising of the cloud network equipment of the present invention;
Fig. 2 is the method flow diagram of the preferred embodiments of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention more cheer and bright, below in conjunction with embodiment and with reference to accompanying drawing, the present invention is described in more detail.Should be appreciated that, these descriptions are exemplary, and do not really want to limit the scope of the invention.In addition, in the following description, omitted the description to known configurations and technology, to avoid unnecessarily obscuring concept of the present invention.
Fig. 1 is the flow chart of the health degree method for supervising of the cloud network equipment of the present invention.
As shown in Figure 1, cloud equipment health degree method for supervising of the present invention comprises the steps:
Step S11, carries out status scan to client.
By in the client at cloud network, scanning imaging system being installed, the regular or irregular status scan that carries out to the system of client.Wherein, described state information comprises the security information of system and the use information of software etc.The security information of system for example comprises operating system version number and the security breaches, the bogusware existing in system and/or the wooden horse software that exist.The use information of software can be installation and the unloading information of software, and the system vulnerability information existing in application software etc.
Step S12, the state information that scanning is obtained sends to server.
When client device is opened, the state information that initiatively transmission scanning obtains is to server, special, and the software application situation of mounting software in client or uninstall is also sent to information in real time to server end.
Step S13, server carries out health degree analysis and processes based on state information.
After the state information that certain client that server receives sends, add up and health degree analysis, then according to statistic analysis result, this client executing is processed to action accordingly and have danger to eliminate in client.Here, described processing action comprises transmission warning message, forbids installing, and Compulsory Removal, reminds or force client executing software upgrading, reminds or forces client unloading application software, disconnects network or/and interconnection network etc.
Fig. 2 has shown a preferred embodiment of the method for the invention.
As shown in Figure 2, in a preferred embodiment of the invention, the method that server carries out health degree monitoring to the client in cloud network comprises the steps:
Step S21 carries out safe setting in server.
Specifically, bogusware information list, the list of wooden horse software information and/or the list of leak software information of setting and real-time update on server in advance, or the antivirus software (comprise and upgrade bag) that FTP client FTP recommendation maybe must be installed is set in advance on server.For example, some is bogusware or the wooden horse software of identification obviously, can be predisposed to and forbid installing or Compulsory Removal on server.There is the software of obvious leak in some, for example 4.3 versions of the qq music software in individual application software exist system vulnerability and affect FTP client FTP safety, on server, can be predisposed to transmission warning message, reminds or force client executing software upgrading.Again for example, on server, can be predisposed in windows7 and following windows edition system certain antivirus software or patch must be installed, and at windows8 and above version, linux system, mac system solar obligation antivirus software not.
Step S22, carries out status scan to client.
By in the client in equipment, scanning imaging system being installed, the regular or irregular status scan that carries out to the system of client.Wherein, the state information of client scan comprises: the security information of system for example comprises operating system version number and the security breaches that exist thereof, the bogusware existing in system and/or wooden horse software, the new application software of current installation and version thereof or old application software and the version thereof installed, the state informations such as antivirus software current installation or that installed and version thereof.
Step S23, client sends state information to server.
In the present invention, client device generally all can scanning mode information and send to server on following opportunity: when client is opened, client is first during access network, when client is installed new software or unloads old software etc.
Step S24, the state information of server based on receiving carried out statistical analysis.
Server receives the security risk that statistical analysis client exists after above-mentioned state information, diagnoses its health status.Optionally, server can carry out statistical analysis for client health status all in a certain network area, and the integral device health status of output network.
On equipment in a network domains, during ubiquity appointing system leak, in advance the network risks that may occur is assessed and statistical analysis in advance.When assessment result reaches or exceed early warning line, for precarious position meaning is that the health degree of equipment is poor; When the result of assessment is not while exceeding early warning line, for health degree kilter, anticipating is that the health degree of equipment is good.And export above-mentioned assessment result and health status.
Step S25, server is to client executing safe action.
Server, according to the safe condition that client statistical is separated out, is carried out corresponding safe action, to eliminate the security risk of client device.Specifically, if client exists bogusware or wooden horse software, server sends instruction Compulsory Removal.If contain bogusware or wooden horse software in the software that client is being installed, server sends instruction to be forbidden installing.If there is obvious leak in the software that client has been installed or installed, there is system vulnerability and affect FTP client FTP safety in 4.3 versions of the qq music software in individual application software for example, on server, can send warning message, remind client not install or force client executing software upgrading.If it is windows7 and following windows version that server detects the operating system of client, give a warning or mandatory requirement must be installed certain antivirus software (latest patch).If it is in windows8 and above version, linux system or mac system that server detects the operating system of client, does not carry out warning or force action, the not solar obligation antivirus software of anticipating.
Further, if there is breakneck state in client device, the virus that harmfulness is very large as existed or wooden horse software, or there is serious operating system security leak, or the process statistical analyses such as pressure action of client refusal execution server indication reach or exceed the situation of early warning line, server can be processed this high-risk client executing suspension, and sends alert message to client.After client reaches safe class by means such as unloading problem software or Secure execution antivirus softwares, be less than after early warning line, server is just opened the network of this client.
As mentioned above, method of the present invention adopts the safety of the equipment in active mode unified monitoring cloud network, can effectively prevent that in cloud network, client device is on the hazard; By carrying out dynamic centralized monitor to scanning software is installed on equipment, and the safe condition of analytical equipment, can send in real time corresponding safe handling and move and process with unified, the general safety risk of cloud equipment in network is reduced to floor level in time.
Should be understood that, above-mentioned embodiment of the present invention is only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore any modification of, making, be equal to replacement, improvement etc., within protection scope of the present invention all should be included in without departing from the spirit and scope of the present invention in the situation that.In addition, claims of the present invention are intended to contain whole variations and the modification in the equivalents that falls into claims scope and border or this scope and border.
Claims (8)
1. a health degree method for supervising for the cloud network equipment, is characterized in that, the method comprises:
Client is carried out to status scan;
The state information that scanning is obtained sends to server;
Server carries out health degree analysis and processes based on state information.
2. method according to claim 1, wherein, the state information of described client comprises one or more in following: operating system version number and the security breaches that exist thereof, the bogusware existing in system and/or wooden horse software, the application software of current installation and version number thereof, the unloading information of software, the system vulnerability information existing in application software, the antivirus software of current installation and version number thereof.
3. method according to claim 1, wherein, client is in scanning mode information send to server on following opportunity: when client is opened, client is first during access network, and client is when installing new software or unloading old software.
4. method according to claim 1, wherein, before described step of client being carried out to status scan, also comprise server is carried out to the step that safety arranges, describedly server is carried out to step that safety arranges comprise at least one in following: bogusware information list is set, the list of wooden horse software information is set, the list of leak software information is set, client is set and recommends the antivirus software that maybe must install and/or upgrade bag.
5. method according to claim 1, the processing that described server carries out comprises one or more in following: send warning message, forbid installing, Compulsory Removal, remind or force client executing software upgrading, remind or force client unloading application software, disconnecting network or/and interconnection network.
6. method according to claim 5, the processing that described server carries out comprises one or more in following:
If client exists bogusware or wooden horse software, server sends instruction Compulsory Removal;
If contain bogusware or wooden horse software in the software that client is being installed, server sends instruction to be forbidden installing;
If there is obvious leak in the software that client has been installed or installed, server sends warning message, reminds client not install or force client executing software upgrading;
If the operating system of client is windows7 and following windows version, server gives a warning or mandatory requirement is installed certain antivirus software;
If the operating system of client is in windows8 and above version, linux system or mac system, server is not carried out warning or is forced action.
7. method according to claim 6, the processing that described server carries out also comprises:
If there is virus or wooden horse software in client device, or the pressure action of client refusal execution server indication, server is processed this client executing suspension, and sends alert message to client;
When client is by unloading virus or wooden horse software, or process and reach after safe class according to server indication execution, the network that server is opened this client connects.
8. according to the method described in any one in claim 1-7, the processing that described server carries out also comprises: for client health status all in a certain network area, carry out statistical analysis, and the integral device health status of output network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310700345.3A CN103929323A (en) | 2013-12-16 | 2013-12-16 | Health degree monitoring method of cloud network equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310700345.3A CN103929323A (en) | 2013-12-16 | 2013-12-16 | Health degree monitoring method of cloud network equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103929323A true CN103929323A (en) | 2014-07-16 |
Family
ID=51147407
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310700345.3A Pending CN103929323A (en) | 2013-12-16 | 2013-12-16 | Health degree monitoring method of cloud network equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103929323A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506522A (en) * | 2014-12-19 | 2015-04-08 | 北京神州绿盟信息安全科技股份有限公司 | Method and device for scanning vulnerability |
| CN105610839A (en) * | 2015-12-31 | 2016-05-25 | 国网浙江奉化市供电公司 | Controlling method and device for accessing network by terminal |
| CN105808275A (en) * | 2014-12-30 | 2016-07-27 | 北京奇虎科技有限公司 | Software purified installation device and method |
| CN105808279A (en) * | 2014-12-30 | 2016-07-27 | 北京奇虎科技有限公司 | Software purified installation method and apparatus |
| CN106330851A (en) * | 2015-07-10 | 2017-01-11 | 腾讯科技(深圳)有限公司 | Mobile terminal security information obtaining method and device and mobile terminal security information issuing method and device based on cloud service |
| CN107241334A (en) * | 2017-06-16 | 2017-10-10 | 上海斐讯数据通信技术有限公司 | Network virus protection method and the router for network virus protection |
| CN107563205A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | Typical smart machine leak detection method and permeability apparatus |
| CN107992748A (en) * | 2017-11-22 | 2018-05-04 | 江苏神州信源系统工程有限公司 | A kind of software control method and device |
| CN108255676A (en) * | 2018-01-15 | 2018-07-06 | 南京市城市规划编制研究中心 | A kind of monitoring method of software systems client health degree |
| CN109189446A (en) * | 2018-10-17 | 2019-01-11 | 北京京航计算通讯研究所 | Software update system based on software supervision and strategy |
| CN111950040A (en) * | 2019-05-15 | 2020-11-17 | 北京奇安信科技有限公司 | Environment sensing method and device of terminal equipment, computer equipment and storage medium |
| US11334453B2 (en) | 2020-05-07 | 2022-05-17 | Oracle International Corporation | System and method for providing fault tolerance and resiliency in a cloud network |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101588360A (en) * | 2009-07-03 | 2009-11-25 | 深圳市安络大成科技有限公司 | Associated equipment and method for internal network security management |
| CN101656632A (en) * | 2008-08-21 | 2010-02-24 | 中国建设银行股份有限公司 | Virus monitoring method and virus monitoring device in large network |
| CN102982284A (en) * | 2012-11-30 | 2013-03-20 | 北京奇虎科技有限公司 | Scanning equipment, cloud management equipment and method and system used for malicious program checking and killing |
-
2013
- 2013-12-16 CN CN201310700345.3A patent/CN103929323A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101656632A (en) * | 2008-08-21 | 2010-02-24 | 中国建设银行股份有限公司 | Virus monitoring method and virus monitoring device in large network |
| CN101588360A (en) * | 2009-07-03 | 2009-11-25 | 深圳市安络大成科技有限公司 | Associated equipment and method for internal network security management |
| CN102982284A (en) * | 2012-11-30 | 2013-03-20 | 北京奇虎科技有限公司 | Scanning equipment, cloud management equipment and method and system used for malicious program checking and killing |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506522B (en) * | 2014-12-19 | 2017-12-26 | 北京神州绿盟信息安全科技股份有限公司 | vulnerability scanning method and device |
| US10642985B2 (en) | 2014-12-19 | 2020-05-05 | NSFOCUS Information Technology Co., Ltd. | Method and device for vulnerability scanning |
| CN104506522A (en) * | 2014-12-19 | 2015-04-08 | 北京神州绿盟信息安全科技股份有限公司 | Method and device for scanning vulnerability |
| CN105808275A (en) * | 2014-12-30 | 2016-07-27 | 北京奇虎科技有限公司 | Software purified installation device and method |
| CN105808279A (en) * | 2014-12-30 | 2016-07-27 | 北京奇虎科技有限公司 | Software purified installation method and apparatus |
| CN106330851A (en) * | 2015-07-10 | 2017-01-11 | 腾讯科技(深圳)有限公司 | Mobile terminal security information obtaining method and device and mobile terminal security information issuing method and device based on cloud service |
| KR102056529B1 (en) * | 2015-07-10 | 2019-12-16 | 텐센트 테크놀로지(센젠) 컴퍼니 리미티드 | Cloud service based security information acquisition method for mobile terminal, terminal and storage medium, cloud service based security information delivery method and server for mobile terminal |
| US20170366567A1 (en) * | 2015-07-10 | 2017-12-21 | Tencent Technology (Shenzhen) Company Limited | Methods and apparatuses for obtaining and delivering mobile terminal security information based on a cloud service |
| WO2017008608A1 (en) * | 2015-07-10 | 2017-01-19 | 腾讯科技(深圳)有限公司 | Cloud service based security information acquisition method for mobile terminal, terminal and storage medium, cloud service based security information delivery method for mobile terminal, and server |
| US10554673B2 (en) * | 2015-07-10 | 2020-02-04 | Tencent Technology (Shenzhen) Company Limited | Methods and apparatuses for obtaining and delivering mobile terminal security information based on a cloud service |
| CN106330851B (en) * | 2015-07-10 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Mobile terminal security information acquisition and distribution method and device based on cloud service |
| CN105610839A (en) * | 2015-12-31 | 2016-05-25 | 国网浙江奉化市供电公司 | Controlling method and device for accessing network by terminal |
| CN107241334A (en) * | 2017-06-16 | 2017-10-10 | 上海斐讯数据通信技术有限公司 | Network virus protection method and the router for network virus protection |
| CN107563205A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | Typical smart machine leak detection method and permeability apparatus |
| CN107992748A (en) * | 2017-11-22 | 2018-05-04 | 江苏神州信源系统工程有限公司 | A kind of software control method and device |
| CN108255676A (en) * | 2018-01-15 | 2018-07-06 | 南京市城市规划编制研究中心 | A kind of monitoring method of software systems client health degree |
| CN109189446A (en) * | 2018-10-17 | 2019-01-11 | 北京京航计算通讯研究所 | Software update system based on software supervision and strategy |
| CN111950040A (en) * | 2019-05-15 | 2020-11-17 | 北京奇安信科技有限公司 | Environment sensing method and device of terminal equipment, computer equipment and storage medium |
| US11334453B2 (en) | 2020-05-07 | 2022-05-17 | Oracle International Corporation | System and method for providing fault tolerance and resiliency in a cloud network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103929323A (en) | Health degree monitoring method of cloud network equipment | |
| US10944764B2 (en) | Security event detection through virtual machine introspection | |
| CN106462702B (en) | Method and system for acquiring and analyzing electronic forensic data in a distributed computer infrastructure | |
| US11907696B2 (en) | Methods and apparatus for safe and smart distribution of software patches | |
| WO2010011897A3 (en) | Global network monitoring | |
| CN100549975C (en) | Computer maintenance support system and analysis server | |
| CN104331354A (en) | Real-time comprehensive monitoring method for cloud computing | |
| CN105739668A (en) | Power management method and power management system of notebook computers | |
| EP3552107A1 (en) | Device driver telemetry | |
| CN111244806B (en) | Power equipment safety debugging monitoring system and processing method | |
| KR101860015B1 (en) | IoT device manager for providing before service based on error prediction | |
| CN114884796A (en) | Fault processing method and device, electronic equipment and storage medium | |
| CN110933172A (en) | Remote monitoring system and method based on cloud computing | |
| CN105245591A (en) | Method and system for monitoring desktop cloud performance experience | |
| CN111212055A (en) | Non-invasive website remote detection system and detection method | |
| CN112650180B (en) | Safety warning method, device, terminal equipment and storage medium | |
| CN106899977B (en) | Abnormal flow detection method and device | |
| CN110008092B (en) | Virtual machine safety monitoring method, device, equipment and readable storage medium | |
| CN111324504B (en) | Method and device for monitoring running state of power communication network | |
| CN111490593A (en) | Urban cable prevents external damage risk assessment early warning platform | |
| CN115292246A (en) | Document transcoding method and device and electronic equipment | |
| CN109032647B (en) | Software upgrading method based on software monitoring and strategy | |
| CN111258712B (en) | Method and system for protecting safety of virtual machine under virtual platform network isolation | |
| CN113450149A (en) | Information processing method and device, electronic equipment and computer readable medium | |
| CN114329443A (en) | Method and system for generating container sandbox rule, electronic device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140716 |