CN115514637B - Remote gateway adjusting method and system - Google Patents

Remote gateway adjusting method and system Download PDF

Info

Publication number
CN115514637B
CN115514637B CN202211158166.7A CN202211158166A CN115514637B CN 115514637 B CN115514637 B CN 115514637B CN 202211158166 A CN202211158166 A CN 202211158166A CN 115514637 B CN115514637 B CN 115514637B
Authority
CN
China
Prior art keywords
remote
target
remote gateway
gateway
target object
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211158166.7A
Other languages
Chinese (zh)
Other versions
CN115514637A (en
Inventor
张昕
陈纳
余益丹
彭琼中
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN202211158166.7A priority Critical patent/CN115514637B/en
Publication of CN115514637A publication Critical patent/CN115514637A/en
Application granted granted Critical
Publication of CN115514637B publication Critical patent/CN115514637B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a remote gateway adjusting method and a remote gateway adjusting system. The method is applied to a remote browsing isolation system, and comprises the following steps: determining a target remote gateway from a plurality of alternative distances Cheng Wangguan in response to a browse request sent by a target object; recommending the target remote gateway to the target object, and sending remote resources to the target object through the target remote gateway, wherein the remote resources are used for displaying browsing contents of the target object; in the process of detecting a target object to acquire remote resources, determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with preset conditions; and under the condition that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object so as to adjust the target remote gateway. The application solves the technical problem of slow speed of acquiring browsing content caused by overlong network delay when using a remote isolation system.

Description

Remote gateway adjusting method and system
Technical Field
The application relates to the technical field of communication security, in particular to a remote gateway adjusting method and a remote gateway adjusting system.
Background
Remote browser isolation (Remote Browser Isolation, RBI) is a novel technical scheme for defending against network attacks, by transferring the execution of a browser from user equipment to a secure environment of a remote cloud, so that browser activities are isolated from users, any attempt of malicious software infection through network-based attacks is prevented, an organization can be effectively protected from increasingly complex and severe browser plug-ins, zero-day vulnerabilities, malicious software and other attacks embedded in webpage contents nowadays, the existing remote browser solution mainly provides access services for users through a centralized remote access gateway, related scripts and related events of the browser are remotely operated in a centralized cloud virtualization sandbox, and results are returned to the users locally through replay modes, so that the purpose of security isolation is achieved. It is limited by the traditional access and connection modes of network communication, the website access path of the user can be processed by the remote gateway, and the network delay has larger expenditure, so that the browsing experience of the user is poor.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the application provides a remote gateway adjusting method and a remote gateway adjusting system, which at least solve the technical problem of slow acquisition rate of browsing content caused by overlong network delay when a remote isolation system is used.
According to an aspect of the embodiment of the present application, there is provided a remote gateway adjustment method applied to a remote browsing isolation system, including: responding to a browse request sent by a target object, and determining a target remote gateway from a plurality of alternative distances Cheng Wangguan at least according to the address of the target object and the address of a remote resource site in the browse request; recommending the target remote gateway to the target object, and sending remote resources to the target object through the target remote gateway, wherein the remote resources are used for displaying browsing contents of the target object; in the process of detecting a target object to acquire remote resources, determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with preset conditions; and under the condition that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object so as to adjust the target remote gateway.
Optionally, in response to a browsing request sent by a target object, determining a target remote gateway from a plurality of alternative distances Cheng Wangguan at least according to an address of the target object and a remote resource site address in the browsing request, including: acquiring historical network data of a plurality of alternative remote gateways, wherein the historical network data at least comprises: the method comprises the steps of carrying traffic and equipment access quantity which can be carried by a remote gateway, covering a range which can be covered by the remote gateway, transmitting distance between the remote gateway and a target object, network delay between the remote gateway and the target object and packet loss rate between the remote gateway and the target object; selecting a remote gateway meeting preset conditions from a plurality of alternative remote gateways, and determining the remote gateway as a target remote gateway, wherein the preset conditions at least comprise: the load of the remote gateway meets a preset load condition, the transmission distance between the remote gateway and the target object is smaller than a set distance threshold, the network delay between the remote gateway and the target object is smaller than a first set delay threshold, and the packet loss rate between the remote gateway and the target object is smaller than a first set packet loss rate threshold.
Optionally, the load of the remote gateway satisfies a preset load condition, including: determining a data packet corresponding to the remote resource based on the browsing request, and determining a data stream type corresponding to the data packet based on quintuple information of the data packet; the remote gateway matching the required load is determined according to the load required for the different data stream types.
Optionally, in the process of detecting that the target object acquires the remote resource, determining that the network state of the target remote gateway is abnormal if the network data does not meet the preset condition, including: sending a detection task instruction to the target remote gateway, wherein the detection task instruction is used for indicating the target remote gateway to detect network data of the target remote gateway at the current moment every interval preset time length, and the network data at the current moment at least comprises: network delay between the target remote gateway and the target object and packet loss rate between the target remote gateway and the target object; and determining that the network state of the target object is abnormal under the condition that the network delay between the target remote gateway and the target object is larger than a second set delay threshold or the packet loss rate between the target remote gateway and the target object is larger than a second set packet loss rate threshold.
Optionally, in the case that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object to adjust the target remote gateway, including: increasing the bandwidth between the target remote gateway and the target object under the condition that the network delay between the target remote gateway and the target object is larger than a second set delay threshold; and selecting a first target remote gateway from a plurality of alternative remote gateways to replace the target gateway under the condition that the packet loss rate between the target remote gateway and the target object is larger than a second set packet loss rate threshold.
Optionally, the method further comprises: receiving a selection instruction sent by a target object through the target client under the condition that the target client is installed in the target object; a target remote gateway is determined based on the selection instruction.
Optionally, obtaining historical network data of a plurality of alternative remote gateways includes: acquiring a terminal equipment address set which is connected with a plurality of alternative remote gateways; selecting a preset address section from the address set for each interval preset time length; and acquiring historical network data between the terminal equipment corresponding to the preset address section and the plurality of alternative remote gateways as the historical network data of the plurality of alternative remote gateways.
According to another aspect of the embodiment of the present application, there is also provided a remote gateway adjustment system, including: the system comprises a scheduling module, a mapping module and a gateway module, wherein the gateway module comprises a plurality of alternative remote gateways; the scheduling module is used for responding to the browse request sent by the target object, and determining a target remote gateway from a plurality of alternative remote Cheng Wangguan at least according to the address of the target object and the address of the remote resource site in the browse request; recommending the target remote gateway to the target object, and sending remote resources to the target object through the target remote gateway, wherein the remote resources are used for displaying browsing contents of the target object; the scheduling module is also used for detecting network data of the target remote gateway in the process of obtaining the remote resources by the target object, and determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with preset conditions; under the condition that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object so as to adjust the target remote gateway; the mapping module is used for acquiring historical network data of a plurality of alternative remote gateways and network data of a target remote gateway; the gateway module is used for sending the remote resource to the target object and adjusting the target remote gateway according to the adjustment scheme.
According to still another aspect of the embodiments of the present application, there is further provided a nonvolatile storage medium, where the nonvolatile storage medium includes a stored program, and when the program runs, a device on which the nonvolatile storage medium is controlled to execute the remote gateway adjustment method described above.
According to still another aspect of the embodiment of the present application, there is further provided a communication device including a memory and a processor, where the processor is configured to execute a program, and the program executes the remote gateway adjustment method.
In the embodiment of the application, a browse request sent by responding to a target object is adopted, and a target remote gateway is determined from a plurality of alternative remote Cheng Wangguan at least according to the address of the target object and the address of a remote resource site in the browse request; recommending the target remote gateway to the target object, and sending remote resources to the target object through the target remote gateway, wherein the remote resources are used for displaying browsing contents of the target object; in the process of detecting a target object to acquire remote resources, determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with preset conditions; under the condition that the network state of the target remote gateway is abnormal, an adjustment scheme is issued to the target remote gateway and the target object so as to adjust the target remote gateway, the target remote gateway is determined from a plurality of alternative distances Cheng Wangguan through the address of the target object and the address of the remote resource site, and the network state of the target remote gateway is monitored so as to adjust in real time, thereby achieving the aim of matching the target object with the optimal remote gateway, further realizing the technical effect of reducing network delay, and further solving the technical problem of slow browsing content acquisition rate caused by overlong network delay when a remote isolation system is used.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
fig. 1 is a block diagram of a hardware architecture of a computer terminal (or mobile device) for a remote gateway adjustment method according to an embodiment of the present application;
FIG. 2 is a flow chart of a remote gateway adjustment method according to the present application;
FIG. 3 is a schematic diagram of an alternative remote browsing isolation system architecture in accordance with an embodiment of the present application;
FIG. 4 is a schematic diagram of an alternative remote gateway tuning system according to an embodiment of the application;
Fig. 5 is a schematic diagram of another alternative remote gateway tuning system according to an embodiment of the application.
Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In accordance with an embodiment of the present application, there is also provided an embodiment of a customer service work order allocation method, it being noted that the steps shown in the flowchart of the figures may be performed in a computer system, such as a set of computer executable instructions, and that, although a logical order is shown in the flowchart, in some cases, the steps shown or described may be performed in an order other than that shown or described herein.
The method embodiment provided by the embodiment of the application can be executed in a mobile terminal, a computer terminal, a cloud server or similar computing devices. Fig. 1 shows a block diagram of a hardware architecture of a computer terminal (or mobile device) for implementing a remote gateway adjustment method. As shown in fig. 1, the computer terminal 10 (or mobile device 10) may include one or more processors 102 (shown as 102a, 102b, … …,102 n) which may include, but are not limited to, a microprocessor MCU or a processing device such as a programmable logic device FPGA, a memory 104 for storing data, and a transmission module 106 for communication functions. In addition, the method may further include: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a power supply, and/or a camera. It will be appreciated by those of ordinary skill in the art that the configuration shown in fig. 1 is merely illustrative and is not intended to limit the configuration of the electronic device described above. For example, the computer terminal 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
It should be noted that the one or more processors 102 and/or other data processing circuits described above may be referred to generally herein as "data processing circuits. The data processing circuit may be embodied in whole or in part in software, hardware, firmware, or any other combination. Furthermore, the data processing circuitry may be a single stand-alone processing module, or incorporated, in whole or in part, into any of the other elements in the computer terminal 10 (or mobile device). As referred to in embodiments of the application, the data processing circuit acts as a processor control (e.g., selection of the path of the variable resistor termination connected to the interface).
The memory 104 may be used to store software programs and modules of application software, such as program instructions/data storage devices corresponding to the remote gateway adjustment method in the embodiment of the present application, and the processor 102 executes the software programs and modules stored in the memory 104, thereby performing various functional applications and data processing, that is, implementing the remote gateway adjustment method described above. Memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the computer terminal 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission module 106 is used to receive or transmit data via a network. The specific examples of the network described above may include a wireless network provided by a communication provider of the computer terminal 10. In one example, the transmission module 106 includes a network adapter (Network Interface Controller, NIC) that can connect to other network devices through a base station to communicate with the internet. In one example, the transmission module 106 may be a Radio Frequency (RF) module for communicating with the internet wirelessly.
The display may be, for example, a touch screen type Liquid Crystal Display (LCD) that may enable a user to interact with a user interface of the computer terminal 10 (or mobile device).
In accordance with an embodiment of the present application, there is provided an embodiment of a remote gateway adjustment method, it being noted that the steps shown in the flowchart of the figures may be performed in a computer system, such as a set of computer executable instructions, and, although a logical order is shown in the flowchart, in some cases, the steps shown or described may be performed in an order other than that shown or described herein.
Fig. 2 is a flowchart of a remote gateway adjustment method according to an embodiment of the present application, as shown in fig. 2, the method includes the steps of:
Step S202, in response to a browsing request sent by a target object, determining a target remote gateway from a plurality of alternative remote Cheng Wangguan at least according to the address of the target object and the address of the remote resource site in the browsing request;
step S204, recommending the target remote gateway to the target object, and sending the remote resource to the target object through the target remote gateway, wherein the remote resource is used for displaying browsing content by the target object;
Step S206, in the process of detecting the target object to acquire the remote resource, determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with the preset condition;
step S208, in case of abnormal network state of the target remote gateway, issuing an adjustment scheme to the target remote gateway and the target object to adjust the target remote gateway.
Through the steps, the target remote gateway can be determined from a plurality of alternative remote Cheng Wangguan through the address of the target object and the address of the remote resource site, and the network state of the target remote gateway is monitored to carry out real-time adjustment, so that the aim of matching the target object with the optimal remote gateway is achieved, the technical effect of reducing network delay is achieved, and the technical problem of slow browsing content acquisition rate caused by overlong network delay when a remote isolation system is used is solved.
It should be noted that, fig. 3 shows a remote browsing isolation system, as shown in fig. 3, a cloud sandbox is a virtual system program installed on a cloud server, when a user terminal accesses a web page, a remote browser session is created in the cloud sandbox, an operation instruction on the user terminal is synchronized to the remote browser, the browsed web page is displayed in the remote browser, and then the web page is redrawn and then is transferred to the user terminal, so that the purpose of isolation is achieved.
And the redrawn resource is transmitted back to the user terminal, so that a better display effect can be achieved only by low network delay, for example: as fluency as local operation.
It will be appreciated that the target object in the above steps may be a user terminal device, and the remote resource may be a web application or the like.
In step S202, the remote resource site address may be an internet protocol address of a web server, and the address of the target object may be an internet protocol address of the user terminal device.
In step S204, the recommendation of the target remote gateway to the target object may be accomplished in a plurality of ways, in which an optional way is to directly connect the target remote gateway to the target object after the target object initiates the browsing request, or in another optional way, the target remote gateway may be displayed on a preset client interface, and a selection instruction of the client interface is received, so that the selected target remote gateway establishes connection.
In step S206, in the process of obtaining the remote resource by the target object, the network data may include at least network delay in the process of obtaining the content of the web interface for display;
In step S208, the adjustment scheme includes, but is not limited to, replacing the new remote gateway as the target remote gateway, reducing the load of the target remote gateway, and the like.
The above steps S202 to S208 are described in detail below by specific embodiments.
The selection of the target remote gateway from the plurality of candidate remote gateways Cheng Wangguan may be determined from several aspects, such as the address of the target object and the address of the remote resource site, and specifically, the historical network data of the plurality of candidate remote gateways is obtained, where the historical network data at least includes: the method comprises the steps of carrying traffic and equipment access quantity which can be carried by a remote gateway, covering a range which can be covered by the remote gateway, transmitting distance between the remote gateway and a target object, network delay between the remote gateway and the target object and packet loss rate between the remote gateway and the target object; selecting a remote gateway meeting preset conditions from a plurality of alternative remote gateways, and determining the remote gateway as a target remote gateway, wherein the preset conditions at least comprise: the load of the remote gateway meets a preset load condition, the transmission distance between the remote gateway and the target object is smaller than a set distance threshold, the network delay between the remote gateway and the target object is smaller than a first set delay threshold, and the packet loss rate between the remote gateway and the target object is smaller than a first set packet loss rate threshold.
It should be noted that, the network delay between the remote gateway and the target object and the packet loss rate between the remote gateway and the target object may be determined from the historical connection records of the target object and the multiple candidate remote gateways, or may be determined from the historical connection records of the device terminal and the multiple candidate remote gateways, where the transmission distance between the device terminal and the target object is the same as that between the device terminal and the remote gateway.
It should be further noted that the load of the remote gateway satisfies the preset load condition, including: determining a data packet corresponding to the remote resource based on the browsing request, and determining a data stream type corresponding to the data packet based on quintuple information of the data packet; the remote gateway matching the required load is determined according to the load required for the different data stream types.
For example: a data stream containing both audio and video data and a data stream containing only video data; the data streams of both audio and video data require a greater load than the data stream containing only video data; the load of the remote gateway includes, but is not limited to, the number of nodes the remote gateway can access and the upper traffic limit of the remote gateway.
It will be appreciated that a remote gateway representation that matches the required load contains an empty access node and the upper limit of remaining traffic is greater than the required traffic for the data flow.
The determination of the network state anomaly of the target remote gateway in step S206 may be determined by including: sending a detection task instruction to the target remote gateway, wherein the detection task instruction is used for indicating the target remote gateway to detect network data of the target remote gateway at the current moment every interval preset time length, and the network data at the current moment at least comprises: network delay between the target remote gateway and the target object and packet loss rate between the target remote gateway and the target object; and determining that the network state of the target object is abnormal under the condition that the network delay between the target remote gateway and the target object is larger than a second set delay threshold or the packet loss rate between the target remote gateway and the target object is larger than a second set packet loss rate threshold.
It can be understood that whether the network state of the target remote gateway is abnormal or not is judged, after the target object has established connection with the target remote gateway and begins to transmit data, the target remote gateway is dynamically adjusted, and the purposes of stabilizing network delay and balancing loads are achieved.
In step S208, under the condition that the network state of the target remote gateway is abnormal, an adjustment scheme is issued to the target remote gateway and the target object to adjust the target remote gateway, where the adjustment scheme is multiple, and an optional way is to increase the bandwidth between the target remote gateway and the target object under the condition that the network delay between the target remote gateway and the target object is greater than a second set delay threshold; another alternative is to select a first target remote gateway from a plurality of alternative remote gateways to replace the target gateway in the event that the packet loss rate between the target remote gateway and the target object is greater than a second set packet loss rate threshold.
In an actual application scenario, the remote isolation system in the related art may be optimized, for example: setting two modes, wherein in one optional mode, only a remote browser is required to be added to access a scheduling controller, and the route control interaction between the controller and a remote gateway node is realized; in the mode, only one-way flow scheduling optimization from the remote webpage application service back to the user terminal can be realized; in another optional mode, a target client is required to be installed on the basis of the former mode, the target client comprises a customized browser, and interaction between the customized browser and a remote browsing access scheduling controller can be completed through a private protocol; in the mode, bidirectional flow scheduling optimization can be realized, and under the condition that a target client is installed in a target object, a selection instruction sent by the target object through the target client is received; a target remote gateway is determined based on the selection instruction.
The manner of obtaining historical network data for a plurality of alternative remote gateways includes: optionally, obtaining historical network data of a plurality of alternative remote gateways includes: acquiring a terminal equipment address set which is connected with a plurality of alternative remote gateways; selecting a preset address section from the address set for each interval preset time length; and acquiring historical network data between the terminal equipment corresponding to the preset address section and the plurality of alternative remote gateways as the historical network data of the plurality of alternative remote gateways.
Specifically, for remote resource sites with detection authority, each remote resource site generates a detection record every day, and for user terminal equipment, terminal equipment in a section C network protocol address in the user terminal equipment can be acquired every day to acquire network data, such as packet loss rate and network delay.
The embodiment of the application also provides a remote gateway adjusting system, as shown in fig. 4, comprising: scheduling module 40, mapping module 42, and gateway module 44, gateway module 44 comprising a plurality of alternative remote gateways; a scheduling module 40, configured to determine, in response to a browsing request sent by a target object, a target remote gateway from a plurality of candidate remote Cheng Wangguan according to at least an address of the target object and an address of a remote resource site in the browsing request; recommending the target remote gateway to the target object, and sending remote resources to the target object through the target remote gateway, wherein the remote resources are used for displaying browsing contents of the target object; the scheduling module 40 is further configured to detect network data of the target remote gateway during the process of obtaining the remote resource by the target object, and determine that the network state of the target remote gateway is abnormal if the network data does not meet a preset condition; under the condition that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object so as to adjust the target remote gateway; the mapping module 42 is configured to obtain historical network data of a plurality of candidate remote gateways and network data of a target remote gateway; the gateway module 44 is configured to send the remote resource to the target object and adjust the target remote gateway according to an adjustment scheme.
In an actual application scenario, another remote gateway adjustment system is provided, as shown in fig. 5, including a plurality of user terminal devices 50, a plurality of remote browsing isolation nodes 52, and a remote browsing scheduling module 54, where the remote browsing scheduling module 54 includes: the system comprises an access center, a mapping center and a decision center; remote browsing isolation node 52 has a remote browsing gateway, a remote mapping module, and a server running a remote browser disposed therein.
As shown in fig. 5, the remote mapping module uses the remote browsing isolation node 52 as a center to collect network data such as network delay, packet loss, routing and the like, and simultaneously reports the network data to the mapping center; the mapping center collects the total network data and draws a network space map, wherein the network space map is used for reflecting the network data such as the transmission distance, network delay, packet loss rate, load condition and the like between the remote browsing isolation nodes 52 and the user terminal equipment 50 and the remote resource sites, and perceives the coverage condition of each remote browsing isolation node 52; the user terminal device 50 sends a browse request to the access center requesting access to a remote resource site; the access center determines a preferred service access node remote browsing gateway according to the network protocol address of the user terminal equipment 50 and the requested remote resource site address, and the decision center determines a preferred service access node remote browsing gateway according to the acquired network space map and the acquired attributes such as historical network delay, route affinity, node load and the like, forwards the access request of the user terminal equipment 50 to the corresponding remote browsing gateway for processing, and returns information to the user terminal equipment 50; the remote browsing gateway receives the browsing request from the user terminal device 50, initiates the browsing request to the remote resource site, and returns the resulting data to the user terminal device 50 in a secure manner. The mapping center generates an online mapping detection task aiming at the online user terminal equipment 50, and sends the online mapping detection task to each remote browsing isolation node 52 for mapping; each remote browsing isolation node 52 receives the online detection task and reports the detection result to the mapping center; the decision center calculates the network quality conditions of each remote browsing isolation node 52 and the user terminal equipment 50 in near real time according to the online detection data, generates a dynamic scheduling event, and transmits the dynamic scheduling event to the remote browsing gateway and the corresponding user terminal equipment 50; the remote browsing gateway and the user terminal device 50 receive the notification of the dynamic optimization event and complete the adaptive optimization adjustment.
According to another aspect of the embodiment of the present application, there is also provided a nonvolatile storage medium, including a stored program, where the device on which the nonvolatile storage medium is controlled to execute the above remote gateway adjustment method when the program runs.
According to another aspect of the embodiment of the present application, there is also provided a communication device including a memory and a processor, where the processor is configured to execute a program, and the program executes the remote gateway adjustment method.
The communication equipment executes the remote gateway adjustment method, determines the target remote gateway from a plurality of alternative distances Cheng Wangguan through the address of the target object and the address of the remote resource site, monitors the network state of the target remote gateway, and adjusts the network state in real time, thereby achieving the purpose of matching the target object with the optimal remote gateway, realizing the technical effect of reducing the network delay, and further solving the technical problem of slow acquisition rate of browsing content due to overlong network delay when using a remote isolation system.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed technology may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of units may be a logic function division, and there may be another division manner in actual implementation, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server or a network device, etc.) to perform all or part of the steps of the method of the various embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely a preferred embodiment of the present application and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present application, which are intended to be comprehended within the scope of the present application.

Claims (10)

1. The remote gateway adjusting method is characterized by being applied to a remote browsing isolation system and comprising the following steps of:
responding to a browse request sent by a target object, and determining a target remote gateway from a plurality of alternative remote Cheng Wangguan at least according to the address of the target object and the address of a remote resource site in the browse request;
Recommending the target remote gateway to the target object, and sending a remote resource to the target object through the target remote gateway, wherein the remote resource is used for displaying browsing content by the target object;
Detecting network data of the target remote gateway in the process of acquiring the remote resources by the target object, and determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with preset conditions;
and under the condition that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object so as to adjust the target remote gateway.
2. The method of claim 1, wherein in response to a browse request sent by a target object, determining a target remote gateway from a plurality of alternative remotes Cheng Wangguan based at least on an address of the target object and a remote resource site address in the browse request, comprises:
Acquiring historical network data of the plurality of alternative remote gateways, wherein the historical network data at least comprises: the method comprises the steps of enabling traffic and equipment access quantity which can be borne by a remote gateway, enabling a coverage range of the remote gateway, enabling a transmission distance between the remote gateway and a target object, enabling network delay between the remote gateway and the target object and enabling packet loss rate between the remote gateway and the target object to be equal to each other;
Selecting a remote gateway meeting preset conditions from the plurality of candidate remote gateways, and determining the remote gateway as the target remote gateway, wherein the preset conditions at least comprise: the load of the remote gateway meets a preset load condition, the transmission distance between the remote gateway and a target object is smaller than a set distance threshold, the network delay between the remote gateway and the target object is smaller than a first set delay threshold, and the packet loss rate between the remote gateway and the target object is smaller than a first set packet loss rate threshold.
3. The method of claim 2, wherein the load of the remote gateway satisfies a preset load condition, comprising:
determining a data packet corresponding to the remote resource based on the browsing request, and determining a data stream type corresponding to the data packet based on quintuple information of the data packet;
The remote gateway matching the required load is determined according to the load required for the different data stream types.
4. The method according to claim 2, wherein detecting network data of the target remote gateway during the process of obtaining the remote resource by the target object, and determining that the network state of the target remote gateway is abnormal if the network data does not meet a preset condition, includes:
Sending a detection task instruction to the target remote gateway, wherein the detection task instruction is used for indicating the target remote gateway to detect network data of the target remote gateway at the current moment every preset time, and the network data of the target remote gateway at the current moment at least comprises: network delay between the target remote gateway and the target object and packet loss rate between the target remote gateway and the target object;
And determining that the network state of the target object is abnormal under the condition that the network delay between the target remote gateway and the target object is larger than a second set delay threshold or the packet loss rate between the target remote gateway and the target object is larger than a second set packet loss rate threshold.
5. The method of claim 4, wherein issuing an adjustment scheme to the target remote gateway and the target object to adjust the target remote gateway in the event of an abnormal network state of the target remote gateway comprises:
Increasing the bandwidth between the target remote gateway and the target object if the network delay between the target remote gateway and the target object is greater than a second set delay threshold;
And selecting a first target remote gateway from the plurality of candidate remote gateways to replace the target remote gateway under the condition that the packet loss rate between the target remote gateway and the target object is larger than a second set packet loss rate threshold.
6. The method according to claim 1, wherein the method further comprises:
Receiving a selection instruction sent by the target object through the target client under the condition that the target client is installed in the target object;
And determining the target remote gateway based on the selection instruction.
7. The method of claim 2, wherein obtaining historical network data for the plurality of alternative remote gateways comprises:
Acquiring a terminal equipment address set which is connected with the plurality of alternative remote gateways;
selecting a preset address section from the address set every preset time length;
And acquiring historical network data between the terminal equipment corresponding to the preset address section and the plurality of alternative remote gateways as the historical network data of the plurality of alternative remote gateways.
8. A remote gateway adjustment system, comprising:
the system comprises a scheduling module, a mapping module and a gateway module, wherein the gateway module comprises a plurality of alternative remote gateways;
the scheduling module is used for responding to a browse request sent by a target object, and determining a target remote gateway from a plurality of alternative remote Cheng Wangguan at least according to the address of the target object and the address of a remote resource site in the browse request; recommending the target remote gateway to the target object, and sending a remote resource to the target object through the target remote gateway, wherein the remote resource is used for displaying browsing content by the target object;
The scheduling module is further used for detecting network data of the target remote gateway in the process that the target object obtains the remote resource, and determining that the network state of the target remote gateway is abnormal under the condition that the network data does not accord with preset conditions; under the condition that the network state of the target remote gateway is abnormal, issuing an adjustment scheme to the target remote gateway and the target object so as to adjust the target remote gateway;
The mapping module is used for acquiring historical network data of the plurality of alternative remote gateways and network data of the target remote gateway;
The gateway module is used for sending the remote resource to the target object and adjusting the target remote gateway according to the adjustment scheme.
9. A non-volatile storage medium, wherein a computer program is stored in the non-volatile storage medium, and wherein a device in which the non-volatile storage medium is located executes the remote gateway adjustment method according to any one of claims 1 to 7 by running the computer program.
10. A communication device comprising a memory and a processor for running a program, wherein the program is run to perform the remote gateway adjustment method of any of claims 1 to 7.
CN202211158166.7A 2022-09-22 2022-09-22 Remote gateway adjusting method and system Active CN115514637B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211158166.7A CN115514637B (en) 2022-09-22 2022-09-22 Remote gateway adjusting method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211158166.7A CN115514637B (en) 2022-09-22 2022-09-22 Remote gateway adjusting method and system

Publications (2)

Publication Number Publication Date
CN115514637A CN115514637A (en) 2022-12-23
CN115514637B true CN115514637B (en) 2024-04-30

Family

ID=84505547

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211158166.7A Active CN115514637B (en) 2022-09-22 2022-09-22 Remote gateway adjusting method and system

Country Status (1)

Country Link
CN (1) CN115514637B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107133246A (en) * 2016-02-29 2017-09-05 广州市动景计算机科技有限公司 Browser window partition method and system
US10693991B1 (en) * 2011-09-27 2020-06-23 Amazon Technologies, Inc. Remote browsing session management
CN114257841A (en) * 2021-12-20 2022-03-29 恒安嘉新(北京)科技股份公司 Method, device, system, equipment and medium for isolated playback of webpage video
CN114297544A (en) * 2021-12-28 2022-04-08 恒安嘉新(北京)科技股份公司 Remote browsing method, device, equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11550898B2 (en) * 2017-10-23 2023-01-10 L3 Technologies, Inc. Browser application implementing sandbox based internet isolation

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10693991B1 (en) * 2011-09-27 2020-06-23 Amazon Technologies, Inc. Remote browsing session management
CN107133246A (en) * 2016-02-29 2017-09-05 广州市动景计算机科技有限公司 Browser window partition method and system
CN114257841A (en) * 2021-12-20 2022-03-29 恒安嘉新(北京)科技股份公司 Method, device, system, equipment and medium for isolated playback of webpage video
CN114297544A (en) * 2021-12-28 2022-04-08 恒安嘉新(北京)科技股份公司 Remote browsing method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN115514637A (en) 2022-12-23

Similar Documents

Publication Publication Date Title
US10374955B2 (en) Managing network computing components utilizing request routing
US11316786B2 (en) Systems and methods for directly responding to distributed network traffic
US20180262533A1 (en) Monitoring Device Data and Gateway Data
CN110839049B (en) Data scheduling method and system based on domain name system
CN110381131B (en) Method for realizing MEC node identification, mobile terminal, server and storage medium
US11553058B1 (en) Sticky sessions in a proxy infrastructure
CN103312716A (en) Internet information accessing method and system
US20220116328A1 (en) Policy determination apparatus, policy determining method and program
US10771372B2 (en) Transmitting test traffic on a communication link
CN110661673B (en) Heartbeat detection method and device
CN108366104A (en) A kind of data download control method and device
CN105516397A (en) Method for accessing multiple operating system terminals into network and multiple operating system terminals
CA3067056C (en) Acceleration system for facilitating processing of api calls
EP3832988A1 (en) Node traffic dispatching method and apparatus, electronic device, and storage medium
CN112350845B (en) Wide area network port configuration method, network device and computer readable storage medium
CN115514637B (en) Remote gateway adjusting method and system
CN112398796B (en) Information processing method, device, equipment and computer readable storage medium
KR102602073B1 (en) Service registration based on service capability requirements and preferences
CN110545453B (en) Content distribution method, device and system of content distribution network
CN109639831A (en) With the distribution method and device of the transfer resource of web services match
CN109936460B (en) Method and equipment for charging flow
US20210105222A1 (en) Method and apparatus for scheduling traffic of node, electronic device and storage medium
KR101467023B1 (en) System and method to deliver contents using dynamic context in the distributed network
JP5992813B2 (en) Program, access control method, and information processing apparatus
US20220086731A1 (en) Port-based multitenancy router to manage wireless network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant