CN112583875B - Asset scanning method and device - Google Patents

Asset scanning method and device Download PDF

Info

Publication number
CN112583875B
CN112583875B CN201910943770.2A CN201910943770A CN112583875B CN 112583875 B CN112583875 B CN 112583875B CN 201910943770 A CN201910943770 A CN 201910943770A CN 112583875 B CN112583875 B CN 112583875B
Authority
CN
China
Prior art keywords
scanning engine
main scanning
node
engine node
engine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910943770.2A
Other languages
Chinese (zh)
Other versions
CN112583875A (en
Inventor
祝接金
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Uniview Technologies Co Ltd
Original Assignee
Zhejiang Uniview Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Uniview Technologies Co Ltd filed Critical Zhejiang Uniview Technologies Co Ltd
Priority to CN201910943770.2A priority Critical patent/CN112583875B/en
Publication of CN112583875A publication Critical patent/CN112583875A/en
Application granted granted Critical
Publication of CN112583875B publication Critical patent/CN112583875B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1073Registration or de-registration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1008Server selection for load balancing based on parameters of servers, e.g. available memory or workload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1023Server selection for load balancing based on a hash applied to IP addresses or costs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1036Load balancing of requests to servers for services different from user content provisioning, e.g. load balancing across domain name servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/54Presence management, e.g. monitoring or registration for receipt of user log-on information, or the connection status of the users

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses an asset scanning method and a device, wherein a scanning engine node is communicated with a scheduling server to obtain a selection strategy of a main scanning engine node; adding a preset multicast group, sending a notification message in the multicast group, and sending response messages carrying respective scanning engine information after other nodes in the multicast group receive the notification message; and receiving response messages returned by other nodes, establishing a neighbor list, selecting a main scanning engine node according to a selection strategy of the main scanning engine node, the scanning engine information in the neighbor list and the scanning engine information of the main scanning engine node, and executing an asset automatic scanning task by the selected main scanning engine node. The invention can ensure that only one scanning engine in the same private network registers to the scheduling server, thereby reducing the load of the scheduling server, reducing the resource waste of the scanning engine and avoiding the repeated execution of the asset automatic scanning task in the same network.

Description

Asset scanning method and device
Technical Field
The invention belongs to the technical field of asset scanning, and particularly relates to an asset scanning method and device.
Background
With the development of internet technology, more and more services are deployed on the internet, however, with the increase of internet assets, the security risk of enterprises will be more, for example, the assets of enterprises exposed on the internet are easy to be the primary object of hacking.
The asset scanning is a technology for detecting the potential safety hazard of a local computer system and a remote computer system, and the technology helps people to discover the weakness and the leak of a host by sending a detection data packet to the local host or the remote host, acquiring the response of the host, analyzing the data packet fed back by the host, and acquiring the port development condition of the host and the service information provided by the host, thereby improving the network safety risk and preventing the hacker attack.
There are two main ways of asset scanning, one is active scanning and the other is automatic scanning. The active scanning mode is mainly that a user scans by using an open source scanning tool through configuring an IP address to be scanned. The automatic scanning mode does not configure a specific scanning IP address, but the scanning engine automatically detects assets existing in the network. At present, asset scanning mostly adopts a distributed deployment scheme, that is, one central scheduling server is collocated with a plurality of asset scanning engines, a general scheduling server is deployed on a public network, and the scanning engines may be distributed in a plurality of private networks. For the automatic scanning mode, because the insides of private networks are intercommunicated, when a plurality of scanning engines simultaneously execute the asset automatic scanning task, the network range scanned by each asset scanning engine is the same, so that only one asset scanning engine needs to be arranged inside one private network to execute the automatic scanning task, and the plurality of scanning engines execute the automatic scanning task, which causes the resource waste of the scanning engines.
Therefore, when a plurality of asset scanning engines are deployed in a private network, a task of repeatedly acquiring asset automatic scanning by the plurality of asset scanning engines is a problem to be solved.
Disclosure of Invention
The invention aims to provide an asset scanning method and device, which solve the problem that a plurality of asset scanning engines repeatedly acquire an asset automatic scanning task when a plurality of asset scanning engines are deployed in a private network.
In order to achieve the purpose, the technical scheme of the application is as follows:
an asset scanning method for scanning assets in a network, the network including a scheduling server and a plurality of scan engine nodes, the asset scanning method comprising:
the target scanning engine node communicates with the scheduling server to obtain a selection strategy of the main scanning engine node;
the target scanning engine node is added into a preset multicast group, an announcement message is sent in the multicast group, and other nodes in the multicast group send response messages carrying respective scanning engine information after receiving the announcement message;
and the target scanning engine node receives response messages returned by other nodes, establishes a neighbor list, selects the main scanning engine node according to the selection strategy of the main scanning engine node, the scanning engine information in the neighbor list and the scanning engine information of the target scanning engine node, and executes the asset automatic scanning task by the selected main scanning engine node.
Further, the executing, by the selected master scanning engine node, the asset auto-scanning task includes:
if the selected main scanning engine node is the original main scanning engine node of other nodes, the target scanning engine node registers to the original main scanning engine node, the original main scanning engine node carries latest engine capability information to register to a scheduling server for keeping alive, and the original main scanning engine node executes an asset automatic scanning task;
if the selected main scanning engine node is the target scanning engine node, initiating a main scanning engine node change request, changing the target scanning engine node into a new main scanning engine node, carrying latest engine capability information to register to a scheduling server for keeping alive, and executing an asset automatic scanning task by the target scanning engine node.
Further, the initiating a change request of the master scan engine node and changing the target scan engine node into a new master scan engine node includes:
the target scanning engine node sends a main scanning engine change request in the multicast group, and other nodes in the multicast group receive the main scanning engine change request and return an approval or rejection message according to a selection strategy of the main scanning engine node;
the target scanning engine node receives the information of agreement or rejection returned by other nodes, if the number of the agreed other nodes exceeds the set threshold value, the main scanning engine node of the target scanning engine node is modified into the target scanning engine node;
the target scanning engine node is used as a new main scanning engine node to acquire asset scanning task information from the original main scanning engine node;
the target scanning engine node sends a main scanning engine change result in the multicast group, after other nodes in the multicast group receive the main scanning engine change result, the original main scanning engine node is changed into a new main scanning engine node, and when the original main scanning engine node receives the main scanning engine change result, the original main scanning engine node sends a message to the scheduling server to inform the scheduling server to modify the main scanning engine node into the new main scanning engine node.
Further, the asset scanning method further includes:
the target scanning engine node sends an online confirmation message in the multicast group at regular time;
after receiving on-line confirmation messages sent by other nodes, the target scanning engine node updates the latest sending time of the corresponding node, and when finding that the latest sending time of one node exceeds a preset time interval, the target scanning engine node notifies the main scanning engine node so that the main scanning engine node determines whether the overtime node is off-line or not, and if the overtime node is off-line, the target scanning engine node sends an off-line notification to a multicast group and reports latest engine capability information to a scheduling server;
and after receiving the off-line notification sent by the main scanning engine node, the target scanning engine node deletes the corresponding off-line node from the neighbor list.
Further, the asset scanning method further includes:
when discovering that the keep-alive time of the main scanning engine node exceeds a preset keep-alive interval, the target scanning engine node sends an inquiry request of the main scanning engine node in the multicast group, other nodes in the multicast group communicate with the main scanning engine node after receiving the inquiry request, and a confirmation result is returned to the scanning engine sending the inquiry request when the main scanning engine is offline;
and the target scanning engine node receives the confirmation results of other nodes, and if the main scanning engine node is confirmed to be offline, the main scanning engine node is reselected according to the selection strategy of the main scanning engine node.
The present application further provides an asset scanning apparatus for scanning assets in a network, where the network includes a scheduling server and a plurality of scan engine nodes, and the asset scanning apparatus, applied to a scan engine, includes:
the selection strategy acquisition module is used for communicating with the scheduling server and acquiring a selection strategy of the main scanning engine node;
the discovery module is used for joining a preset multicast group and sending a notification message in the multicast group, and other nodes in the multicast group send response messages carrying respective scanning engine information after receiving the notification message;
and the selection module is used for receiving response messages returned by other nodes, establishing a neighbor list, selecting a main scanning engine node according to the selection strategy of the main scanning engine node, the scanning engine information in the neighbor list and the scanning engine information of the main scanning engine node, and executing an asset automatic scanning task by the selected main scanning engine node.
Further, the selection module performs the following operations when the selected main scanning engine node executes the asset automatic scanning task:
if the selected main scanning engine node is the original main scanning engine node of other nodes, registering to the original main scanning engine node, wherein the original main scanning engine node carries latest engine capability information to register to a scheduling server for keeping alive, and executing an asset automatic scanning task by the original main scanning engine node;
if the selected main scanning engine node is the scanning engine, initiating a main scanning engine node change request, changing the scanning engine to a new main scanning engine node, carrying the latest engine capability information to register to a scheduling server for keeping alive, and executing an asset automatic scanning task by the scanning engine.
Further, when initiating a change request of the master scanning engine node and changing the scanning engine itself into a new master scanning engine node, the selection module executes the following operations:
sending a main scanning engine change request in the multicast group, and returning an agreement or rejection message according to a selection strategy of the main scanning engine node after other nodes in the multicast group receive the main scanning engine change request;
receiving the information of agreement or rejection returned by other nodes, and if the number of the agreed other nodes exceeds the set threshold value, modifying the main scanning engine node of the main scanning engine node into the main scanning engine node;
as a new main scanning engine node, acquiring asset scanning task information from an original main scanning engine node;
and sending a main scanning engine change result in the multicast group, changing the original main scanning engine node into a new main scanning engine node after other nodes in the multicast group receive the main scanning engine change result, sending a message to the scheduling server when the original main scanning engine node receives the main scanning engine change result, and informing the scheduling server to modify the main scanning engine node into the new main scanning engine node.
Further, the asset scanning device further includes:
the online confirmation module is used for sending online confirmation information in the multicast group at regular time; after receiving on-line confirmation messages sent by other nodes, updating the latest sending time of the corresponding node, and when finding that the latest sending time of one node exceeds a preset time interval, notifying the main scanning engine node so that the main scanning engine node determines whether the overtime node is off-line or not, if so, sending an off-line notification to a multicast group, and reporting latest engine capability information to a scheduling server; and after receiving the offline notification sent by the main scanning engine node, deleting the corresponding offline node from the neighbor list.
Further, the asset scanning device further includes:
the keep-alive module is used for sending an inquiry request of the main scanning engine node in the multicast group after the keep-alive time between the discovery and the main scanning engine node exceeds a preset keep-alive interval, communicating with the main scanning engine node after other nodes in the multicast group receive the inquiry request, and returning a confirmation result to a scanning engine sending the inquiry request when the main scanning engine is found to be offline; and receiving confirmation results of other nodes, and if the main scanning engine node is confirmed to be offline, reselecting the main scanning engine node according to the selection strategy of the main scanning engine node.
The asset scanning method and the device select the main scanning engine node by joining the multicast group and sending the notification message in the multicast group, and if the current main scanning engine node is the original main scanning engine node in the system, the scanning engine registers to the main scanning engine node. If the scanning engine determines that the latest master node changes according to the selection strategy of the scanning engine node, all the scanning engines register to the new master scanning engine node and modify the information of the master scanning engine node after notifying other scanning engines of the message and obtaining the consent of other scanning engines. And the asset scanning task and other engine information on the original scanning engine are synchronously sent to the new main scanning engine node. Meanwhile, the original scanning engine informs the scheduling server of the new node information of the main scanning engine. According to the technical scheme, only one scanning engine in the same private network can be ensured to register with the scheduling server, so that the asset automatic scanning task can be ensured to be issued only once in the same private network, the load of the scheduling server is reduced, the resource waste of the scanning engine is reduced, and the asset automatic scanning task is prevented from being repeatedly executed in the same network.
Drawings
FIG. 1 is a schematic diagram of a network structure of an application environment of the present application;
FIG. 2 is a schematic flow chart of an asset scanning method of the present application;
FIG. 3 is a flowchart illustrating updating of a main scan engine according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The asset scanning method provided by the application can be applied to the application environment shown in fig. 1. In the field of information asset management, how to quickly and effectively discover network assets is a great importance. Only if the assets in the network are found, further work such as security precaution can be carried out on the basis of the assets. While asset scanning is the primary means of asset discovery, typically employing a distributed deployment scheme as shown in fig. 1. The network shown in fig. 1 includes a scheduling server and a plurality of scan engine nodes, the scheduling server is deployed in a public network or other networks, and the scan engine is deployed in a public network or private network. Asset scanning in addition to the conventional user active scanning mode, the scanning engine auto-scan detection functionality is supported. In the automatic scanning detection task, only one scanning engine in a private network needs to execute the asset automatic scanning task, and other scanning engines can execute other active scanning tasks.
In one embodiment, as shown in fig. 2, an asset scanning method is provided for scanning assets in a network, where the network includes a scheduling server and a plurality of scan engine nodes, and the asset scanning method of this embodiment is applied to the scan engine nodes, and includes:
the target scanning engine node communicates with the scheduling server to obtain a selection strategy of the main scanning engine node;
the target scanning engine node joins a preset multicast group, an announcement message is sent in the multicast group, and other nodes in the multicast group send response messages carrying respective scanning engine information after receiving the announcement message;
and the target scanning engine node receives response messages returned by other nodes, establishes a neighbor list, selects the main scanning engine node according to the selection strategy of the main scanning engine node, the scanning engine information in the neighbor list and the scanning engine information of the target scanning engine node, and executes the asset automatic scanning task by the selected main scanning engine node.
Specifically, the scheduling server is deployed in a public network or an external network as a central scheduling node for asset scanning, and the scanning engine may be deployed in the public network or the external network, or may be deployed in a private network or an internal network. Because the scheduling server of the public network cannot directly access the scanning engine in the private network without performing NAT mapping, the scanning engine is actively used in this embodiment to obtain the asset scanning task from the scheduling server.
After the scan engine is deployed, the scan engine needs to be configured with the IP address of the dispatch server in the public network. When the scanning engine is on line, the scanning engine firstly communicates with the scheduling server to obtain the selection strategy of the main scanning engine node.
Taking fig. 1 as an example, the scan engine carries its own IP address in a message communicated with the dispatch server, and when the dispatch server receives the message, the scan engine extracts the IP address of the scan engine carried in the message in the private network and the source IP address sent by the message, and if the two IP addresses are not consistent, the scan engine is considered to be in the private network or not in the same network as the dispatch server. If the two IP addresses are consistent, the scanning engine is not considered to be in a private network or in the same network as the scheduling server. The dispatch server returns the detection result to the scan engine. If the scanning engine is not in the private network or the scanning engine and the scheduling server are in the same network, the scanning engine directly registers to the scheduling server and carries the information of the engine capability and the like of the scanning engine if the scanning engine is determined not to be in the private network or the scanning engine and the scheduling server are in the same network. After the scanning engine is successfully registered, the asset scanning task can be normally acquired from the scheduling server and the asset scanning work is carried out. This is a relatively mature technology in real applications and will not be described here.
The present embodiment mainly considers the case where the scan engine is in a private network or not in the same network as the dispatch server. At this time, in the network where the current scanning engine is located, only one scanning engine needs to execute the automatic scanning detection task, and other scanning engines can execute other active scanning tasks, so that the resource utilization rate is improved to the maximum extent, and the resource waste is reduced.
The present application takes one scan engine as an example, and is applicable to any scan engine in a network, for example, taking the scan engine 3 in the network of fig. 1 as an example, and in the present application, the scan engine 3 is also referred to as a target scan engine node, and details are not described below.
For this purpose, the scheduling server issues the selection policy of the main scanning engine node to the target scanning engine node in communication with the target scanning engine node. The selection policy of the main scanning engine node can be customized, and for example, the selection policy can be selected according to the size of the IP address of the scanning engine or the size of the engine capability of the scanning engine. In the following description, the present embodiment is selected according to the size of the engine capability of the scan engine, and the larger the engine capability is, the larger the engine capability becomes the master scan engine node.
For example, the scan engine 3 in fig. 1 communicates with a scheduling server, and the scheduling server sends the selection policy of the main scan engine node to the scan engine 3 when finding that the scan engine 3 is in a private network or not in the same network as the scheduling server.
After the selection strategy of the main scanning engine node is obtained, for the condition that a plurality of scanning engines exist in a network, one main scanning engine node can be selected to execute an asset automatic scanning task, and other scanning engines can execute other active scanning tasks, so that the resource utilization rate is improved to the maximum extent, and the resource waste is reduced.
In this embodiment, when the target scan engine node is online, a predetermined specific multicast group is added first, for example, the multicast address is 234.255.255.110, and the port is 12000. It will be readily appreciated that all scan engines within a private network join the same multicast group so that messages can be sent and received in the multicast group.
For example, the scan engines 3, 4, and 5 are all in the same private network, and join a multicast group with a multicast address of 234.255.255.110 and a port of 12000, and they can communicate with each other through the multicast group. Similarly, the scan engines 6, 7, 8 are in the same private network, they may all join the same multicast group, and the scan engines 6, 7, 8 communicate via the multicast group.
As shown in fig. 3, in a multicast group, a scan engine reports periodically, for example, sends an announcement message in the multicast group every 30 seconds, where the message carries its own unique identifier, its own scan engine information, and its own current primary scan engine node information. The unique identifier of the scanning engine can be generated by UUID; the own scanning engine information can be the own IP address or the engine capability and the like; the current master scan engine node information may be an IP address or a MAC address of the master scan engine node, as long as they can communicate with each other according to the information.
For the scan engine that comes online for the first time, the IP address of the primary scan engine node is null. If the determined main scanning engine node exists on the network, the IP address of the determined main scanning engine node is carried.
For example, the content carried by the notification message sent by the scanning engine 3 is shown in the following table:
unique identification IP address Capability of engine Current master node
Engine-d2024d8aa0b1a943 192.168.1.100 100 NULL
TABLE 1
In the above embodiment, the own scan engine information includes the IP address and the engine capability, and the current master scan engine node is empty.
When other scan engines 4 and 5 in the multicast group receive the notification message, the information of the scan engine 3 carried in the message is analyzed, and the scan engine 3 is added to its own engine neighbor list. And returns its own scan engine information to the scan engine 3 through a response message. That is, in the present application, after receiving an advertisement message sent by another node, the scan engine will add the scan engine that sent the advertisement message into its own engine neighbor list.
If the target scanning engine node does not receive the response of other scanning engine nodes within the preset message timeout time, the main scanning engine node on the target scanning engine node is set as the IP address of the main scanning engine node, namely the main scanning engine node is determined as the main scanning engine node. And if response messages of other scanning engines are received within the preset message timeout time, adding the information of the scanning engines into an engine neighbor list of the target scanning engine node.
Illustratively, the preset message timeout time is 10 seconds, and if the scan engine 3 does not receive a response message sent by another scan engine within the timeout time, the scan engine node on the scan engine 3 is set to its own IP address. If response messages of other scan engines are received within 10 seconds, the information of these scan engines is added to the engine neighbor list of the scan engine 3. For example, the engine neighbor list of the scanning engine 3 is shown in the following table:
unique identification IP address Capability of engine Current master node
Engine-3cb59b0821404985 192.168.1.110 80 192.168.1.250
Engine-877c617db32c371a 192.168.1.250 120 192.168.1.250
TABLE 2
In table 2, the IP address of the primary scan engine node in the scan engines 4 and 5 is 192.168.1.250, i.e. the scan engine 5. That is, in the private network where the scan engines 3, 4, 5 are located, the original master scan engine node is the scan engine 5.
The scanning engine 3 judges which scanning engine node the current scanning engine master node is according to the engine neighbor list and the master scanning engine node selection strategy. For example, the selection policy of the present embodiment is to select according to the size of the engine capability, since the engine capability of the scan engine 3 is 100, the engine capability of the scan engine 5 is 120, and since the scan engine 3 does not have the large engine capability of the scan engine 5, the scan engine 3 determines that the current main scan engine is the scan engine 5, and then the scan engine 3 directly registers with the original main scan engine node (scan engine 5).
If the engine capability of the current scan engine 3 is 150, the selected main scan engine node is the target scan engine node itself, i.e. the scan engine 3, because the engine capability is higher than that of all other scan engines.
After one main scanning engine node is selected, the selected main scanning engine node executes the asset automatic scanning task, and other scanning engines can execute other active scanning tasks, so that the resource utilization rate is improved to the maximum extent, and the resource waste is reduced.
In one embodiment, the asset auto-scan task is performed by the selected master scan engine node, including the following two cases:
in the first case, if the selected main scanning engine node is the original main scanning engine node of other nodes, the target scanning engine node registers to the original main scanning engine node, the original main scanning engine node carries the latest engine capability information to register to the scheduling server for keep alive, and the original main scanning engine node executes the asset automatic scanning task.
And in the second situation, if the selected main scanning engine node is the target scanning engine node, initiating a main scanning engine node change request, changing the target scanning engine node into a new main scanning engine node, carrying latest engine capability information to register and keep alive to the scheduling server, and executing an asset automatic scanning task by the target scanning engine node.
In the first case, that is, the engine capability of the scan engine 3 is 100, and the engine capability of the scan engine 5 is 120, since the scan engine 3 has no large engine capability of the scan engine 5, the scan engine 5 is the main scan engine selected by the scan engine 3. Since the other scan engines 4, 5 have set their own master scan engine's IP address to 192.168.1.250, the scan engine 3 need not initiate notification of master node change to the other scan engines.
Since the master scan engine node in the private network is not changed, only the newly added scan engine 3 needs to register with the original master scan engine node. After receiving the registration of the scan engine 3, the master scan engine node needs to register with the scheduling server to keep alive with the engine capability information if the engine capability is changed. The engine capability that needs to be carried when registering with the scheduling server is the sum of the engine capability of the scheduling server and the engine capabilities of all the scanning engines in the scanning engine neighbor list, that is, the current engine capability of the primary scanning engine node is: scan engine 3+ scan engine 4+ scan engine 5, i.e., 100+80+120=300. At this time, the main scanning engine node in the private network is not changed, and the original main scanning engine node still executes the asset automatic scanning task.
For the second case, i.e., if the engine capability of the current scan engine 3 is 150, since the engine capability is higher than that of all other scan engines, a change of the main scan engine needs to occur. At this time, the scan engine 3 will execute a main scan engine node change operation, specifically:
the target scanning engine node sends a main scanning engine change request in the multicast group, and other nodes in the multicast group receive the main scanning engine change request and return an approval or rejection message according to a selection strategy of the main scanning engine node;
the target scanning engine node receives the information of agreement or rejection returned by other nodes, and if the number of the agreed other nodes exceeds the set threshold value, the main scanning engine node of the target scanning engine node is modified to be the target scanning engine node;
the target scanning engine node is used as a new main scanning engine node to acquire asset scanning task information from the original main scanning engine node;
the target scanning engine node sends a main scanning engine change result in the multicast group, after other nodes in the multicast group receive the main scanning engine change result, the original main scanning engine node is changed into a new main scanning engine node, and when the original main scanning engine node receives the main scanning engine change result, the original main scanning engine node sends a message to the scheduling server to inform the scheduling server to modify the main scanning engine node into the new main scanning engine node.
Specifically, the scan engine 3 sends a main scan engine change request in the multicast group, requesting to set the main scan engine node as the scan engine 3, that is, the IP address is 192.168.1.100.
And when other scanning engines receive the main scanning engine change request, judging whether the engine capability of the scanning engine corresponding to the IP address of the main scanning engine node carried in the request message is highest, if so, returning an agreement, and otherwise, returning a rejection. Normally, the neighbor list learned by each scan engine plus its own IP address should be the same, so that either full agreement or full rejection should occur, and theoretically, partial agreement or partial rejection should not occur.
The scanning engine of the embodiment receives the information of approval or rejection returned by other nodes, and if the number of the approved other nodes exceeds the set threshold, the scanning engine modifies the own main scanning engine node into itself. For example, if more than half of the agreed votes in the neighbor list of the scan engine are received, the scan engine 3 modifies its own primary scan engine node to its own IP address 192.168.1.100 according to the feedback received from the other scan engines.
After the scan engine 3 modifies its own master scan engine node information, the new master scan engine node 192.168.1.100 obtains the asset scan task information on the original master scan engine node from the original master scan engine node 192.168.1.250. The asset scanning task information contains which tasks are performed on which engines. The scan engine 3 then sends the main-scan engine change result within the multicast group. After receiving the change result of the main scanning engine, other scanning engines in the multicast group change the main scanning engine of the scanning engine to the main scanning engine node in the notification, and all other scanning engine nodes need to register to a new main scanning engine node. Each scan engine sends the results of the asset scanning task to the new master scan engine node. When the original main scanning engine receives the change result of the main scanning engine, the original main scanning engine sends a message to the scheduling server to inform the scheduling server that the IP address of the node modification of the main scanning engine of the current private network is 192.168.1.100. The scanning engine 3 as a new primary scanning engine node needs to register to the scheduling server for keep alive, and carries the latest engine capability information when registering for keep alive, wherein the latest engine capability information is the sum of the engine capability of the scanning engine 3 and the engine capabilities of all the scanning engines in the scanning engine neighbor list, namely 150+80+120=350.
And when receiving the change result of the main scanning engine, the original main scanning engine node sends a message to the scheduling server to inform the scheduling server to modify the main scanning engine node into a new main scanning engine node. And when the scheduling server receives the notification of the change of the main scanning engine node, switching the task information of the original main scanning engine node recorded on the scheduling server to a new main scanning engine node. After the scan engine 3 becomes the new master scan cause, the asset auto-scan task will be performed by the scan engine 3 within the private network.
It should be noted that, after selecting a new master scan engine node, how to notify other nodes in the multicast group to change the master scan engine is not limited in the present application. For example, the above embodiment may be a method in which the scan engine 3 transmits a main scan engine change request and then transmits a main scan engine change result. Or only once sending the change request of the main scanning engine, after receiving the change request, if returning the agreement, then modifying the IP of the main scanning engine node of the node itself to be the IP address of the scanning engine 3. If rejection is returned, no modification is made.
In one embodiment, the asset scanning method further comprises:
the target scanning engine node sends an online confirmation message in the multicast group at regular time;
after receiving on-line confirmation messages sent by other nodes, the target scanning engine node updates the latest sending time of the corresponding node, and when finding that the latest sending time of one node exceeds a preset time interval, the target scanning engine node notifies the main scanning engine node so that the main scanning engine node determines whether the overtime node is off-line or not, and if the overtime node is off-line, the target scanning engine node sends an off-line notification to a multicast group and reports latest engine capability information to a scheduling server;
and after receiving the off-line notification sent by the main scanning engine node, the target scanning engine node deletes the corresponding off-line node from the neighbor list.
Specifically, each scan engine periodically sends an online acknowledgement message in the multicast group. And after receiving the on-line confirmation message, other scanning engines update the latest sending time of the corresponding scanning engine. For example, if the scan engine 3 finds that the distance between the latest transmission time of the scan engine 4 and the latest transmission time of the scan engine 4 has now exceeded 3 keep-alive intervals, for example, 3 × 30=90 seconds, then the scan engine 3 notifies the master scan engine node (assuming that the current master scan engine node is the scan engine 5), and then the master scan engine node (i.e., the scan engine 5) performs a communication test with the scan engine 4 which is a timeout node. If the scan engine 4 does not respond, then the scan engine 4 is considered to be offline, and the main scan engine node initiates a designated scan engine offline notification into the multicast group, informing other scan engines to delete the scan engine 4 from the scan engine neighbor list. The scan engine 3 receives the offline notification and removes the scan engine 4 from the scan engine neighbor list.
And simultaneously, the main scanning engine sends an engine capacity change notification to the scheduling server, and reports the deleted total engine capacity of the scanning engine to the scheduling server. Meanwhile, the main scanning engine node recovers the tasks on the offline scanning engine 4 and issues the tasks to other scanning engines in the scanning engine neighbor list.
In one embodiment, the asset scanning method further comprises:
when discovering that the keep-alive time between the target scanning engine node and the main scanning engine node exceeds a preset keep-alive interval, sending an inquiry request of the main scanning engine node in a multicast group, communicating with the main scanning engine node after other nodes in the multicast group receive the inquiry request, and returning a confirmation result to a scanning engine sending the inquiry request when the main scanning engine is found to be offline;
and the target scanning engine node receives the confirmation results of other nodes, and if the main scanning engine node is confirmed to be offline, the main scanning engine node is reselected according to the selection strategy of the main scanning engine node.
Specifically, if other non-main scanning engine nodes find that the main scanning engine node has overtime 3 keep-alive intervals, the main scanning engine node inquiry request is sent in the multicast group. For example, the scan engine 3 finds that the main scan engine node (scan engine 5) keep alive timeout, and sends a main scan engine node query request.
When receiving the query request, other scan engines, for example, the scan engine 4, resolves the IP address of the main scan engine carried in the query request. Communicates with the scan engine 5 and, if the scan engine 5 does not respond, confirms that the scan engine 5 has indeed gone offline and returns offline to the scan engine 3 which sent the inquiry message. If the scan engine 5 responds normally, it is confirmed that the scan engine 5 is still online and returns online to the scan engine 3 that sent the query message.
And the scanning engine 3 sending the inquiry message confirms whether the main scanning engine node is offline or not according to the online condition returned by the scanning engine 4 receiving the inquiry request. When there are multiple scan engines in the private network, a judgment threshold value is set, and when the number of scan engine nodes returning to online exceeds the judgment threshold value, it indicates that the main scan engine node is still online, and the inquiry is finished without modification. Or when the number of the scanning engine nodes returning to the offline state exceeds the judgment threshold value, the main scanning engine node is indicated to be offline, and the latest main scanning engine node is selected according to the selection strategy of the main scanning engine node. And meanwhile, the main scanning engine node is modified into the latest main scanning engine node. The changes of the new main scanning engine node have been explained in detail in the previous embodiments, and are not described herein again.
After the scanning engine completes the selection of the main scanning engine node, other subsequent scanning engines acquire the task from the scanning engine and report the task result. And then the main scanning engine node forwards the corresponding task acquisition request and the task reporting result to the scheduling server. For example, an engine requests a get task from the master scan engine node. The main scanning engine forwards the task request to the scheduling server and carries the engine capability information of the scanning engine requesting the task. And the scheduling server sends the corresponding asset scanning task to the main scanning engine node according to the engine capacity of the request engine. And the main scanning engine node records the asset scanning task information in an asset scanning task distribution table of the main scanning engine node and forwards the asset scanning task information to the requested scanning engine. If the execution of the asset scanning task of the scanning engine is finished, the result is reported to the main scanning engine node, and the main scanning engine node forwards the asset scanning task result to the scheduling server. Thus the entire asset scanning task flow is complete.
The embodiment only allows on the main scanning engine node for the asset automatic scanning task. Other non-master scan engine nodes cannot acquire the asset auto-scan task. If the main scanning engine node is changed, the asset automatic scanning task on the original main scanning engine node is required to be cancelled, the asset automatic scanning task is transferred to a new main scanning engine node, and the automatic scanning task information change operation on the scheduling server is completed. The task information change operation may be completed together when the master scan engine node initiates a master scan engine node change to the scheduling server.
By the scheme, only one scanning engine in one private network can be ensured to be communicated with the scheduling server, so that only one scanning engine in the same private network can be ensured to execute the asset automatic scanning task. Meanwhile, because other scanning engines are not directly communicated with the scheduling server any more, the service pressure of the scheduling server can be reduced, and the performance of the whole scanning system can be improved.
In one embodiment, the present application further provides an asset scanning apparatus for scanning assets in a network, where the network includes a scheduling server and a plurality of scan engine nodes, and the asset scanning apparatus, applied to a scan engine, includes:
the selection strategy acquisition module is used for communicating with the scheduling server and acquiring a selection strategy of the main scanning engine node;
the discovery module is used for joining a preset multicast group and sending an announcement message in the multicast group, and other nodes in the multicast group send response messages carrying respective scanning engine information after receiving the announcement message;
and the selection module is used for receiving response messages returned by other nodes, establishing a neighbor list, selecting a main scanning engine node according to the selection strategy of the main scanning engine node, the scanning engine information in the neighbor list and the scanning engine information of the main scanning engine node, and executing an asset automatic scanning task by the selected main scanning engine node.
It should be noted that the asset scanning device of this embodiment may be applied to any scanning engine, and for specific limitations of the asset scanning device, reference may be made to the above limitations of the asset scanning method, and details are not described herein again. The various modules in the asset scanning device described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, the selection module performs the following operations when the asset auto-scan task is executed by the selected master scan engine node:
if the selected main scanning engine node is the original main scanning engine node of other nodes, registering the selected main scanning engine node to the original main scanning engine node, wherein the original main scanning engine node carries the latest engine capability information to register the original main scanning engine node to a scheduling server for keeping alive, and executing an asset automatic scanning task by the original main scanning engine node;
if the selected main scanning engine node is the scanning engine, initiating a main scanning engine node change request, changing the scanning engine to a new main scanning engine node, carrying the latest engine capability information to register to a scheduling server for keeping alive, and executing an asset automatic scanning task by the scanning engine.
In one embodiment, when initiating a change request of a master scan engine node and changing a scan engine itself to a new master scan engine node, the selection module performs the following operations:
sending a main scanning engine change request in the multicast group, and returning an approval message or a rejection message according to a selection strategy of the main scanning engine node after other nodes in the multicast group receive the main scanning engine change request;
receiving the information of agreement or rejection returned by other nodes, and if the number of the agreed other nodes exceeds the set threshold value, modifying the main scanning engine node of the main scanning engine node into the main scanning engine node;
as a new main scanning engine node, acquiring asset scanning task information from an original main scanning engine node;
and sending a main scanning engine change result in the multicast group, changing the original main scanning engine node into a new main scanning engine node after other nodes in the multicast group receive the main scanning engine change result, sending a message to the scheduling server when the original main scanning engine node receives the main scanning engine change result, and informing the scheduling server to modify the main scanning engine node into the new main scanning engine node.
In one embodiment, the asset scanning device further comprises:
the online confirmation module is used for regularly sending online confirmation information in the multicast group; after receiving on-line confirmation messages sent by other nodes, updating the latest sending time of the corresponding node, and when finding that the latest sending time of one node exceeds a preset time interval, notifying the main scanning engine node so that the main scanning engine node determines whether the overtime node is off-line or not, if so, sending an off-line notification to a multicast group, and reporting latest engine capability information to a scheduling server; and after receiving the offline notification sent by the main scanning engine node, deleting the corresponding offline node from the neighbor list.
In one embodiment, the asset scanning device further comprises:
the keep-alive module is used for sending an inquiry request of the main scanning engine node in the multicast group after the keep-alive time between the discovery and the main scanning engine node exceeds a preset keep-alive interval, communicating with the main scanning engine node after other nodes in the multicast group receive the inquiry request, and returning a confirmation result to a scanning engine sending the inquiry request when the main scanning engine is found to be offline; and receiving confirmation results of other nodes, and if the main scanning engine node is confirmed to be offline, reselecting the main scanning engine node according to a selection strategy of the main scanning engine node.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, and these are all within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (8)

1. An asset scanning method for scanning assets in a network, the network comprising a scheduling server and a plurality of scan engine nodes, the asset scanning method comprising:
the target scanning engine node communicates with the scheduling server to obtain a selection strategy of the main scanning engine node;
the target scanning engine node joins a preset multicast group, an announcement message is sent in the multicast group, and other nodes in the multicast group send response messages carrying respective scanning engine information after receiving the announcement message;
the target scanning engine node receives response messages returned by other nodes, establishes a neighbor list, selects a main scanning engine node according to a selection strategy of the main scanning engine node, scanning engine information in the neighbor list and scanning engine information of the target scanning engine node, and executes an asset automatic scanning task by the selected main scanning engine node;
a target scanning engine node sends an online confirmation message in a multicast group at regular time;
after receiving on-line confirmation messages sent by other nodes, the target scanning engine node updates the latest sending time of the corresponding node, and when finding that the latest sending time of one node exceeds a preset time interval, the target scanning engine node notifies the main scanning engine node so that the main scanning engine node determines whether the overtime node is off-line or not, and if the overtime node is off-line, the target scanning engine node sends an off-line notification to a multicast group and reports latest engine capability information to a scheduling server;
and after receiving the off-line notification sent by the main scanning engine node, the target scanning engine node deletes the corresponding off-line node from the neighbor list.
2. The asset scanning method of claim 1, wherein performing an asset auto-scan task by the selected master scan engine node comprises:
if the selected main scanning engine node is the original main scanning engine node of other nodes, the target scanning engine node registers to the original main scanning engine node, the original main scanning engine node carries latest engine capability information to register to a scheduling server for keeping alive, and the original main scanning engine node executes an asset automatic scanning task;
if the selected main scanning engine node is the target scanning engine node, initiating a main scanning engine node change request, changing the target scanning engine node into a new main scanning engine node, carrying the latest engine capability information to register to a scheduling server for keeping alive, and executing an asset automatic scanning task by the target scanning engine node.
3. The asset scanning method of claim 2, wherein said initiating a master scan engine node change request to change the target scan engine node itself to a new master scan engine node comprises:
the target scanning engine node sends a main scanning engine change request in the multicast group, and other nodes in the multicast group receive the main scanning engine change request and return an approval or rejection message according to a selection strategy of the main scanning engine node;
the target scanning engine node receives the information of agreement or rejection returned by other nodes, and if the number of the agreed other nodes exceeds the set threshold value, the main scanning engine node of the target scanning engine node is modified to be the target scanning engine node;
the target scanning engine node is used as a new main scanning engine node to acquire asset scanning task information from the original main scanning engine node;
the target scanning engine node sends a main scanning engine change result in the multicast group, after other nodes in the multicast group receive the main scanning engine change result, the original main scanning engine node is changed into a new main scanning engine node, and when the original main scanning engine node receives the main scanning engine change result, the original main scanning engine node sends a message to the scheduling server to inform the scheduling server to modify the main scanning engine node into the new main scanning engine node.
4. The asset scanning method of claim 1, further comprising:
when discovering that the keep-alive time between the target scanning engine node and the main scanning engine node exceeds a preset keep-alive interval, sending an inquiry request of the main scanning engine node in a multicast group, communicating with the main scanning engine node after other nodes in the multicast group receive the inquiry request, and returning a confirmation result to a scanning engine sending the inquiry request when the main scanning engine is found to be offline;
and the target scanning engine node receives the confirmation results of other nodes, and if the main scanning engine node is confirmed to be offline, the main scanning engine node is reselected according to the selection strategy of the main scanning engine node.
5. An asset scanning apparatus for scanning assets in a network, the network including a scheduling server and a plurality of scan engine nodes, the asset scanning apparatus, applied to a scan engine, comprising:
the selection strategy acquisition module is used for communicating with the scheduling server and acquiring a selection strategy of the main scanning engine node;
the discovery module is used for joining a preset multicast group and sending an announcement message in the multicast group, and other nodes in the multicast group send response messages carrying respective scanning engine information after receiving the announcement message;
the selection module is used for receiving response messages returned by other nodes, establishing a neighbor list, selecting a main scanning engine node according to a selection strategy of the main scanning engine node, scanning engine information in the neighbor list and scanning engine information of the main scanning engine node, and executing an asset automatic scanning task by the selected main scanning engine node;
the online confirmation module is used for regularly sending online confirmation information in the multicast group; after receiving on-line confirmation messages sent by other nodes, updating the latest sending time of the corresponding node, and when finding that the latest sending time of one node exceeds a preset time interval, notifying the main scanning engine node so that the main scanning engine node determines whether the overtime node is off-line or not, if so, sending an off-line notification to a multicast group, and reporting latest engine capability information to a scheduling server; and after receiving the offline notification sent by the main scanning engine node, deleting the corresponding offline node from the neighbor list.
6. The asset scanning device of claim 5, wherein the selection module, when executing an asset auto-scan task by the selected master scan engine node, performs the following operations:
if the selected main scanning engine node is the original main scanning engine node of other nodes, registering the selected main scanning engine node to the original main scanning engine node, wherein the original main scanning engine node carries the latest engine capability information to register the original main scanning engine node to a scheduling server for keeping alive, and executing an asset automatic scanning task by the original main scanning engine node;
if the selected main scanning engine node is the scanning engine, initiating a main scanning engine node change request, changing the scanning engine to a new main scanning engine node, carrying the latest engine capability information to register to a scheduling server for keeping alive, and executing an asset automatic scanning task by the scanning engine.
7. The asset scanning device of claim 6, wherein the selection module, when initiating a master scan engine node change request to change the scan engine itself to a new master scan engine node, performs the following operations:
sending a main scanning engine change request in the multicast group, and returning an approval message or a rejection message according to a selection strategy of the main scanning engine node after other nodes in the multicast group receive the main scanning engine change request;
receiving the information of agreement or rejection returned by other nodes, and if the number of the agreed other nodes exceeds the set threshold value, modifying the main scanning engine node of the main scanning engine node into the main scanning engine node;
the method comprises the steps that a new main scanning engine node obtains asset scanning task information from an original main scanning engine node;
and sending a main scanning engine change result in the multicast group, changing the original main scanning engine node into a new main scanning engine node after other nodes in the multicast group receive the main scanning engine change result, sending a message to the scheduling server when the original main scanning engine node receives the main scanning engine change result, and informing the scheduling server to modify the main scanning engine node into the new main scanning engine node.
8. The asset scanning device of claim 5, further comprising:
the keep-alive module is used for sending an inquiry request of the main scanning engine node in the multicast group after the keep-alive time between the discovery and the main scanning engine node exceeds a preset keep-alive interval, communicating with the main scanning engine node after other nodes in the multicast group receive the inquiry request, and returning a confirmation result to a scanning engine sending the inquiry request when the main scanning engine is found to be offline; and receiving confirmation results of other nodes, and if the main scanning engine node is confirmed to be offline, reselecting the main scanning engine node according to the selection strategy of the main scanning engine node.
CN201910943770.2A 2019-09-30 2019-09-30 Asset scanning method and device Active CN112583875B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910943770.2A CN112583875B (en) 2019-09-30 2019-09-30 Asset scanning method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910943770.2A CN112583875B (en) 2019-09-30 2019-09-30 Asset scanning method and device

Publications (2)

Publication Number Publication Date
CN112583875A CN112583875A (en) 2021-03-30
CN112583875B true CN112583875B (en) 2023-04-07

Family

ID=75116852

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910943770.2A Active CN112583875B (en) 2019-09-30 2019-09-30 Asset scanning method and device

Country Status (1)

Country Link
CN (1) CN112583875B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113285955B (en) * 2021-06-03 2022-10-11 上海迈外迪网络科技有限公司 Server, and method and device for scanning intranet equipment of router
CN113676545B (en) * 2021-08-25 2024-03-19 北京明朝万达科技股份有限公司 Equipment asset scanning method, device and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101171821A (en) * 2005-04-13 2008-04-30 诺基亚公司 System, network device, method, and computer program product for active load balancing using clustered nodes as authoritative domain name servers
US8370943B1 (en) * 2009-10-28 2013-02-05 Netapp, Inc. Load balancing of scan requests to all antivirus servers in a cluster
CN104169937A (en) * 2012-04-10 2014-11-26 迈可菲公司 Opportunistic system scanning
CN104320459A (en) * 2014-10-24 2015-01-28 杭州华三通信技术有限公司 Node management method and device
CN104753994A (en) * 2013-12-27 2015-07-01 杭州海康威视系统技术有限公司 Method and device for data synchronization based on cluster server system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2492940B (en) * 2011-01-21 2013-08-28 1E Ltd Locating and retrieving packages over a network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101171821A (en) * 2005-04-13 2008-04-30 诺基亚公司 System, network device, method, and computer program product for active load balancing using clustered nodes as authoritative domain name servers
US8370943B1 (en) * 2009-10-28 2013-02-05 Netapp, Inc. Load balancing of scan requests to all antivirus servers in a cluster
CN104169937A (en) * 2012-04-10 2014-11-26 迈可菲公司 Opportunistic system scanning
CN104753994A (en) * 2013-12-27 2015-07-01 杭州海康威视系统技术有限公司 Method and device for data synchronization based on cluster server system
CN104320459A (en) * 2014-10-24 2015-01-28 杭州华三通信技术有限公司 Node management method and device

Also Published As

Publication number Publication date
CN112583875A (en) 2021-03-30

Similar Documents

Publication Publication Date Title
US20220124147A1 (en) Application relocation method and apparatus
US11070633B2 (en) Pre-association discovery of services
KR102392120B1 (en) Processing method, device and system for nf component abnormality
US20130346504A1 (en) Group communication method and apparatus for group communication
US20060117024A1 (en) Optimizing communication using scaleable peer groups
US20060117026A1 (en) Optimizing communication using scaleable peer groups
CN114616846A (en) Method and system for managing discovery of edge application servers
CN101690337A (en) Managing dense wireless access point infrastructures in wireless local area networks
CN110740490A (en) Terminal network access method, gateway equipment, system, storage medium and device
CN101166357A (en) Method, device and system for spanning heterogenous network calling terminal equipment
CN112583875B (en) Asset scanning method and device
JP2019500792A (en) Group multicast method, group creation method, and mobile network platform
US20230239343A1 (en) Method for dynamically triggering instantiation of edge application server, and apparatus
CN106487583B (en) Method for establishing network connection and local area network system
CN107743154B (en) Tracking and attendance system based on Wi-Fi intelligent terminal and method thereof
WO2016127612A1 (en) Monitoring processing method and device
US9166884B2 (en) Network location service
CN105142116B (en) A kind of the communication network switching method and switching system of smart machine
CN112543212B (en) System for providing request response exact communication delay guarantee for distributed service
CN102325200A (en) Method for rapidly acquiring IPv6 (Internet Protocol Version 6) address and DHCP (Dynamic Host Configuration Protocol) snooping equipment
US7366156B2 (en) Context synchronization method in mobile communication system
JP2022100185A5 (en)
EP2071764A1 (en) A method, device and communication system thereof of electing local master
WO2014067313A1 (en) Method and apparatus for deregistering terminal peripheral
CN111385324A (en) Data communication method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant