CN109600396A - Realize the firewall system of highly reliable safety - Google Patents
Realize the firewall system of highly reliable safety Download PDFInfo
- Publication number
- CN109600396A CN109600396A CN201910063269.7A CN201910063269A CN109600396A CN 109600396 A CN109600396 A CN 109600396A CN 201910063269 A CN201910063269 A CN 201910063269A CN 109600396 A CN109600396 A CN 109600396A
- Authority
- CN
- China
- Prior art keywords
- firewall
- sub
- business
- highly reliable
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/10—Active monitoring, e.g. heartbeat, ping or trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Cardiology (AREA)
- General Health & Medical Sciences (AREA)
- Environmental & Geological Engineering (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of firewall systems for realizing highly reliable safety, the sub- firewall of management and the sub- firewall of at least two business including being configured on a physical equipment;Physical equipment has multicore cpu;Every sub- firewall is individually bound with cpu core, and mutual process is run alone;Each sub- firewall of business is connect with sub- firewall is managed, and enables process processing business, and pass in and out according to the data packet of preset safety detection tree control business;Sub- firewall is managed, the sub- firewall of each business is managed by heartbeat mechanism;When the CPU usage for monitoring the sub- firewall of some business is higher than first threshold, the process scheduling of the sub- firewall of the business to CPU usage is lower than in the sub- firewall of business of second threshold and is run.The present invention can save the up-front investment and follow-up maintenance cost of user under the premise of solving user demand, reduce the wasting of resources.
Description
Technical field
Invention is related to firewall technology field more particularly to a kind of firewall system for realizing highly reliable safety.
Background technique
Firewall is the first line of defence of system, and effect is the entrance for preventing illegal user.In industrial environment, to string
Stability, robustness and the requirement of safety for joining equipment in a network are very high, thus to being deployed in industrial network
Firewall have more requirements.
Tradition is one firewall system of deployment on a physical equipment, and with individual process or the operation shape of multiple processes
State mode will lead to service disconnection once bursting because device software bug or external attack cause firewall system to be run quickly.Furthermore not
Same service feature, the requirement to safety is also different, so the requirement to firewall security processing is also different.Tradition improves net
Network robustness, the method for reducing service disconnection probability are two-node cluster hot backup or multimachine deployment.And solve the logical of different business safety
It is the different safety equipment of deployment with way.This mode drawback is: needs disposably buy two or more firewalls, right
It is not high in service traffics bandwidth and under the diversified application scenarios of business, will cause the wasting of resources;And networking and management service
Complexity, once backup not in time, also results in problem of service interruption, furthermore to network management personnel requirement between two physics fire walls
Also higher.
Therefore, bandwidth is needed in user it is not high, and to anti-the case where business further flexibility and in the networks such as industry
Wall with flues equipment requirement high stable, reliability application demand, the early investment as caused by current solution is big and dimension
It protects at high cost, and will cause the wasting of resources.
Summary of the invention
The firewall system for the highly reliable safety of realization that invention provides, main purpose is to overcome existing by solving at present
Certainly early investment caused by scheme greatly and maintenance cost height, and the problem of will cause the wasting of resources.
In order to solve the above technical problems, invention adopts the following technical scheme that
A kind of firewall system for realizing highly reliable safety, including the management fire prevention being configured on a physical equipment
Wall and the sub- firewall of at least two business;The physical equipment has multicore cpu;
Every sub- firewall is individually bound with cpu core, and mutual process is run alone;
Each sub- firewall of the business connect with the sub- firewall of management, enables process processing business, and according to pre-
If safety detection tree control business data packet disengaging;
The sub- firewall of management, is managed the sub- firewall of each business by heartbeat mechanism;Monitoring some
It is when the CPU usage of the sub- firewall of business is higher than first threshold, the process scheduling of the sub- firewall of the business is low to CPU usage
It is run in the sub- firewall of business of second threshold.
As an embodiment, the sub- firewall of management is also used to, and is run quickly monitoring the sub- firewall of some business
When bursting, the process scheduling of the sub- firewall of the business to CPU usage is lower than in the sub- firewall of business of second threshold and is run.
As an embodiment, the safety detection tree is by the safety regulation with every sub- firewall processes configuration
Compiling creates in memory.
As an embodiment, the sub- firewall of business described in every two forms a backup group;Industry in backup group
Sub- firewall be engaged in using identical safety detection tree.
As an embodiment, in a backup group, each sub- firewall of business will create shared drive use
In the corresponding forwarding table data of storage.
As an embodiment, the forwarding table data include routing table, arp table and conversational list.
As an embodiment, the sub- firewall of the business includes the first protection firewall, the second protection firewall
And third protects firewall;
The first protection firewall, connect with the network interface card of industrial message;
The second protection firewall, connect with the network interface card of database;
The third protects firewall, connect with the network interface card of enterprise office online.
As an embodiment, the first protection firewall is the firewall of backup group.
As an embodiment, the sub- firewall of management, connect with the network interface card of management message.
Compared with prior art, the technical program has the advantage that
The firewall system for the highly reliable safety of realization that invention provides, on a physical equipment, by configuring outlet pipe
Sub- firewall and the sub- firewall of at least two business are managed, and physical equipment has multicore cpu;Every sub- firewall individually with
Cpu core is bound, and mutual process is run alone;The sub- firewall of each business is carried out by managing sub- firewall
Management;When the CPU usage for monitoring the sub- firewall of some business is higher than first threshold, by the process of the sub- firewall of the business
Be dispatched to CPU usage lower than second threshold the sub- firewall of business in run.To make full use of multicore cpu in physical equipment
The sub- firewall of resource matching management and the sub- firewall of at least two business, need not high, and business to meet user to bandwidth
In the networks such as the case where further flexibility and industry to firewall box require high stable, reliability application need
It asks, and saves the up-front investment and follow-up maintenance cost of user, reduce the wasting of resources.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of the firewall system for the highly reliable safety of realization that inventive embodiments one provide.
In figure: 1, managing sub- firewall;2, the sub- firewall of business.
Specific embodiment
Below in conjunction with attached drawing, the technical characteristic and advantage of inventing above-mentioned and other are clearly and completely described, shown
So, described embodiment is only the section Example invented, rather than whole embodiments.
Referring to Fig. 1, the firewall system for the highly reliable safety of realization that inventive embodiments one provide, including it is configured at one
The sub- firewall 1 of management and the sub- firewall 2 of at least two business on platform physical equipment;Physical equipment has multicore cpu;
Every sub- firewall is individually bound with cpu core, and mutual process is run alone;
Each sub- firewall 2 of business connect with sub- firewall 1 is managed, enables process processing business, and according to preset peace
Full inspection surveys the data packet disengaging of tree control business;
Sub- firewall 1 is managed, the sub- firewall of each business 2 is managed by heartbeat mechanism;Monitoring some industry
Be engaged in sub- firewall 2 CPU usage be higher than first threshold when, the process scheduling of the sub- firewall 2 of the business is low to CPU usage
It is run in the sub- firewall 2 of business of second threshold.
It should be noted that the present invention makes full use of the resource of a physical equipment multicore cpu, on a physical equipment
The system of multiple sub- firewalls is set, every sub- firewall system opens one or more processes, using the compatibility of cpu, into
Journey is bound with cpu core.Every sub- firewall is independent process business, on the whole from outside, every sub- firewall system
System is similar to a traditional physics fire wall system, i.e., process isolation between sub- firewall system, memory isolation, safety regulation
Isolation, network layer isolation.Here sub- firewall includes managing sub- firewall 1 and the sub- firewall 2 of at least two business.Management
Also it is isolated between firewall 1 and the sub- firewall 2 of business, different safety detection trees is used between them.To improve safety.
That is, multiple sub- firewalls are fictionalized on the physical equipment of a multicore cpu framework, every sub- firewall
It can bring as a true firewall and use.One of them sub- firewall does not run business, is specifically used to as management
Sub- firewall 1.Its minor firewall is used to run business, as the sub- firewall 2 of business;Each sub- firewall 2 of business has oneself solely
Vertical process carrys out processing business.It manages sub- firewall 1 and is specifically used to the sub- firewall 2 of all business of monitoring management, carry out unified money
Source scheduling;To the multicore cpu resource of a physical equipment;Sub- firewall 1 and the fire prevention of multiple business are managed by being created that
Wall 2, for the protection of effective safety detection and high stable high-performance fire-resistant wall, thus in the premise for sufficiently solving customer demand
Under, save the up-front investment and follow-up maintenance cost of user.
It managing sub- firewall 1 and manages the sub- firewall 2 of all business, it possesses the relevant information of the sub- firewall 2 of all business,
Relevant information may include the receiving queue and transmit queue of the correspondence network interface card of each sub- firewall 2 of business;Each business is anti-
Which industry are contained in each backup group for the information of 2 backup group of wall with flues, i.e., how many backup group on entire firewall system
It is engaged in sub- firewall 2, the cpu that each sub- firewall 2 of business uses;The information of the process run on each sub- firewall 2 of business;Often
A sub- firewall 2 of business forwarding table data used in shared drive, forwarding table data include routing table, arp table and meeting
Talk about the related datas such as table.Managing sub- firewall 1 is to monitor cpu and process by heartbeat mechanism, to obtain each business in real time
The operating status of firewall 2, to carry out unified resource scheduling.
On a physical equipment, by configuring the sub- firewall 1 of management and the sub- firewall 2 of at least two business, and object
Managing equipment has multicore cpu;Every sub- firewall is individually bound with cpu core, and mutual process is run alone;
The sub- firewall of each business 2 is managed by managing sub- firewall 1;Make in the CPU for monitoring the sub- firewall 2 of some business
Business when being higher than first threshold with rate, by the process scheduling of the sub- firewall 2 of the business to CPU usage lower than second threshold
It is run in firewall 2.To make full use of the sub- firewall 1 and at least two of the resource matching management of multicore cpu in physical equipment
The sub- firewall 2 of business, needed with to meet user to bandwidth it is not high, and the case where business further flexibility and in the networks such as industry
Demand to the application of firewall box requirement high stable, reliability, and save the up-front investment and follow-up maintenance of user
Cost reduces the wasting of resources.
In an embodiment, unified resource scheduling can be, in the CPU usage for monitoring the sub- firewall 2 of some business
When higher than first threshold, business by the process scheduling of the sub- firewall 2 of the business to CPU usage lower than second threshold is prevented fires
It is run in wall 2.It is also possible to the process scheduling of the sub- firewall 2 of the business to CPU usage lower than second threshold, and CPU makes
It is run in the sub- firewall 2 of the minimum business of rate.Specifically: it manages and opens a process on sub- firewall 1 as monitoring process,
For monitoring the operating status of cpu used in sub- 2 process of firewall of each business, i.e. cpu utilization rate.Cpu utilization rate is higher than the
When one threshold value, illustrate sub- 2 heavy traffic of firewall of business using this cpu;When cpu utilization rate is lower than second threshold, explanation makes
It is idle with sub- 2 business of firewall of the business of this cpu;To judge the operation shape of the sub- firewall 2 of business by cpu service condition
State.First threshold and second threshold can be different, and first threshold is bigger than second threshold.First threshold and second threshold
It can be identical.In this present embodiment, it to this and is not limited.Once the CPU for monitoring the sub- firewall 2 of some business makes
Business when being higher than first threshold with rate, by the process scheduling of the sub- firewall 2 of the business to CPU usage lower than second threshold
It is run in firewall 2, to improve the stability and reliability of operation.
In another embodiment, monitor the sub- firewall 2 of some business run quickly burst when, by the business sub- firewall 2 into
Journey be dispatched to CPU usage lower than second threshold the sub- firewall 2 of business in run.It is also possible to the sub- firewall 2 of the business
Process scheduling be lower than second threshold to CPU usage, and run in the minimum sub- firewall 2 of business of CPU usage.Management
Monitoring process on firewall 1 can periodically send out heartbeat probe messages to the process run on the sub- firewall 2 of each business.If management
Sub- firewall 1 can receive the heartbeat message of sub- 2 process of firewall of business sent within the expeced time being previously set, then illustrate
Sub- 2 operational excellence of firewall of this business;Otherwise illustrate that sub- 2 process of the firewall collapse of this business namely the sub- firewall 2 of business are collapsed
It bursts.For example, bursting because external attack or software bug cause a sub- firewall system to be run quickly;As the prison managed on sub- firewall 1
Control process can perceive to obtain at once because of that cannot receive heartbeat message on time, thus the current all fortune learnt by monitoring
The cpu service condition of the normal sub- firewall 2 of business of row is in time adjusted the business run on the routed sub- firewall 2 of that business of running quickly
It spends on the sub- firewall 2 of the minimum business of current cpu utilization rate.Specifically, it is exactly first looked in the sub- firewall 2 of all business
Sub- 2 system of firewall of the minimum business of current cpu occupancy out, it is assumed that the minimum sub- firewall 2 of business of current cpu occupancy is remembered
For the sub- firewall 2 of business, sub- firewall 1 is then managed to the sub- firewall 2 of business and sends out a message, referred to as service take-over notice disappears
Breath;It include the receiving queue and transmit queue of the network interface card for the sub- firewall 2 of business taken in this adapter tube notification message, and by
The sub- firewall 2 of the business of adapter tube forwarding table data used in shared drive (including arp table, routing table and conversational list).
The present invention is compared to two-shipper or multi-computer back-up, the speed of service take-over scheduling faster, each sub- firewall 2 of business it
Between business do not perceive.In addition, different data source, data characteristics is different for firewall, to security protection requirement
Difference, safe and applicable safety regulation are also different.And safety detection tree is by the safety with every sub- firewall processes configuration
Rule compiles creation in memory.That is safety detection tree is one generated in memory according to firewall security rule
Kind binary tree, so that safety detection tree is also different.In general, a safety detection tree is created on a sub- firewall, especially
Integrated safe strategy is using even more so on second generation firewall.Different business models, security strategy emphasis is different,
The safety detection tree that compiling creation generates is also different.So the sub- firewall 2 of business that different business uses is different.
In this present embodiment, the sub- firewall 2 of every two business forms a backup group;The sub- firewall of business in backup group
2 use identical safety detection tree.Of course, it is possible to form a backup group by the sub- firewall 2 of multiple business.Using backup group,
It can be further improved network stabilization and reliability, as shown in Figure 1, the sub- firewall A of business and the sub- firewall B composition one of business
A backup group.The configuration of each sub- firewall 2 of business is the same in backup group, i.e., the same security strategy rule configuration.Often
A sub- firewall 2 of business compiles the safety detection tree for generating oneself according to the safety regulation of configuration in the memory of oneself, then
Safety detection tree in backup group on the sub- firewall 2 of all business is the same.In addition, each sub- firewall 2 of business makes
Forwarding table data are placed on shared drive, i.e., by creation shared drive, the sub- forwarding of firewall 2 of business in backup group is needed
Routing table, arp table and conversational list be all placed in shared drive.And each sub- firewall 2 of business creates alone oneself
Table exclusively enjoys respective routing table, arp table and conversational list.Firewall packet receiving forward when be look into routing forwarding, so need using
Routing table and arp table, subsequent packet are circulation hairs, look into conversational list forwarding.And conversational list is in firewall first packet by preventing
It is created after wall with flues safety detection, for specifying subsequent packet to forward.
Under normal circumstances, the sub- firewall 2 of each business takes message, analytic message from the network interface card receiving queue of oneself.It is right
For first packet, safety detection is first carried out: message being detected using safety detection tree in the memory of oneself, generate conversational list
It is placed in shared drive in the conversational list of oneself.Message is put into oneself corresponding network interface card transmit queue by tabling look-up by message later
In.For non-first packet message, go to look into correlation table in shared drive.So under normal circumstances, each sub- firewall respectively runs respective industry
Business, respectively searches the table of oneself, uses a table compared to shared, does not need using lock, since table separates, searches effect to improve
Rate.
In backup group, burst when monitoring that the sub- 2 generation process of firewall of some business is run quickly, it can be by the sub- firewall of the business
2 traffic scheduling is run in another sub- firewall 2 of business into backup group.When the sub- firewall 2 of some business occurs in backup group
Process, which is run quickly, bursts.For example, the sub- firewall A of business breaks down, process, which is run quickly, bursts, and the sub- firewall B of business in backup group takes at once
The business of the sub- firewall A of business.Detailed process: process collapse occurs for the sub- firewall A mono- of business, manages sub- firewall 1 and passes through the heart
Jump mechanism can perceive to obtain at once, the cpu service condition for the sub- firewall 2 of each business in backup group that then basis monitors,
The notr busy sub- firewall of current cpu is found out, the business for that the sub- firewall for then notifying it that adapter tube is gone to break down.I.e.
It manages the sub- firewall B of sub- 1 notice business of firewall and does two pieces thing: first, go connecing for the sub- corresponding network interface card of firewall A of business
It receives in queue and takes message, that is, go in the receiving queue of network interface card 1 and network interface card 2 that message is taken to be handled.It needs to table look-up when forwarding, go altogether
The related forwarding table for looking into the sub- firewall A of business in memory is enjoyed, when needing to do safety detection, it is existing that the sub- firewall B of business can be used
At safety detection rule tree carry out a series of detections;Second, each forwarding table data (meeting of the sub- firewall A of adapter tube maintenance service
Talk about table/routing table/arp table).
For expanded application scene, when carrying out safety detection for different business models, the sub- firewall 2 of business includes the
One protection firewall, the second protection firewall and third protect firewall;First protection firewall, the network interface card with industrial message
Connection;Second protection firewall, connect with the network interface card of database;Third protects firewall, the network interface card company for online of handling official business with enterprise
It connects.Sub- firewall 1 is managed, is connect with the network interface card of management message.First protection firewall can be the firewall of backup group.Yu Qi
In his embodiment, second protection firewall and third protection firewall may be backup group firewall.
For example, on same physical equipment, two business are anti-when carrying out safety detection for different business models
Wall with flues 2 is used as a backup group, and the as first protection firewall is used for industrial network data processing for connecing industrial network;This
The outer sub- firewall 2 of a business is used for database firewall;As second protection firewall is dedicated for database protection;Also
One third protection firewall is used for enterprise network firewall gateway for connecing office network.There are three types of firewall roles altogether, this three
The type of service run on kind firewall is different, and applicable safety regulation is different.For example, firewall is mainly run in industrial network
Industrial protocol message, security protection rule is primarily directed to public network network hole and virus and attack.Database firewall
It is mainly used for the protection of database, the business run thereon is mainly various database protocols, and security protection rule is for number
It steals secret information according to the loophole in library and attack and data.It is the various Message processings of general employee's online on enterprise network firewall,
Security protection rule and first two are also different.
Although invention has been described by way of example and in terms of the preferred embodiments, it is not for limiting invention, any art technology
Personnel may be by the methods and technical content of the disclosure above to inventive technique side in the spirit and scope for not departing from invention
Case makes possible variation and modification, therefore, all contents without departing from inventive technique scheme, the technical spirit pair according to invention
Any simple modifications, equivalents, and modifications made by above embodiments belong to the protection scope of inventive technique scheme.
Claims (9)
1. a kind of firewall system for realizing highly reliable safety, which is characterized in that including being configured on a physical equipment
Manage sub- firewall and the sub- firewall of at least two business;The physical equipment has multicore cpu;
Every sub- firewall is individually bound with cpu core, and mutual process is run alone;
Each sub- firewall of the business connect with the sub- firewall of management, enables process processing business, and according to preset
The data packet of safety detection tree control business passes in and out;
The sub- firewall of management, is managed the sub- firewall of each business by heartbeat mechanism;Monitoring some business
When the CPU usage of sub- firewall is higher than first threshold, the process scheduling of the sub- firewall of the business to CPU usage is lower than the
It is run in the sub- firewall of the business of two threshold values.
2. realizing the firewall system of highly reliable safety as described in claim 1, which is characterized in that the management fire prevention
Wall is also used to, monitor the sub- firewall of some business run quickly burst when, by the process scheduling of the sub- firewall of the business to CPU usage
Lower than being run in the sub- firewall of the business of second threshold.
3. realizing the firewall system of highly reliable safety as described in claim 1, which is characterized in that the safety detection tree
It is by compiling creation in memory with the safety regulation of every sub- firewall processes configuration.
4. realizing the firewall system of highly reliable safety as claimed in claim 3, which is characterized in that business described in every two
Sub- firewall forms a backup group;The sub- firewall of business in backup group uses identical safety detection tree.
5. realizing the firewall system of highly reliable safety as claimed in claim 4, which is characterized in that in a backup group
In, each sub- firewall of business will create shared drive for storing corresponding forwarding table data.
6. realizing the firewall system of highly reliable safety as claimed in claim 5, which is characterized in that the forwarding table data
Including routing table, arp table and conversational list.
7. realizing the firewall system of highly reliable safety as described in claim 1, which is characterized in that the business fire prevention
Wall includes that the first protection firewall, the second protection firewall and third protect firewall;
The first protection firewall, connect with the network interface card of industrial message;
The second protection firewall, connect with the network interface card of database;
The third protects firewall, connect with the network interface card of enterprise office online.
8. realizing the firewall system of highly reliable safety as claimed in claim 7, which is characterized in that first protection is anti-
Wall with flues is the firewall of backup group.
9. realizing the firewall system of highly reliable safety as described in claim 1, which is characterized in that the management fire prevention
Wall is connect with the network interface card of management message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910063269.7A CN109600396A (en) | 2019-01-23 | 2019-01-23 | Realize the firewall system of highly reliable safety |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910063269.7A CN109600396A (en) | 2019-01-23 | 2019-01-23 | Realize the firewall system of highly reliable safety |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109600396A true CN109600396A (en) | 2019-04-09 |
Family
ID=65964702
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910063269.7A Pending CN109600396A (en) | 2019-01-23 | 2019-01-23 | Realize the firewall system of highly reliable safety |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109600396A (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102629217A (en) * | 2012-03-07 | 2012-08-08 | 汉柏科技有限公司 | Network equipment with multi-process multi-operation system and control method thereof |
CN103514043A (en) * | 2012-06-29 | 2014-01-15 | 华为技术有限公司 | Multi-processor system and data processing method thereof |
CN104460934A (en) * | 2013-09-13 | 2015-03-25 | 华为终端有限公司 | Scheduling method and device for multi central processing units (CPU) |
CN104809026A (en) * | 2015-05-14 | 2015-07-29 | 苏州中晟宏芯信息科技有限公司 | Method for borrowing CPU computing resources by using remote node |
CN104869016A (en) * | 2015-04-28 | 2015-08-26 | 杭州华三通信技术有限公司 | Method and equipment for transmitting data message |
CN106897132A (en) * | 2017-02-27 | 2017-06-27 | 郑州云海信息技术有限公司 | The method and device of a kind of server task scheduling |
US20180129525A1 (en) * | 2016-11-09 | 2018-05-10 | Samsung Electronics Co., Ltd. | Computing system for securely executing a secure application in a rich execution environment |
CN108307206A (en) * | 2017-12-25 | 2018-07-20 | 北京奇艺世纪科技有限公司 | A kind of distribution method and device of live streaming encoding tasks |
-
2019
- 2019-01-23 CN CN201910063269.7A patent/CN109600396A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102629217A (en) * | 2012-03-07 | 2012-08-08 | 汉柏科技有限公司 | Network equipment with multi-process multi-operation system and control method thereof |
CN103514043A (en) * | 2012-06-29 | 2014-01-15 | 华为技术有限公司 | Multi-processor system and data processing method thereof |
CN104460934A (en) * | 2013-09-13 | 2015-03-25 | 华为终端有限公司 | Scheduling method and device for multi central processing units (CPU) |
CN104869016A (en) * | 2015-04-28 | 2015-08-26 | 杭州华三通信技术有限公司 | Method and equipment for transmitting data message |
CN104809026A (en) * | 2015-05-14 | 2015-07-29 | 苏州中晟宏芯信息科技有限公司 | Method for borrowing CPU computing resources by using remote node |
US20180129525A1 (en) * | 2016-11-09 | 2018-05-10 | Samsung Electronics Co., Ltd. | Computing system for securely executing a secure application in a rich execution environment |
CN106897132A (en) * | 2017-02-27 | 2017-06-27 | 郑州云海信息技术有限公司 | The method and device of a kind of server task scheduling |
CN108307206A (en) * | 2017-12-25 | 2018-07-20 | 北京奇艺世纪科技有限公司 | A kind of distribution method and device of live streaming encoding tasks |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102624584B (en) | Chain circuit detecting method and device | |
CN107426206A (en) | A kind of protector and method to web server | |
CN103858382B (en) | The method and apparatus shared for the application state that Firewall Group is concentrated | |
CN104272654B (en) | For the adaptive method and apparatus quickly started in link aggregation | |
CN104506513B (en) | Fire wall flow table backup method, fire wall and firewall system | |
CN104113428B (en) | A kind of equipment management device and method | |
CN103959712B (en) | Time control in large-scale firewall cluster | |
CN107566508A (en) | A kind of short message micro services system for automating O&M | |
CN108055270B (en) | Network security cooperative defense method | |
US11095476B2 (en) | Spanning tree protocol enabled n-node link aggregation system | |
CN109981587A (en) | A kind of network security monitoring traceability system based on APT attack | |
WO2017080161A1 (en) | Alarm information processing method and device in cloud computing | |
CN109391691A (en) | The restoration methods and relevant apparatus that NAS is serviced under a kind of single node failure | |
CN110636086A (en) | Network protection test method and device | |
US11889244B2 (en) | Passive optical network for utility infrastructure resiliency | |
US9122546B1 (en) | Rapid processing of event notifications | |
CN105245336B (en) | A kind of file encryption management system | |
CN108234305A (en) | A kind of control method and equipment of across machine frame link redundancy protection | |
CN103888310B (en) | Monitor processing method and system | |
CN109600396A (en) | Realize the firewall system of highly reliable safety | |
CN109743316A (en) | Data transmission method, egress router, firewall and dual stage firewall system | |
CN104717188A (en) | Asset object security protection system and method in industrial control firewall | |
Zhong et al. | Dynamic lines of collaboration in CPS disruption response | |
CN115242839B (en) | Method and device for cascade data transmission of Internet of things, electronic equipment and storage medium | |
CN210444303U (en) | Network protection test system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190409 |
|
RJ01 | Rejection of invention patent application after publication |