CN108600252A - A kind of Network anti-virus system - Google Patents

A kind of Network anti-virus system Download PDF

Info

Publication number
CN108600252A
CN108600252A CN201810424114.7A CN201810424114A CN108600252A CN 108600252 A CN108600252 A CN 108600252A CN 201810424114 A CN201810424114 A CN 201810424114A CN 108600252 A CN108600252 A CN 108600252A
Authority
CN
China
Prior art keywords
virus
network
data
units
gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810424114.7A
Other languages
Chinese (zh)
Inventor
季宇哲
杨云峰
吴昭霖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Bingshen Network Technology Co Ltd
Original Assignee
Nanjing Bingshen Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Bingshen Network Technology Co Ltd filed Critical Nanjing Bingshen Network Technology Co Ltd
Priority to CN201810424114.7A priority Critical patent/CN108600252A/en
Publication of CN108600252A publication Critical patent/CN108600252A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to antivirus protection technical fields, more particularly to a kind of Network anti-virus system, virus scan unit including Anti Virus Gateway, dynamic and intelligent Bandwidth Management and the whole network three-dimensional, Anti Virus Gateway can detect the data of disengaging network internal, virus scan is carried out to data, once find that virus will take corresponding means to carry out isolation or killing;Dynamic and intelligent Bandwidth Management constrains occupied bandwidth user automatically, easily solves the problems, such as the occupied bandwidths such as video film download;The virus scan unit of the whole network three-dimensional carries out virus scan to the data to enter the station, is intercepted completely in outside viral, is endangered caused by reduce after virus is penetrated into.

Description

A kind of Network anti-virus system
Technical field
The present invention relates to antivirus protection technical field more particularly to a kind of Network anti-virus systems.
Background technology
Internet worm refers to the destruction computer function that establishment is either inserted into computer program or destroys data, shadow Ring one group of computer instruction or program code that computer uses and is capable of self-replacation.
Different from " virus " medically, internet worm is not naturally occurring, be certain people using computer software and The one group of instruction set or program code of the intrinsic fragility establishment of hardware.It can be hidden depositing in computer by certain approach Storage media (or program) is inner, is activated when reaching certain condition, by changing the methods of other programs by the accurate of oneself It is that copy or the form that may develop are put into other programs, to infect other programs, computer resource is destroyed, It is very big to the harmfulness of other users caused by so-called virus is exactly artificial.
The prevention technique of internet worm is exactly the infection for preventing internet worm to whole network by certain technological means And destruction.Actually this is a kind of dynamic decision technology, i.e., a kind of rule of conduct decision technology.That is, the prevention of virus It is that classification processing is carried out using the rule to virus, it is then all in procedure operation to have similar rule appearance then assert it is to calculate Machine virus.Specifically, the prevention of internet worm is by preventing computer virus from entering Installed System Memory or preventing computeritis Operation of the poison to disk, especially write operation.
Current pre- virus proof tech includes:Encrypt executable program, Read-write Catrol technology, system monitor technique etc..Net The prophylactic applications of network virus include the prevention to known viruse and two parts of prevention to unknown virus.Currently, to known disease Feature decision technology or static decision technology may be used in the prevention of poison, and is then a kind of rule of conduct to the prevention of unknown virus Decision technology, i.e. dynamic decision technology.
Traditional virus scan and processing mode is mainly killed virus by client, and the unification pair of enterprise version antivirus software is passed through The virus for coming into enterprise network is handled, this is a kind of passive antivirus pattern;Worm virus spreading in recent years is got over Come faster, spread scope is more and more wider, and destructive also increasing, virus takes full advantage of the opening of network, does not have in enterprise Situations such as quickly entering enterprise when having defence and spreading in a network quickly, enterprise network is caused to block;Hair recently Now more and more phishing class frauds, by network harass destroy enterprise normal office work environment, to enterprise and People causes huge destruction and serious consequence, and the concealment threatened is more and more stronger, is not easy to be found very much, especially The not strong people of prevention awareness, is more prone to be attacked;Virus is by more circulation way Entry Firms in recent years Portion, other than using traditional EMAIL circulation ways, WEB browsings, FTP downloads etc. all have become the primary hand of viral transmission Section, in addition terminal system frequently quote new system vulnerability, make originally less safe network more precarious.
Invention content
The present invention provides a kind of Network anti-virus systems, can effectively defend the virus of invasion network.
In order to achieve the object of the present invention, used technical solution is:A kind of Network anti-virus system, including anti-virus The virus scan unit of gateway, dynamic and intelligent Bandwidth Management and the whole network three-dimensional, Anti Virus Gateway can detect in disengaging network The data in portion carry out virus scan to data, once find that virus will take corresponding means to carry out isolation or killing;Dynamically Occupied bandwidth user is constrained in intelligent bandwidth management automatically, easily solves the problems, such as the occupied bandwidths such as video film download;The whole network is three-dimensional The virus scan unit of change carries out virus scan to the data to enter the station, is intercepted completely in outside viral, is penetrated into reducing virus Harm caused by afterwards.
As the prioritization scheme of the present invention, it is mono- that Network anti-virus system also carries SSLVPN units, IPSEC units, PPTP Member, L2TP units and VPN units.
As the prioritization scheme of the present invention, Network anti-virus system is according to IP, the network segment, certification user, agreement etc. to data Stream is divided.
As the prioritization scheme of the present invention, Network anti-virus system supports two-node cluster hot backup.
The present invention has the effect of positive:1) present invention has antivirus protection, anti-spyware, anti-rubbish mail, anti-net The comprehensive safeguard functions such as network fishing fraud;
2) comprehensive virus base provided by the invention most can timely provide a user virus sweep information, professional, dynamic Fight to state various security threats;
3) present invention provides versatile and flexible pair and holds up the more safe and stable operation of killing Logistics networks.
4) present invention ensures the height smoothness of network environment;Filtering gateway is very big in order to adapt to network flow simultaneously Complex situations have done processing appropriate in system kernel, the case where preventing that equipment is caused to work as machine since flow is excessive, Ke Yibao Card user network does not interrupt.
Description of the drawings
The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
Fig. 1 is process chart of the present invention.
Wherein:1, Anti Virus Gateway, 2, dynamic and intelligent Bandwidth Management, 3, the virus scan unit of the whole network three-dimensional.
Specific implementation mode
As shown in Figure 1, the invention discloses a kind of Network anti-virus system, including Anti Virus Gateway 1, dynamic and intelligent bandwidth The virus scan unit 3 of management 2 and the whole network three-dimensional, wherein Anti Virus Gateway 1 can detect the data of disengaging network internal, Virus scan is carried out to data, once find that virus will take corresponding means to carry out isolation or killing;Dynamic and intelligent bandwidth Occupied bandwidth user is constrained in management 2 automatically, easily solves the problems, such as the occupied bandwidths such as video film download;The virus of the whole network three-dimensional Scanning element 3 carries out virus scan to the data to enter the station, is intercepted completely in outside viral, caused by reducing after virus is penetrated into Harm.
Network anti-virus system carries SSLVPN units, IPSEC units, PPTP units, L2TP units and VPN units, energy It enough allows user by operating in a key, conveniently establishes dedicated network on wide area network.
For the higher data of safe coefficient use file type safety detection mode, and operating aspect more provide it is various The selection mode of change, Network anti-virus system divide data stream according to IP, the network segment, certification user, agreement etc., more just User personalized configuration is carried out to the data flows of different safety requirements, greatly improve the efficiency of safety management.
Anti Virus Gateway 1 is like a fan gate as a network connection to the critical point of another network, once gate It opens wide, whole network information will be completely exposed.If Anti Virus Gateway is ineffective, virus and malicious code will be from gateways Into intranet, massive losses are brought for user.Main function is exactly to stop cell entry network.Anti Virus Gateway 1 is enough The data of detection disengaging network internal carry out virus scan to the data of tetra- kinds of agreements of HTTP, FTP, SMTP, IMAP, once hair Existing virus will take corresponding means to carry out isolation or killing, play the role of in terms of protecting virus very big.
Network anti-virus system also supports the Malicious Code Detection of the encryption flow such as https, and supports url filtering, application It controls and the usage behavior of internet is carried out the function such as counting.
Fire wall, anti-virus, intrusion detection, user's access active certification that Network anti-virus system has by itself etc. Function provides comprehensive LAN optimization safety management scheme.The Dynamic Host Configuration Protocol server that has by itself, ARP fire walls, The functions such as DDNS provide comprehensive local area network management scheme for enterprise.
The VPN functions such as SSLVPN, IPSEC, PPTP, L2TP that Network anti-virus system carries, can allow user by one Keyed operates, and conveniently establishes dedicated network on wide area network, provides wide area network safety service transmission channel.Dynamic and intelligent band Wide management function only need to be disposably arranged, automatically oppressive occupied bandwidth user, easily solve BT, P2P and video film download etc. Occupied bandwidth problem.
Currently, most of user using anti-virus scheme be mainly based upon standalone version or enterprise version by the way of, this is one The more passive solution of kind, is particularly easy to the invasion by virus, and whenever there is new virus, administrator is often It was found that they are too busy to attend to anything else, therefore, to assure that each station terminal equipment in network, whether notebook, PC machine or server be all It is upgraded to newest virus base, if which node is not updated as required, will be become one piece short in network Plate, virus will be availed oneself of the opportunity to get in, be impacted to network system rapidly, to cause considerable damage
The virus scan unit 3 of the whole network three-dimensional need to carry out virus scan to the data that enter the station, and viral intercept completely is being looked forward to The outside of industry is endangered with reducing caused by virus is penetrated into after enterprise, while the anti-virus system of three-dimensional is built, from previous tradition The antivirus of standalone version, the antivirus of the network edition be converted to the antivirus protection theory of the whole network three-dimensional, pacified in a manner of transparent access Mounted in the inlet of network, it can directly protect intranet from the interference of each viroid, worm, wooden horse and spam, The management work of administrator is greatly simplified, can realize numerous functions such as automatic upgrading, alarm.
Network bodyguard's filtering gateway supports two kinds of detection patterns of efficient detection and safety detection, have antivirus protection, it is anti-between The comprehensive safeguard functions such as spy software, anti-rubbish mail, anti phishing fraud.Network bodyguard's filtering gateway system can be handled The various protocols such as HTTP, SMTP, POP3, FTP and IMAP are protected comprehensively in Company Mail, WEB access and document transmission process Safety.Administrator can voluntarily select to virus processing mode, including remove virus, delete file, virus-isolating or The mode of record log, but also some additional functions can be set in corresponding agreement, such as to the filtering of keyword, to spy Determine the functions such as scanning and the filtering of file type.
Comprehensive virus base has more than more than 800 ten thousand virus base, virus base renewal frequency at least one time daily, energy Enough most timely to provide a user virus sweep information, profession dynamically fights various security threats.
Antivirus with double engines is current most top antivirus technique most strong in the industry, can be carried out according to self-demand flexile Configuration, two sets of engines can learn from other's strong points to offset one's weaknesses, and disclosure satisfy that the client of different demands uses, the more safe and stable fortune of Logistics networks Row.
For the difference of safety in network rank degree, using different Security mechanisms, to real-time property requirement It is higher that the safety detection mode of file type uses the higher data of safe coefficient using efficient stream detection pattern, and Operating aspect more provides diversified selection mode, including can be flowed into data according to IP, the network segment, certification user, agreement etc. Row divides, and is more convenient for user to carry out personalized configuration to the data flow of different safety requirements, greatly improves safety The efficiency of management.A plurality of virus scan channel is established using innovative technology inside filtering gateway, between plurality of passages mutually every From increasing the scalability of product.In networking, user can utilize the more a plurality of scan channel list of same filtering gateway Solely to the real-time performance antivirus protection in other regions, the protection cost of enterprise is also saved while enhancing safety.
It supports two-node cluster hot backup, and has the function of Bypass, when encountering abnormal conditions, Bypass shapes can be automatically switched to State ensures the height smoothness of network environment;Filtering gateway is being to adapt to the very big complex situations of network flow simultaneously The case where having done processing appropriate in system kernel, prevented that equipment is caused to work as machine since flow is excessive, it is ensured that user network is not It interrupts.
Particular embodiments described above has carried out further in detail the purpose of the present invention, technical solution and advantageous effect It describes in detail bright, it should be understood that the above is only a specific embodiment of the present invention, is not intended to restrict the invention, it is all Within the spirit and principles in the present invention, any modification, equivalent substitution, improvement and etc. done should be included in the guarantor of the present invention Within the scope of shield.

Claims (4)

1. a kind of Network anti-virus system, it is characterised in that:Including Anti Virus Gateway (1), dynamic and intelligent Bandwidth Management (2) and complete The virus scan unit (3) of net three-dimensional, the Anti Virus Gateway (1) can detect the data of disengaging network internal, logarithm According to progress virus scan, once find that virus will take corresponding means to carry out isolation or killing;Dynamic and intelligent Bandwidth Management (2) occupied bandwidth user is constrained automatically, easily solves the problems, such as the occupied bandwidths such as video film download;The virus of the whole network three-dimensional is swept It retouches unit (3) and virus scan is carried out to the data to enter the station, intercepted completely in outside viral.
2. requiring a kind of Network anti-virus system according to right 2, it is characterised in that:Network anti-virus system also carries SSLVPN units, IPSEC units, PPTP units, L2TP units and VPN units.
3. a kind of Network anti-virus system according to claim 3, it is characterised in that:Network anti-virus system according to IP, The network segment, certification user, agreement etc. divide data stream.
4. a kind of Network anti-virus system according to any one of claim 1-3, it is characterised in that:Network anti-virus system System supports two-node cluster hot backup.
CN201810424114.7A 2018-04-28 2018-04-28 A kind of Network anti-virus system Pending CN108600252A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810424114.7A CN108600252A (en) 2018-04-28 2018-04-28 A kind of Network anti-virus system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810424114.7A CN108600252A (en) 2018-04-28 2018-04-28 A kind of Network anti-virus system

Publications (1)

Publication Number Publication Date
CN108600252A true CN108600252A (en) 2018-09-28

Family

ID=63620924

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810424114.7A Pending CN108600252A (en) 2018-04-28 2018-04-28 A kind of Network anti-virus system

Country Status (1)

Country Link
CN (1) CN108600252A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525572A (en) * 2018-11-08 2019-03-26 郑州云海信息技术有限公司 A kind of internet site safety monitoring guard system and method
CN112738062A (en) * 2020-12-25 2021-04-30 江苏省未来网络创新研究院 Anti-virus gateway based on user strategy
CN113949565A (en) * 2021-10-15 2022-01-18 上海谋乐网络科技有限公司 System and method for detecting vulnerability of intranet digital assets

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101789948A (en) * 2010-02-21 2010-07-28 浪潮通信信息系统有限公司 Hierarchical type mobile internet security monitoring and protecting system
CN101969413A (en) * 2010-08-10 2011-02-09 东莞环亚高科电子有限公司 Home gateway
CN102857509A (en) * 2012-09-14 2013-01-02 江苏乐买到网络科技有限公司 Cloud computing system with virus protection function
US8904512B1 (en) * 2006-08-08 2014-12-02 A10 Networks, Inc. Distributed multi-processing security gateway
CN107508833A (en) * 2017-09-22 2017-12-22 江苏海事职业技术学院 A kind of Network Safety on Campus protection system dispositions method
CN206962850U (en) * 2017-06-23 2018-02-02 国家电网公司 The security protection system and power information system of Electricity Information Network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8904512B1 (en) * 2006-08-08 2014-12-02 A10 Networks, Inc. Distributed multi-processing security gateway
CN101789948A (en) * 2010-02-21 2010-07-28 浪潮通信信息系统有限公司 Hierarchical type mobile internet security monitoring and protecting system
CN101969413A (en) * 2010-08-10 2011-02-09 东莞环亚高科电子有限公司 Home gateway
CN102857509A (en) * 2012-09-14 2013-01-02 江苏乐买到网络科技有限公司 Cloud computing system with virus protection function
CN206962850U (en) * 2017-06-23 2018-02-02 国家电网公司 The security protection system and power information system of Electricity Information Network
CN107508833A (en) * 2017-09-22 2017-12-22 江苏海事职业技术学院 A kind of Network Safety on Campus protection system dispositions method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525572A (en) * 2018-11-08 2019-03-26 郑州云海信息技术有限公司 A kind of internet site safety monitoring guard system and method
CN112738062A (en) * 2020-12-25 2021-04-30 江苏省未来网络创新研究院 Anti-virus gateway based on user strategy
CN113949565A (en) * 2021-10-15 2022-01-18 上海谋乐网络科技有限公司 System and method for detecting vulnerability of intranet digital assets
CN113949565B (en) * 2021-10-15 2023-10-27 上海谋乐网络科技有限公司 System and method for detecting vulnerability of intranet digital assets

Similar Documents

Publication Publication Date Title
US10326778B2 (en) System and method for detecting lateral movement and data exfiltration
US20230030659A1 (en) System and method for detecting lateral movement and data exfiltration
EP2683130B1 (en) Social network protection system
Lavrov et al. Analysis of information security issues in corporate computer networks
Anwar et al. Response option for attacks detected by intrusion detection system
EP3374871B1 (en) System and method for detecting lateral movement and data exfiltration
US11552929B2 (en) Cooperative adaptive network security protection
Chhikara et al. Phishing & anti-phishing techniques: Case study
CN108600252A (en) A kind of Network anti-virus system
Khouzani et al. An economic analysis of regulating security investments in the internet
Eswari et al. A practical business security framework to combat malware threat
Guarda et al. Botnets the cat-mouse hunting
Panimalar et al. A review on taxonomy of botnet detection
Luo et al. DDOS Defense Strategy in Software Definition Networks
Hou et al. Research on enterprise network security system
Jayan et al. Sys-log classifier for complex event processing system in network security
Xiao Research on computer network information security based on big data technology
Sarfaraz et al. An Efficient Detection and Prevention Approach of Unknown Malicious Attack: A Novel Honeypot Approach
Pareek Network security: an approach towards secure computing
Panagiotakopoulos Assessing open and closed EDRs
Dias Automated Identification of Attacking Tools in a Honeypot
Nyamugudza et al. Network traffic intelligence using a low interaction honeypot
Yao et al. Design of LAN Security Defense System Based on Honeypot Technology
Asamoah Аntivirus software versus malware
Lawal NETWORK SECURITY USING INTRUSION DETECTION & PREVENTION SYSTEM INTEGRATION MODEL

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180928

WD01 Invention patent application deemed withdrawn after publication