CN111031109B - Method for network safety equipment backup and synchronous management - Google Patents
Method for network safety equipment backup and synchronous management Download PDFInfo
- Publication number
- CN111031109B CN111031109B CN201911204680.8A CN201911204680A CN111031109B CN 111031109 B CN111031109 B CN 111031109B CN 201911204680 A CN201911204680 A CN 201911204680A CN 111031109 B CN111031109 B CN 111031109B
- Authority
- CN
- China
- Prior art keywords
- backup
- special debugging
- network security
- management server
- files
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a method for backing up and synchronously managing network safety equipment, which comprises the following steps: (1) Establishing a file directory in a special debugging notebook according to the device type and name of the network security equipment, accessing the special debugging notebook into the network security equipment to export a configuration file, and carrying out encryption compression after capturing a picture to the specified directory in detail; (2) The method comprises the steps that a backup management server and a plurality of special debugging notebooks are networked through a switch, and backup files are uploaded to the backup management server through accessing a specified service webpage in the special debugging notebooks; (3) The backup management server automatically reminds the network safety equipment needing backup in the near future according to the uploading time of the backup file and the set backup period; (4) The user can download the backup files from the backup management server to the special debugging notebook computer, and can also automatically synchronize the appointed directories of a plurality of special debugging notebook computers, thereby realizing the backup and synchronous management of the network security equipment.
Description
Technical Field
The invention belongs to the field of network security, and particularly relates to a method for backing up and synchronously managing network security equipment.
Background
According to the requirements of safety protection regulations of power monitoring systems, business systems based on computers and network technologies in power generation enterprises and power grid enterprises are divided into a production control area and a management information area in principle. The production control large area can be divided into a control area and a non-control area. A special electric power longitudinal encryption authentication device or an encryption authentication gateway and corresponding facilities which are subjected to detection and authentication by a national specified department are arranged at the longitudinal connection position of a production control large area and a wide area network of a power plant and a transformer substation with important protection, so that bidirectional identity authentication, data encryption and access control are realized. A special transverse one-way safety isolation device for electric power, which is detected and authenticated by a national specified department, is arranged between a production control area and a management information area, and the isolation strength is close to or reaches physical isolation. The network equipment with access control function, firewall or equivalent facility should be adopted between the safety zones in the production control area to realize logic isolation.
Therefore, the network security devices of the power monitoring system are various in types and large in number, such as a power-dedicated longitudinal encryption authentication device, a power-dedicated transverse one-way security isolation device and a firewall, and the backup and change operations of the devices need to be matched with a dedicated debugging notebook, and different operators have inconsistent backup modes and paths when maintaining the devices, so that backup files of a plurality of dedicated debugging notebooks are not synchronous, once a network security device fails, the latest available backup files cannot be found immediately for recovery operations, and the backup files are stored in the dedicated debugging notebooks sporadically, so that the requirements of security and confidentiality of backup file storage are not met.
Disclosure of Invention
The invention aims to provide a method for backing up and synchronously managing network safety equipment, aiming at the problems that the regular backing up of the network safety equipment of a power monitoring system and the backup files for changing the backing up are difficult to synchronize in the prior art. The special debugging notebooks automatically carry out backup file synchronization on the appointed directories in a mode of combining timing synchronization and change synchronization, the backup files of any special debugging notebook are ensured to be the same, the backup management server stores complete backup files, and the phenomenon that the latest backup is not carried out for recovery when the network safety equipment fails is avoided.
The scheme of the invention is realized by the following steps:
a method for backing up and synchronously managing network safety equipment comprises the following steps:
step (1) file backup of network security equipment: establishing a corresponding file directory in a special debugging notebook according to the device type and name of the network security equipment, accessing the special debugging notebook into the network security equipment, exporting the configuration file of the network security equipment according to the use instruction of the network security equipment, capturing the configuration file into the directory specified by the special debugging notebook in detail, and encrypting and compressing the backup file;
and (2) uploading and synchronizing the backup files: the backup management server and the special debugging notebooks are set with appointed IP addresses and then are networked through the switchboard, backup files in the special debugging notebooks are perfected by accessing appointed service webpages, the perfected contents comprise equipment names, equipment types, IP addresses, installation positions, backup reasons, operations (backup, modification, deletion) and the like, and then the backup files are uploaded to the backup management server. The backup management server automatically records the uploading time, so that the configuration file synchronization from the special debugging notebook to the backup management server is realized;
and (3) downloading and synchronizing the backup files: after the special debugging notebook uploads the backup files, the backup management server automatically reminds the network security equipment needing backup recently according to the uploading time of the backup files and the set backup period, a user downloads the backup files from the backup management server to the specified directories of other special debugging notebooks for synchronization by accessing the specified service webpage, or automatically synchronizes the backup files of the specified directories of a plurality of networking special debugging notebooks by adopting a mode of combining timing synchronization and change synchronization, so that the backup files of any special debugging notebook are the same, and the backup and synchronous management of the network security equipment is realized.
As a further description of the present invention, the dedicated debugging notebook accesses the network security device through a network cable or a serial port cable. Different access modes are adopted according to different types, manufacturers and models of the network security equipment.
As a further explanation of the present invention, the dedicated debugging notebook uploads the backup file to the backup management server by accessing the specified service web page.
As a further illustration of the present invention, the configuration files include policies, certificates, tunnels, and the like.
As a further explanation of the invention, the device types comprise a firewall, a longitudinal encryption authentication device special for electric power, a transverse one-way safety isolation device special for electric power and the like. And performing backup according to options of setting equipment name, equipment type, IP address, installation position, backup reason, operation (backup, modification, deletion) and the like of each equipment.
The invention has the following good effects:
1. the backup files in the special debugging notebook are uploaded to the backup management server in a web page friendly interaction mode, and meanwhile, a downloading service is provided to download the backup files to the designated equipment and the directory, so that the backup management server is ensured to store the complete backup files, and the different-computer storage and the safe and uniform management of the backup files are realized. Meanwhile, the backup management server automatically reminds the network security equipment needing backup in the near future according to the uploading time of the backup file and the backup period set manually.
2. The method can realize the automatic synchronization of the backup files of a plurality of special debugging notebooks, automatically carry out the backup file synchronization of the appointed catalogue by adopting the mode of combining the timing synchronization and the change synchronization, ensure that the backup files of any special debugging notebooks are the same, and further ensure the consistency of the backup files of the special debugging notebooks.
Drawings
Fig. 1 is a schematic diagram of a connection manner between a dedicated debugging notebook and a network security device according to the present invention.
Fig. 2 is a schematic diagram of a backup management server and a plurality of special debugging notebooks networking according to the present invention.
Detailed Description
The method for backup and synchronization management of network security devices according to the present invention is described below with reference to the following embodiments, which are not intended to limit the present invention further.
Example (b):
a method for network security device backup and synchronous management comprises the following steps:
step (1) file backup of network security equipment: establishing a corresponding file directory in a special debugging notebook according to the device type and the specific name of the network security equipment, wherein the device type is a firewall, a special longitudinal encryption authentication device for electric power, a special transverse one-way security isolation device for electric power and the like, the special debugging notebook is accessed into the network security equipment in a network wire or serial port wire mode, the access mode is different according to the type, the manufacturer and the model of the network security equipment, configuration files (such as strategies, certificates, tunnels and the like) of the network security equipment are exported and captured in detail into the file directory specified by the special debugging notebook according to the use specification of the network security equipment, and meanwhile, backup files are encrypted and compressed.
And (2) uploading and synchronizing the backup files: the backup management server and the special debugging notebooks are set with the appointed IP addresses and then are networked through the switchboard, backup files in the special debugging notebooks are perfected by accessing the appointed service webpage, the filled contents comprise equipment names, equipment types, IP addresses, installation positions, backup reasons, operations (backup, modification, deletion) and the like, and then the backup files are uploaded to the backup management server. The backup management server automatically records the uploading time, so that the configuration files of the special debugging notebook and the backup management server are synchronized.
And (3) downloading and synchronizing the backup files: after the special debugging notebook uploads the backup files, the backup management server automatically reminds the network security equipment needing backup recently according to the uploading time of the backup files and the set backup period, a user downloads the backup files from the backup management server to the specified directories of other special debugging notebooks for synchronization by accessing the specified service webpage, or automatically synchronizes the backup files of the specified directories of a plurality of special debugging notebooks by combining timing synchronization and change synchronization, so that the backup files of any special debugging notebook are ensured to be the same, and the phenomenon that the network security equipment is failed and has no latest backup for recovery is avoided.
The specific embodiments described herein are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or ambit of the invention as defined in the appended claims.
Claims (1)
1. A method for network security device backup and synchronous management is characterized by comprising the following steps:
step 1, file backup of the network security equipment: establishing a corresponding file directory in a special debugging notebook according to the device type and name of the network security equipment, accessing the special debugging notebook into the network security equipment, exporting the configuration file of the network security equipment according to the use instruction of the network security equipment, capturing the configuration file into the directory specified by the special debugging notebook in detail, and encrypting and compressing the backup file;
step 2, uploading and synchronizing the backup files: setting specified IP addresses for a backup management server and a plurality of special debugging notebooks, then networking through a switch, and perfecting backup files in the special debugging notebooks by accessing specified service webpages, wherein the perfected contents comprise equipment names, equipment types, IP addresses, installation positions, backup reasons and operations; then uploading the backup file to a backup management server; the backup management server automatically records the uploading time, so that the configuration file synchronization from the special debugging notebook to the backup management server is realized;
and step 3, downloading and synchronizing the backup files: after the special debugging notebook uploads the backup files, the backup management server automatically reminds the network security equipment needing backup recently according to the uploading time of the backup files and the set backup period, a user downloads the backup files from the backup management server to the specified directories of other special debugging notebooks for synchronization by accessing the specified service webpage downloading mode, or automatically synchronizes the backup files of the specified directories of a plurality of networking special debugging notebooks by adopting a mode of combining timing synchronization and change synchronization, and ensures that the backup files of any special debugging notebook are the same, thereby realizing the backup and synchronous management of the network security equipment;
the special debugging notebook is accessed to the network security equipment in a network cable or serial port cable mode;
the special debugging notebook carries out backup file uploading and downloading service with the backup management server in a webpage friendly interaction mode.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911204680.8A CN111031109B (en) | 2019-11-29 | 2019-11-29 | Method for network safety equipment backup and synchronous management |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911204680.8A CN111031109B (en) | 2019-11-29 | 2019-11-29 | Method for network safety equipment backup and synchronous management |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111031109A CN111031109A (en) | 2020-04-17 |
CN111031109B true CN111031109B (en) | 2022-12-06 |
Family
ID=70207287
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911204680.8A Active CN111031109B (en) | 2019-11-29 | 2019-11-29 | Method for network safety equipment backup and synchronous management |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111031109B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113766031B (en) * | 2021-09-13 | 2023-04-28 | 杭州安恒信息技术股份有限公司 | Method and device for storing note resources and related equipment |
CN116414439B (en) * | 2023-01-05 | 2023-11-21 | 上海弘积信息科技有限公司 | Configuration file management method and system in load balancing equipment |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101494651A (en) * | 2009-02-11 | 2009-07-29 | 江苏敏捷科技股份有限公司 | Method for active backup of data |
CN101729595A (en) * | 2009-11-26 | 2010-06-09 | 世导数据通讯(杭州)有限公司 | Network backup device and backup method thereof |
CN102414657A (en) * | 2009-05-01 | 2012-04-11 | 微软公司 | Shared job scheduling in electronic notebook |
-
2019
- 2019-11-29 CN CN201911204680.8A patent/CN111031109B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101494651A (en) * | 2009-02-11 | 2009-07-29 | 江苏敏捷科技股份有限公司 | Method for active backup of data |
CN102414657A (en) * | 2009-05-01 | 2012-04-11 | 微软公司 | Shared job scheduling in electronic notebook |
CN101729595A (en) * | 2009-11-26 | 2010-06-09 | 世导数据通讯(杭州)有限公司 | Network backup device and backup method thereof |
Also Published As
Publication number | Publication date |
---|---|
CN111031109A (en) | 2020-04-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104252500B (en) | The fault repairing method and device of a kind of database management platform | |
CN106250270B (en) | A kind of data back up method under cloud computing platform | |
CN106997306B (en) | Method, device and system for migrating physical machine data to cloud | |
CN111031109B (en) | Method for network safety equipment backup and synchronous management | |
CN104023085A (en) | Security cloud storage system based on increment synchronization | |
CN104348914A (en) | Tamper-proofing system file synchronizing system and tamper-proofing system file synchronizing method | |
CN103226612B (en) | A kind of Content Management System based on memory database | |
CN103873519B (en) | A kind of method of data synchronization, client, server, terminal and system | |
CN106341371A (en) | Cloud storage data encryption method and cloud storage system | |
CN112817791A (en) | Mobile terminal monitoring method for mining state of working face cluster | |
CN102930216B (en) | Based on the encrypt file management method of wireless U-disc | |
CN105677507A (en) | Cloud backup system and method for enterprise data | |
CN102651746A (en) | Point-to-point information transmission method, system and device | |
CN105306216A (en) | Power distribution network equipment maintenance system based on mobile network security authentication | |
CN109917761B (en) | Method and system for improving safety protection of power plant distributed control system | |
CN109286615A (en) | A kind of efficiently across LAN data synchronous method | |
CN110995739A (en) | Industry internet control cloud platform | |
CN113114777B (en) | Disaster recovery method and device for multi-node high-availability cluster | |
CN102546806A (en) | Method and system for controlling terminal unit | |
CN204559620U (en) | Remote support system, remote access system and remote assisting system | |
CN107770030B (en) | Stage equipment control system, control method and control device based on VPN technology | |
EP3407571A1 (en) | Method for providing network-based services to user of network storage server, associated network storage server and associated storage system | |
CN105279454B (en) | secure synchronization device and method | |
CN106992970B (en) | Method and system for acquiring power grid fault recording data | |
CN103970624A (en) | Backup method and restoration method for identity authentication all-in-one machine |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |