CN112187533B - Virtual network equipment defense method, device, electronic equipment and medium - Google Patents
Virtual network equipment defense method, device, electronic equipment and medium Download PDFInfo
- Publication number
- CN112187533B CN112187533B CN202010989976.1A CN202010989976A CN112187533B CN 112187533 B CN112187533 B CN 112187533B CN 202010989976 A CN202010989976 A CN 202010989976A CN 112187533 B CN112187533 B CN 112187533B
- Authority
- CN
- China
- Prior art keywords
- virtual network
- network equipment
- backup
- network device
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0668—Management of faults, events, alarms or notifications using network fault recovery by dynamic selection of recovery network elements, e.g. replacement by the most appropriate element after failure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/55—Prevention, detection or correction of errors
- H04L49/557—Error correction, e.g. fault recovery or fault tolerance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/40—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
Abstract
The application provides a virtual network equipment defense method, which comprises the following steps: detecting whether the virtual network equipment fails or not; if the virtual network equipment fails, determining the backup requirement of the virtual network equipment according to the application type and the host resources; determining target virtual network equipment from backup virtual network equipment according to the information; and switching the virtual network device to the target virtual network device. Therefore, the backup virtual network equipment is arranged, when the virtual network equipment fails, the target virtual network equipment can be determined according to the backup requirement, the virtual network equipment is switched to the target virtual network equipment, the network function is normally used, and the safety and the reliability of the cloud platform are improved. The application also provides a virtual network equipment defense device, electronic equipment and a computer readable storage medium, which all have the beneficial effects.
Description
Technical Field
The present application relates to the field of virtualization technologies, and in particular, to a method and an apparatus for defending a virtual network device, an electronic device, and a medium.
Background
In the cloud computing era, distributed resources such as large-scale extensible computing, storage and networks are integrated for cooperative work on the basis of a virtualization technology, and an operation mode of multi-tenant coexistence is constructed. A server host can deploy distributed virtual network devices, an application scenario is shown in fig. 1, fig. 1 is a schematic structural diagram of communication of a virtual machine in the related art, and within a cluster, the virtual machine communicates through the distributed virtual network devices, although traditional manners such as firewalls and data encryption can better protect an internal network, with the occurrence of various advanced attack means, for example, information collection is performed on a target continuously and irregularly, so that various types of known or even unknown software vulnerability backdoors existing in the target network and system are mastered, an accurate attack plan is formulated, the attack plan gradually penetrates through the target device and application, internal information is stolen, the internal network is controlled, or the device is damaged, and the traditional protection means face a serious challenge. Network security events have shown in recent years that virtual network device (network element) security has become a paramount issue for cloud platforms.
Therefore, how to provide a solution to the above technical problem is a problem that needs to be solved by those skilled in the art.
Disclosure of Invention
The application aims to provide a virtual network equipment defense method, a virtual network equipment defense device, electronic equipment and a medium, which can enable network functions to be normally used when virtual network equipment fails, and improve the safety and reliability of a cloud platform. The specific scheme is as follows:
the application provides a virtual network equipment defense method, which comprises the following steps:
detecting whether the virtual network equipment fails or not;
if the virtual network equipment fails, determining the backup requirement of the virtual network equipment according to the application type and the host resource;
determining target virtual network equipment according to the backup requirements and the state information of all backup virtual network equipment;
and switching the virtual network equipment to the target virtual network equipment.
Preferably, before the detecting whether the virtual network device fails, the method further includes:
when the virtual network equipment is attacked, the flag position of the virtual network equipment is attacked;
correspondingly, the detecting whether the virtual network device fails includes:
and when the zone bit of the virtual network equipment is attacked, detecting whether the virtual network equipment fails.
Preferably, the determining a target virtual network device according to the backup requirement and the state information of all backup virtual network devices includes:
detecting whether the zone bits in the state information of the backup virtual network device are all attacked or not;
if not, determining the target virtual network equipment from the unappressed backup virtual network equipment according to the backup requirement;
if the two are attacked, the new backup virtual network equipment is redeployed according to the backup requirement;
and determining the new backup virtual network device as the target virtual network device.
Preferably, the virtual network device is any one of OVS, neutron and linux bridge.
Preferably, the detecting whether the virtual network device fails includes:
sending inquiry information to the virtual network device;
when response information corresponding to the inquiry information sent by the virtual network equipment is not received, determining that the virtual network equipment fails;
and when the response information fed back by the virtual network equipment is received, determining that the virtual network equipment is normal.
Preferably, the switching the virtual network device to the target virtual network device includes:
and reading a routing table, and configuring the target virtual network equipment according to the routing table.
Preferably, the method further comprises the following steps:
and generating a plurality of backup virtual network devices by adopting a backup redundancy framework.
The application provides a virtual network equipment defense device, includes:
the detection module is used for detecting whether the virtual network equipment fails or not;
the backup requirement determining module is used for determining the backup requirement of the virtual network equipment according to the application type and the host resource if the virtual network equipment fails;
the target virtual network equipment determining module is used for determining the target virtual network equipment according to the backup requirements and the state information of all the backup virtual network equipment;
and the switching module is used for switching the virtual network equipment to the target virtual network equipment.
The application provides an electronic device, including:
a memory for storing a computer program;
a processor for implementing the steps of the virtual network device defense method as described above when executing the computer program.
The present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of a virtual network device defense method as described above.
The application provides a virtual network equipment defense method, which comprises the following steps: detecting whether the virtual network equipment fails or not; if the virtual network equipment fails, determining the backup requirement of the virtual network equipment according to the application type and the host resource; determining target virtual network equipment from backup virtual network equipment according to the information; and switching the virtual network device to the target virtual network device.
Therefore, the backup virtual network equipment is arranged, when the virtual network equipment breaks down, the target virtual network equipment can be determined according to backup requirements, the virtual network equipment is switched to the target virtual network equipment, network functions are normally used, and safety and reliability of the cloud platform are improved.
The application also provides a virtual network equipment defense device, electronic equipment and a computer readable storage medium, which all have the beneficial effects and are not described herein again.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only the embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic structural diagram of communication of a virtual machine in the related art;
fig. 2 is a flowchart of a virtual network device defense method according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a virtual network device defense apparatus according to an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
A server host can deploy distributed virtual network devices, an application scenario is shown in fig. 1, fig. 1 is a schematic structural diagram of communication of a virtual machine in the related art, and within a cluster, the virtual machine communicates through the distributed virtual network devices, although traditional manners such as firewalls and data encryption can better protect an internal network, with the occurrence of various advanced attack means, for example, information collection is performed on a target continuously and irregularly, so that various types of known or even unknown software vulnerability backdoors existing in the target network and system are mastered, an accurate attack plan is formulated, the attack plan gradually penetrates through the target device and application, internal information is stolen, the internal network is controlled, or the device is damaged, and the traditional protection means face a serious challenge. Network security events have shown in recent years that virtual network device (network element) security has become a primary issue for cloud platforms.
Based on the above technical problem, this embodiment provides a virtual network device defense method, which can enable a network function to be normally used when a virtual network device fails, so as to improve security and reliability of a cloud platform, specifically refer to fig. 2, where fig. 2 is a flowchart of a virtual network device defense method provided in this embodiment of the present application, and specifically includes:
s101, detecting whether the virtual network equipment has a fault;
in the embodiment, the virtual network equipment is detected in real time so as to realize automatic deployment, manual intervention is not required in the whole process, the prior attack experience is not relied on, and the passive defense modes such as the traditional firewall and the like are compensated by adopting an active detection mode. The virtual network device is any one of OVS, neutron, and linux bridge, and may be other devices, which are not limited in this embodiment, as long as the purpose of this embodiment can be achieved. The OVS (OpenVSwitch, virtual switch) supports large-scale network automation through programming extension, also supports standard management interfaces and protocols, can be used in a production environment, supports distributed management across physical servers, extends programming, large-scale network automation and standardized interfaces, and realizes a software switch similar to most commercial closed-source switches in function.
In one implementation, detecting whether a virtual network device fails comprises: sending inquiry information to the virtual network equipment; when response information corresponding to the inquiry information sent by the virtual network equipment is not received, determining that the virtual network equipment fails; and when response information fed back by the virtual network equipment is received, determining that the virtual network equipment is normal. The method comprises the steps that inquiry information is sent to virtual network equipment, the virtual network equipment feeds back response information after receiving the inquiry information, and when the response information corresponding to the inquiry information sent by the virtual network equipment is not received, the virtual network equipment is determined to be in fault; and when response information fed back by the virtual network equipment is received, determining that the virtual network equipment is normal.
In another implementation, detecting whether the virtual network device fails comprises: sending inquiry information to the virtual network equipment, and determining that the virtual network equipment fails when response information corresponding to the inquiry information sent by the virtual network equipment is not received within preset time; and when response information fed back by the virtual network equipment is received within preset time, determining that the virtual network equipment is normal. In addition to the fact that communication cannot be performed when the virtual network device fails, a communication delay phenomenon may also occur.
Further, before detecting whether the virtual network device fails, the method further includes: when the virtual network equipment is attacked, the flag position of the virtual network equipment is attacked; correspondingly, detecting whether the virtual network device fails includes: and when the zone bit of the virtual network equipment is attacked, detecting whether the virtual network equipment fails.
The initial zone bit of the virtual network equipment is set to be not attacked, and when the virtual network equipment is attacked, the zone bit is set to be attacked, so that whether the virtual network equipment fails or not can be detected only when the virtual network equipment is attacked, detection times are greatly saved, and the efficiency of fault detection is improved.
It can be understood that the application subject in this embodiment is an electronic device, and the electronic device is provided with required components, including a deployment component, a status detection component, and a scheduling component. The deployment component applies for a backup executive request according to the application type and the host resource, namely, the backup requirement of the virtual network equipment is determined according to the application type and the host resource; the state detection component is used for collecting the health state of the virtual network equipment, detecting whether the virtual network equipment is attacked or not, setting the flag bit of the attacked executive body, namely the virtual network equipment, as attacked, facilitating the subsequent detection of the state of the virtual network equipment, and reporting the state to the scheduling component; the scheduling component sends a scheduling instruction according to whether the execution body is attacked or not, specifically, determines the target virtual network device according to the backup requirement and the state information of all the backup virtual network devices, and switches the virtual network device to the target virtual network device.
Further, the method also comprises the following steps: and generating a plurality of backup virtual network devices by adopting a backup redundancy framework. And carrying out backup redundancy execution on the virtual network equipment (network element). The system is internally provided with a backup redundancy framework to generate a plurality of backup virtual network devices. The number of the backup virtual network devices is not limited in the embodiment, and the user can customize the setting as long as the purpose of the embodiment can be achieved.
S102, if the virtual network equipment fails, determining the backup requirement of the virtual network equipment according to the application type and the host resource;
and if the virtual network equipment fails, the system detects whether the virtual network equipment fails in real time.
The application type refers to a type of a device that performs communication by using a virtual network device, and may specifically be any one of a virtual machine, a container, and a service type, and correspondingly, different host resources may be different, and therefore, in this embodiment, a backup requirement of the virtual network device is determined according to the application type and the host resources, where the backup requirement includes the number and bandwidth of backup virtual network devices, and may also include other information.
S103, determining target virtual network equipment according to the backup requirements and the state information of all backup virtual network equipment;
in an implementation manner, determining a target virtual network device according to backup requirements and state information of all backup virtual network devices includes: determining non-failed backup virtual network equipment from the backup virtual network equipment according to the state information of all the backup virtual network equipment, and if the backup virtual network meets the backup requirement, determining target virtual network equipment from the backup virtual network equipment; if the backup virtual network does not meet the backup requirement, new backup virtual network equipment is redeployed according to the backup requirement; and determining the new backup virtual network device as a target virtual network device.
Further, if the backup virtual network does not meet the backup requirement, relocating new backup virtual network equipment according to the backup requirement, including: if the backup virtual network does not meet the backup requirement, new backup virtual network equipment is redeployed, and target virtual network equipment meeting the backup requirement is determined from the backup virtual network and the new backup virtual network equipment.
In another implementation, determining a target virtual network device according to backup requirements and state information of all backup virtual network devices includes: detecting whether flag bits in the state information of the backup virtual network equipment are attacked or not; if not, determining the target virtual network equipment from the un-attacked backup virtual network equipment according to the backup requirement; if the two are attacked, the new backup virtual network equipment is redeployed according to the backup requirement; and determining the new backup virtual network device as a target virtual network device.
And S104, switching the virtual network equipment to target virtual network equipment.
In this embodiment, switching is not limited, and may be switching the virtual network device to the target virtual network device, including: reading a routing table, and configuring target virtual network equipment according to the routing table; of course, switching the virtual network device to the target virtual network device includes: and reading the associated information table, and configuring the target virtual network equipment according to the associated information table, wherein the associated information table represents information such as addresses and IDs (identity) of equipment at two ends which are communicated by using the virtual network equipment.
Based on the technical scheme, the backup virtual network equipment is arranged, when the virtual network equipment fails, the target virtual network equipment can be determined according to the backup requirement, and the virtual network equipment is switched to the target virtual network equipment, so that the network function is normally used, and the safety and the reliability of the cloud platform are improved.
Based on the foregoing embodiments, this embodiment provides a specific virtual network device defense method, including:
deploying virtual network (network element) equipment such as ovs/neutron and the like on a host server;
detecting whether external/internal attacks exist, if yes, judging whether the virtual network element has a fault, and if yes, starting a backup redundancy mechanism;
setting the flag bit of the attacked executive body, and backing up the redundant executive body according to the host resource;
traversing and detecting the state of the backup executors, judging whether all the executors are attacked or not according to the existing flag bits of the executors, if not, randomly selecting one of the executors by the dispatcher to perform network functions, and if all the executors are attacked, relocating a new executor;
and the state of the executive bodies is continuously detected, and at least one executive body is ensured to be normal, so that the network function is normally used, and the safety and the reliability of the cloud platform are improved.
Therefore, a plurality of heterogeneous executives with equivalent functions are generated by using the backup redundant framework, and when one executor suffers internal/external attacks, other executives are backed up, so that the network function is normally used, the safety and the reliability of the cloud platform are improved, active defense is realized, and the passive defense mode of the traditional firewall is compensated.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a virtual network device defense apparatus provided in an embodiment of the present application, where the virtual network device defense apparatus described below and the virtual network device defense method described above may be referred to in correspondence, and the virtual network device defense apparatus provided in the embodiment of the present application includes:
a detection module 210, configured to detect whether a virtual network device fails;
a backup requirement determining module 220, configured to determine a backup requirement of the virtual network device according to the application type and the host resource if the virtual network device fails;
a target virtual network device determining module 230, configured to determine a target virtual network device switching module 240 according to the backup requirement and the state information of all the backup virtual network devices, and configured to switch a virtual network device to the target virtual network device.
Preferably, the method further comprises the following steps:
the identification module is used for setting the flag position of the virtual network equipment as attacked when the virtual network equipment is attacked;
correspondingly, the detecting module 210 includes:
and the detection unit is used for detecting whether the virtual network equipment fails or not when the zone bit of the virtual network equipment is attacked.
Preferably, the target virtual network device determining module 230 includes:
the detection unit is used for detecting whether the zone bits in the state information of the backup virtual network equipment are attacked or not;
the first determining unit is used for determining the target virtual network equipment from the un-attacked backup virtual network equipment according to the backup requirement if the target virtual network equipment is not attacked;
the redeployment unit is used for redeploying the new backup virtual network equipment according to the backup requirement if the new backup virtual network equipment is attacked;
and the second determining unit is used for determining the new backup virtual network device as the target virtual network device.
Preferably, the virtual network device is any one of OVS, neutron and linux bridge.
Preferably, the detection module 210 includes:
a transmitting unit for transmitting inquiry information to the virtual network device;
the first determining unit is used for determining that the virtual network equipment fails when response information corresponding to the inquiry information sent by the virtual network equipment is not received;
and the second determining unit is used for determining that the virtual network equipment is normal when the response information fed back by the virtual network equipment is received.
Preferably, the switching module 240 includes:
and the switching unit is used for reading the routing table and configuring the target virtual network equipment according to the routing table.
Preferably, the method further comprises the following steps:
and the generating module is used for generating a plurality of backup virtual network devices by adopting the backup redundant framework.
Since the embodiments of the apparatus portion and the method portion correspond to each other, please refer to the description of the embodiments of the method portion for the embodiments of the apparatus portion, which is not repeated here.
In the following, an electronic device provided by an embodiment of the present application is introduced, and the electronic device described below and the method described above may be referred to correspondingly.
The application provides an electronic device, including:
a memory for storing a computer program;
a processor for implementing the steps of the virtual network device defense method as described above when executing a computer program.
Since the embodiment of the electronic device portion corresponds to the embodiment of the method portion, please refer to the description of the embodiment of the method portion for the embodiment of the electronic device portion, and details are not repeated here.
The following describes a computer-readable storage medium provided by embodiments of the present application, and the computer-readable storage medium described below and the method described above may be referred to correspondingly.
The present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the virtual network device defense method as described above.
Since the embodiment of the computer-readable storage medium portion and the embodiment of the method portion correspond to each other, please refer to the description of the embodiment of the method portion for the embodiment of the computer-readable storage medium portion, which is not repeated here.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed in the embodiment corresponds to the method disclosed in the embodiment, so that the description is simple, and the relevant points can be referred to the description of the method part.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the components and steps of the various examples have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The virtual network device defense method, the virtual network device defense apparatus, the electronic device and the medium provided by the present application are described in detail above. The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
Claims (9)
1. A virtual network device defense method is characterized by comprising the following steps:
detecting whether the virtual network equipment fails or not;
if the virtual network equipment fails, determining the backup requirement of the virtual network equipment according to the application type and the host resource;
determining target virtual network equipment according to the backup requirements and the state information of all backup virtual network equipment;
switching the virtual network device to the target virtual network device;
before detecting whether the virtual network device fails, the method further includes:
when the virtual network equipment is attacked, the flag position of the virtual network equipment is attacked;
correspondingly, the detecting whether the virtual network device fails includes:
and when the flag bit of the virtual network equipment is attacked, detecting whether the virtual network equipment fails.
2. The method for defending against a virtual network device according to claim 1, wherein the determining a target virtual network device according to the backup requirement and the status information of all backup virtual network devices comprises:
detecting whether the flag bits in the state information of the backup virtual network device are all attacked or not;
if not, determining the target virtual network equipment from the unappressed backup virtual network equipment according to the backup requirement;
if the two are attacked, the new backup virtual network equipment is redeployed according to the backup requirement;
and determining the new backup virtual network device as the target virtual network device.
3. The method of claim 1, wherein the virtual network device is any one of OVS, neutron, and linux bridge.
4. The method of claim 1, wherein the detecting whether the virtual network device fails comprises:
sending inquiry information to the virtual network equipment;
when response information corresponding to the inquiry information sent by the virtual network equipment is not received, determining that the virtual network equipment fails;
and when the response information fed back by the virtual network equipment is received, determining that the virtual network equipment is normal.
5. The virtual network device defense method of claim 1, wherein the switching the virtual network device to the target virtual network device comprises:
and reading a routing table, and configuring the target virtual network equipment according to the routing table.
6. The virtual network device defense method of claim 1, further comprising:
and generating a plurality of backup virtual network devices by adopting a backup redundancy framework.
7. A virtual network device defense apparatus, comprising:
the detection module is used for detecting whether the virtual network equipment fails or not;
the backup requirement determining module is used for determining the backup requirement of the virtual network equipment according to the application type and the host resource if the virtual network equipment fails;
the target virtual network equipment determining module is used for determining the target virtual network equipment according to the backup requirements and the state information of all the backup virtual network equipment;
a switching module, configured to switch the virtual network device to the target virtual network device;
further comprising:
the identification module is used for setting the flag position of the virtual network equipment as attacked when the virtual network equipment is attacked;
correspondingly, the detection module comprises:
and the detection unit is used for detecting whether the virtual network equipment fails or not when the zone bit of the virtual network equipment is attacked.
8. An electronic device, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the virtual network device defense method as claimed in any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the virtual network device defense method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010989976.1A CN112187533B (en) | 2020-09-18 | 2020-09-18 | Virtual network equipment defense method, device, electronic equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010989976.1A CN112187533B (en) | 2020-09-18 | 2020-09-18 | Virtual network equipment defense method, device, electronic equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112187533A CN112187533A (en) | 2021-01-05 |
| CN112187533B true CN112187533B (en) | 2023-04-18 |
Family
ID=73956642
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010989976.1A Active CN112187533B (en) | 2020-09-18 | 2020-09-18 | Virtual network equipment defense method, device, electronic equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112187533B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113329029B (en) * | 2021-06-18 | 2022-10-14 | 上海纽盾科技股份有限公司 | Situation awareness node defense method and system for APT attack |
| CN113741248B (en) * | 2021-08-13 | 2023-07-14 | 北京和利时系统工程有限公司 | Edge calculation controller and control system |
| CN114285795B (en) * | 2021-12-02 | 2023-01-31 | 中国银联股份有限公司 | State control method, device, equipment and storage medium of virtual equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102053873A (en) * | 2011-01-13 | 2011-05-11 | 浙江大学 | Method for ensuring fault isolation of virtual machines of cache-aware multi-core processor |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8074101B1 (en) * | 2009-10-29 | 2011-12-06 | Symantec Corporation | Systems and methods for handling path failures to active-passive storage arrays |
| CN107689879A (en) * | 2016-08-04 | 2018-02-13 | 中兴通讯股份有限公司 | The management method and device of Virtual NE |
| CN108270669B (en) * | 2016-12-30 | 2022-08-02 | 中兴通讯股份有限公司 | Service recovery device, main controller, system and method of SDN network |
| CN106850315B (en) * | 2017-03-16 | 2020-11-20 | 苏州浪潮智能科技有限公司 | Automatic disaster recovery system |
| CN108306777B (en) * | 2018-04-20 | 2021-04-13 | 平安科技(深圳)有限公司 | SDN controller-based virtual gateway active/standby switching method and device |
| CN109981355A (en) * | 2019-03-11 | 2019-07-05 | 北京网御星云信息技术有限公司 | Security defend method and system, computer readable storage medium for cloud environment |
| CN111181764A (en) * | 2019-11-29 | 2020-05-19 | 广东睿江云计算股份有限公司 | Main/standby switching method and system based on OVS |
| CN111193664A (en) * | 2020-01-16 | 2020-05-22 | 郑州轻工业大学 | Link backup method and device for computer network |
-
2020
- 2020-09-18 CN CN202010989976.1A patent/CN112187533B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102053873A (en) * | 2011-01-13 | 2011-05-11 | 浙江大学 | Method for ensuring fault isolation of virtual machines of cache-aware multi-core processor |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112187533A (en) | 2021-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112187533B (en) | Virtual network equipment defense method, device, electronic equipment and medium | |
| EP3142011B1 (en) | Anomaly recovery method for virtual machine in distributed environment | |
| CN109076063B (en) | Protecting dynamic and short-term virtual machine instances in a cloud environment | |
| JP6820342B2 (en) | Environmental isolation methods and equipment | |
| CN109669762B (en) | Cloud computing resource management method, device, equipment and computer readable storage medium | |
| US9817970B2 (en) | Method for detecting attacks on virtual machines | |
| CN109800160B (en) | Cluster server fault testing method and related device in machine learning system | |
| US20020188870A1 (en) | Intrusion tolerant server system | |
| US20110055636A1 (en) | Systems and methods for testing results of configuration management activity | |
| US20170111388A1 (en) | Centralized and Automated Recovery | |
| US20130139219A1 (en) | Method of fencing in a cluster system | |
| EP3035636B1 (en) | Computer defenses and counterattacks | |
| CN102882676A (en) | Method and system for equipment to safely access Internet of things | |
| US20160110544A1 (en) | Disabling and initiating nodes based on security issue | |
| CN110990115A (en) | Containerized deployment management system and method for honeypots | |
| CN104461683A (en) | Verification method, device and system for virtual machine illegal configuration | |
| CN111787038A (en) | Method, system and computing device for providing edge service | |
| CN113614718A (en) | Abnormal user session detector | |
| CN107453888B (en) | High-availability virtual machine cluster management method and device | |
| US9317355B2 (en) | Dynamically determining an external systems management application to report system errors | |
| CN113922975A (en) | Security control method, server, terminal, system and storage medium | |
| US11592997B2 (en) | Systems, methods and computer readable media for software defined storage security protection | |
| US20190243953A1 (en) | Enhanced security for multiple node computing platform | |
| CN110808943A (en) | Client connection emergency management method, client and computer readable storage medium | |
| CN115086219B (en) | Virtual router determining method, device and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |