CN115658221A - State detection method, service virtual machine, equipment and medium - Google Patents
State detection method, service virtual machine, equipment and medium Download PDFInfo
- Publication number
- CN115658221A CN115658221A CN202211258197.XA CN202211258197A CN115658221A CN 115658221 A CN115658221 A CN 115658221A CN 202211258197 A CN202211258197 A CN 202211258197A CN 115658221 A CN115658221 A CN 115658221A
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- request
- state detection
- service virtual
- detection component
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The application discloses a state detection method, a service virtual machine, equipment and a medium; the method is applied to a business virtual machine; the service virtual machine is arranged in the first equipment; a first connection is established between the first device and the second device; the second equipment stores a state detection component; the method comprises the following steps: under the condition that the communication connection between the service virtual machine and the second equipment is not established, if the state detection component is not arranged in the service virtual machine, sending a first request for acquiring the state detection component to the first equipment, so that the first equipment can send the first request to the second equipment through the first connection; the second device responds to the first request and sends the state detection component to the first device, so that the first device sends the state detection component to the service virtual machine; receiving a state detection component sent by first equipment; and executing the state detection operation on the service virtual machine through the state detection component.
Description
Technical Field
The present application relates to the field of data security technologies, and in particular, to a state detection method, a service virtual machine, a device, and a medium.
Background
In practical application, after the setting of the service virtual machine of the user is completed, a state detection component, such as a state detection client, needs to be obtained as soon as possible, so as to monitor the running state of the service virtual machine through the state detection component, thereby ensuring the safe running of the service virtual machine. Although solutions for a service virtual machine to obtain a state detection component are provided in the related art, the solutions are not flexible enough.
Disclosure of Invention
Based on the above problems, embodiments of the present application provide a state detection method, a service virtual machine, a device, and a medium.
The technical scheme provided by the embodiment of the application is as follows:
the embodiment of the application firstly provides a state detection method, which is applied to a service virtual machine; the service virtual machine is arranged in the first equipment; a first connection is established between the first device and the second device; a state detection component is stored in the second equipment; the method comprises the following steps:
under the condition that the communication connection between the service virtual machine and the second equipment is not established, if the state detection component is not set in the service virtual machine, sending a first request for acquiring the state detection component to the first equipment, so that the first equipment can send the first request to the second equipment through the first connection; the second device responds to the first request and sends the state detection component to the first device, so that the first device sends the state detection component to the service virtual machine;
receiving the state detection component sent by the first device;
and executing state detection operation on the service virtual machine through the state detection component.
In some embodiments, said sending a first request to said first device to obtain said status detection component comprises:
obtaining a first address; wherein the first address comprises an address of the first device;
based on the first address, sending the first request to the first device through virtio-serial so that the first device sets a target address of the first request as a second address, and sending the first request to the second device; wherein the second address comprises an address of the second device.
In some embodiments, said sending a first request to said first device to obtain said status detection component comprises:
receiving a task list sent by the first equipment; the task list comprises a list of tasks to be processed by the virtual machine, which are sent to the first equipment by the security management system through a second connection; communication connection is not established between the service virtual machine and the safety management system; the second connection comprises a communication connection between the security management system and the first device;
and if the task list comprises the task of acquiring the state detection component, sending the first request to the first equipment.
In some embodiments, the receiving the task list sent by the first device includes:
sending a second request to the first device under the condition that the communication connection is not established between the service virtual machine and the second device; wherein the second request comprises an authentication request; the first device sets the target address of the second request as a third address and sends the second request to the security management system; the security management system executes authentication operation on the service virtual machine based on the second request, generates and sends the task list to the first device, so that the first device sends the task list to the service virtual machine; the third address comprises an address of the security management system;
and receiving the task list.
The embodiment of the application also provides another state detection method, which is applied to the first equipment; a service virtual machine is arranged in the first equipment; a first connection is established between the first device and the second device; a state detection component is stored in the second equipment; the method comprises the following steps:
receiving a first request for acquiring the state detection component, which is sent by the service virtual machine; wherein the first request is sent without establishing a communication connection between the service virtual machine and the second device and without setting the state detection component in the service virtual machine;
sending the first request to the second device over the first connection; after receiving the first request, the second device obtains the state detection component corresponding to the service virtual machine, and sends the state detection component to the first device;
and receiving and sending the state detection component to the service virtual machine.
In some embodiments, said sending said first request to said second device comprises:
obtaining a second address; wherein the second address comprises an address of the second device;
setting a target address of the first request as the second address;
sending the first request to the second device;
the receiving of the first request for acquiring the state detection component sent by the service virtual machine includes:
and receiving the first request sent by the service virtual machine through a virtio-serial.
In some embodiments, before the receiving a first request sent by the service virtual machine to acquire the status detection component, the method further includes:
receiving a task list sent by a safety management system through a second connection; the task list comprises a list of tasks to be processed by the service virtual machine; the second connection comprises a communication connection between the first device and the security management system; communication connection is not established between the safety management system and the service virtual machine;
and sending the task list to the service virtual machine so that the service virtual machine sends the first request to the first device when the task list comprises a task for acquiring the state detection component.
In some embodiments, the receiving the task list sent by the security management system includes:
receiving a second request sent by the service virtual machine; wherein the second request comprises an authentication request; the second request is sent without establishing a communication connection between the service virtual machine and the second device;
acquiring a third address, and setting a target address of the second request as the third address; wherein the third address comprises an address of the security management system;
sending the second request to the security management system, so that the security management system can execute authentication operation, generate and send the task list to the first device;
and sending the task list to the service virtual machine.
The embodiment of the application also provides a service virtual machine, wherein the service virtual machine is arranged in the first equipment; the business virtual machine comprises a first processor and a first memory, wherein: the first memory has a computer program stored therein; when the first processor executes the computer program, the method for detecting the state applied to the service virtual machine can be implemented as any one of the foregoing methods.
The embodiment of the application also provides a first device, which comprises a second processor and a second memory; wherein the second memory has stored therein a computer program; the second processor, when executing the computer program, is capable of implementing the state detection method as described in any of the preceding paragraphs as applied to the first device.
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored in the storage medium, and when the computer program is executed by a processor, the method for detecting a state applied to a service virtual machine or a first device as in any one of the foregoing can be implemented.
According to the state detection method applied to the service virtual machine, under the condition that communication connection is not established between the service virtual machine and the second device stored with the state detection component, the state detection component stored in the second device can be indirectly and automatically obtained through the first device, so that the process steps of the service virtual machine for obtaining the state detection component are simplified, the degree of freedom and the flexibility of the service virtual machine for obtaining the state detection component are improved, the service virtual machine can automatically, intelligently and flexibly obtain the state detection component, and the requirements on the network connection state of the service virtual machine and the complexity of network management and operation and maintenance are reduced; moreover, the state in which the communication connection is not established between the service virtual machine and the second device in which the state detection component is stored is an initialization state that is usually established for the service virtual machine, so that the state detection method provided by the embodiment of the application enables the service virtual machine to flexibly obtain the state detection component in real time after the service virtual machine is established, that is, after the service virtual machine is on-line, and thus the security of the service data processing flow of the service virtual machine can be greatly improved.
Drawings
Fig. 1 is a schematic flowchart of a state detection method applied to a service virtual machine according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a state detection method applied to a first device according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a configuration window of a state detection component according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a service virtual machine automatically acquiring and installing a state detection component according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a service virtual machine according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a first device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
In practical application, after the service virtual machine of a user is created and started, in order to ensure safe and stable operation of the service virtual machine, a state detection component needs to be set in the service virtual machine as soon as possible.
In order to solve the above technical problems, a scheme for a service Virtual machine to automatically download a status detection component, such as an Agent plug-in, from a Cloud management platform is provided in the related art, but this scheme requires that a communication connection is established between the service Virtual machine and the component management platform, for example, the service Virtual machine needs to be able to obtain a public network Protocol (IP) address or an Enterprise Information Portal (EIP) of the component management platform, and the service Virtual machine is required to be set in a specific area, or the service Virtual machine needs to establish a communication connection with a security management platform through a Virtual Private Cloud (VPC) public service. In this case, if a firewall is set in the component management platform, the security protection policy needs to be manually positioned and modified, so that the service virtual machine can be connected to the component management platform.
In the related art, a scheme for manually installing a state detection component in a service virtual machine is also provided, but the scheme requires that after the service account information is obtained, a service account is logged in at the service virtual machine end to download an installation package, and an installation command and verification information are manually input. This solution is difficult to maintain and is prone to errors.
Based on the above problems, embodiments of the present application provide a state detection method, a service virtual machine, a device, and a medium. According to the state detection method provided by the embodiment of the application, under the condition that communication connection is not established between the service virtual machine and the second equipment in which the state detection component is stored, the state detection component stored in the second equipment can be indirectly and automatically obtained through the first equipment, so that the process step of obtaining the state detection component by the service virtual machine is simplified, the degree of freedom and the flexibility of obtaining the state detection component by the service virtual machine are improved, the service virtual machine can automatically, intelligently and flexibly obtain the state detection component, the requirement on the network connection state of the service virtual machine and the complexity of network management and operation and maintenance are reduced, and the technical requirement on users or managers is reduced; moreover, the state in which the communication connection is not established between the service virtual machine and the second device in which the state detection component is stored is an initialization state that is usually established for the service virtual machine, so that the state detection method provided by the embodiment of the application enables the service virtual machine to flexibly obtain the state detection component in real time after the service virtual machine is established, that is, after the service virtual machine is on-line, and thus the security of the service data processing flow of the service virtual machine can be greatly improved.
The embodiment of the application firstly provides a state detection method, and the method is applied to a service virtual machine. The method may be implemented by a Processor of a service virtual machine, where the Processor may be at least one of an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a Central Processing Unit (CPU), a controller, a microcontroller, and a microprocessor.
In the embodiment of the application, a service virtual machine is arranged in first equipment; a first connection is established between the first device and the second device; the second device stores a state detection component.
In one embodiment, the first device may comprise a physical machine device; illustratively, the first device may comprise a server device or a personal computer device.
In one embodiment, the second device may comprise a physical machine device or a virtual machine device; for example, the second device may include a virtual machine device set in the first device, that is, the service virtual machine and the second device may be set in the first device at the same time; illustratively, a remote connection may be established between the second device and the first device; illustratively, the second device and the first device may be located in a cluster.
In one embodiment, the second device may be located in the same cluster or a different cluster than the first device.
In an embodiment, a component management system (Manager) may be disposed in the second device, and may manage a status detection operation of the service virtual machine, and may also manage a status detection component (Agent); illustratively, the component management system is also capable of managing the running state of the state detection component, the state detection process or progress, and the like; illustratively, the component management system may issue an instruction to the status detection component to trigger the status detection component to perform operations such as data scanning; illustratively, the component management system can also receive device information and log data reported by the status detection component.
In one embodiment, the service virtual machine can complete the service data operation processing task of the user; illustratively, the operating system of the business virtual machine may be any operating system; illustratively, the operating system of the business virtual machine and the operating system of the second device may be the same or different.
In an embodiment, a plurality of service virtual machines may be provided in the first device, and at least one of an operating system, a type of service data processed, a service data processing time, and a security detection policy of each service virtual machine may be different.
In one embodiment, the state detection component may include a software program capable of running in the business virtual machine that may receive instructions and trigger operations to scan data processed and/or stored by the business virtual machine, handle discovered threat data, and fix vulnerabilities; illustratively, the state detection component may include a state detection client.
In one embodiment, the first connection may comprise a wired connection or a wireless connection; illustratively, the first connection may comprise a local connection or a remote connection.
Fig. 1 is a schematic flowchart of a state detection method applied to a service virtual machine according to an embodiment of the present application, where as shown in fig. 1, the method may include the following steps:
And the second equipment responds to the first request and sends the state detection component to the first equipment so that the first equipment can send the state detection component to the service virtual machine.
For example, if the service virtual machine establishes a communication connection with the second device and the status detection component is not set in the service virtual machine, the service virtual machine may send the first request to the first device through the communication connection between the service virtual machine and the second device.
For example, if the state detection component is provided in the service virtual machine, the first request may not be sent to the first device.
In an embodiment, the state detection component is not set in the service virtual machine, and may include a state detection component that is not installed in the service virtual machine, or a state detection component that is not stored and installed in the service virtual machine; for example, the service virtual machine is not provided with a state detection component, and the service virtual machine may further include any one of a state in which the state detection component has been provided in the service virtual machine, but the state detection component is in a failure state, the service virtual machine has no authority to run the state detection component, the version of the state detection component is too low, and the state detection component is uninstalled or removed.
In an embodiment, the service virtual machine and the second device do not establish a communication connection, which may include that the service virtual machine cannot obtain device information of the second device, cannot send data and/or a request to the second device, and the second device cannot obtain the device information of the service virtual machine, and cannot send data and/or a request to the service virtual machine; illustratively, the device information may include a device name and/or address, etc.; illustratively, the address may include at least one of an IP address, a Uniform Resource Locator (URL), and a Domain Name System (DNS).
In one embodiment, the first request may include information such as a type of an operating system of the service virtual machine and/or a type of service processed by the service virtual machine; illustratively, the first request may also include information such as the type, function, version, and configuration requirements of the status detection component.
Illustratively, the first request may be generated after the creation of the service virtual machine is finished and the start is completed; illustratively, the first request may be generated when the business virtual machine is not processing business data; illustratively, the first request may be generated by the traffic virtual machine prior to processing the traffic data.
Illustratively, the service virtual machine may transmit the first request to the first device through an Application Programming Interface (API) provided by an operating system of the first device; for example, after receiving the first request, the first device may parse the first request, and when determining that the first request is a request for obtaining the status detection component, the first request may be sent to the second device through the second connection.
For example, after receiving the first request, the second device may analyze the first request, obtain a request object of the first request as a state detection component, and further obtain an operating system type and/or a service data type of the service virtual machine; exemplarily, the second device may determine a state detection component matched with an operating system type and/or a service data type of the service virtual machine, perform packing processing on the state detection component to obtain a first data packet, and then send the first data packet to the first device through the first connection; for example, the first device may unpack the first data packet to determine that the data packet includes the status detection component, and the first device may further determine the service virtual machine from the at least one virtual machine set therein and send the status detection component to the service virtual machine.
And 102, receiving a state detection component sent by the first equipment.
Illustratively, after receiving the state detection component, the service virtual machine may install the state detection component in a default manner; installation configuration information added and set by the second device may also be included in the first data packet, so that the service virtual machine may install the state detection component according to the installation configuration information; illustratively, the installation configuration information may include an installation directory of the status detection component, activated function options of the status detection component, a starting mode of the status detection component, and the like.
And 103, executing a state detection operation on the service virtual machine through the state detection component.
Illustratively, after the installation of the status detection component is completed, the status detection component may be started and configured to perform the status detection operation according to default or second device set status detection configuration information.
Illustratively, the state detection configuration information may include at least one of a data range of state detection, an execution time of the state detection operation, and processing of a state detection operation result; illustratively, the data range of the status detection may include data type ranges, such as service data and non-service data, text data, video data, and the like; the execution time of the state detection operation can comprise at least one of the starting time, the duration, the holiday time and the working day time of the state detection operation; illustratively, the processing of the status-detection operation result may include at least one of outputting the status-detection operation result, generating log data, and transmitting the status-detection operation result to the first device and/or the second device.
As can be seen from the above, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, the service virtual machine is disposed in the first device, the first connection is established between the first device and the second device, and the second device stores the state detection component; under the condition that the communication connection between the service virtual machine and the second equipment is not established, if the state detection component is not arranged in the service virtual machine, a first request for acquiring the state detection component is sent to the first equipment, so that the first equipment can send the first request to the second equipment through the first connection, the second equipment can respond to the first request, send the state detection component to the first equipment, so that the first equipment can send the state detection component to the service virtual machine, the service virtual machine receives the state detection component, and then the state detection operation is executed on the service virtual machine through the state detection component.
Therefore, according to the state detection method applied to the service virtual machine provided by the embodiment of the application, under the condition that no communication connection is established between the service virtual machine and the second device in which the state detection component is stored, the state detection component stored in the second device can be indirectly and automatically obtained through the first device, so that the process step of the service virtual machine for obtaining the state detection component is simplified, the degree of freedom and the flexibility of the service virtual machine for obtaining the state detection component are improved, the service virtual machine can automatically, intelligently and flexibly obtain the state detection component, and the requirements on the network connection state of the service virtual machine and the complexity of network management and operation and maintenance are reduced; moreover, the state in which the communication connection is not established between the service virtual machine and the second device in which the state detection component is stored is an initialization state that is usually established for the service virtual machine, so that the state detection method provided by the embodiment of the application enables the service virtual machine to flexibly obtain the state detection component in real time after the service virtual machine is established, that is, after the service virtual machine is on-line, and thus the security of the service data processing flow of the service virtual machine can be greatly improved.
Based on the foregoing embodiment, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, a first request for acquiring a state detection component is sent to a first device, and the method can be implemented through steps A1 to A2:
and A1, obtaining a first address.
Wherein the first address comprises an address of the first device.
In one embodiment, the first address may include any one of an IP address, a DNS address, a URL address, and a Media Access Control (MAC) address of the first device.
In one embodiment, when the business virtual machine is created, the first address may be used as configuration information created by the business virtual machine, so that the business virtual machine may obtain the first address.
And A2, based on the first address, sending a first request to the first equipment through a virtio-serial to enable the first equipment to set a target address of the first request as a second address, and sending the first request to the second equipment.
Wherein the second address comprises an address of the second device.
In one embodiment, the second address may include any of a device name, an IP address, a DNS address, a URL address, and a MAC address of the second device; illustratively, the second address may further include an address of a component management system set in the second device; illustratively, the address of the component management system may be embodied in the form of an IP address plus a port number of the second device, or may be embodied in the form of a network link address.
In practical application, virtual-serial is a virtual serial technology, which can be used to implement efficient and secure communication between a virtual machine and a host, and has no requirement on the network connection state of the virtual machine.
Illustratively, vmtools may be provided in the traffic virtual machine. vmtools is a virtual machine performance optimization tool; after the vmtools are installed in the service virtual machine, the vmtools-guest can be started to communicate with the host machine, namely the vmtools-host in the first equipment through the virtio-serial; exemplarily, the vmtools can also start the orchestration task execution service sf-available to detect and receive the orchestration task sent by the host, namely the first device, and execute the orchestration task; illustratively, vmtools may also be provided in the first device, and vmtools-host in the first device may be in a startup state, and vmtools-host may implement data transmission with vmtools-guest through virtio-serial.
Illustratively, after receiving the first request through the virtual-serial interface, the vmtools-host in the first device may parse the first request, and when determining that the first request is a request for acquiring the state detection component, may obtain an address of the second device, and set a target address of the first request as an address of the second device, for example, set a target address of the first request as an IP address of the second device and a port number of the component management system, and then send the first request to the second device through a Hyper Text Transfer Protocol over secure session Layer (HTTPS).
Illustratively, after receiving a first packet including a status detection component sent by a second device, a first device may send the first packet to vmtools-host, and forward the first packet to vmtools-guest via virtio-serial; exemplarily, the vmtools-guest can share the first data packet to the sf-infrastructure, so that the sf-infrastructure can analyze the first data packet and execute the installation script to complete the installation configuration of the state detection component; illustratively, the installation script may be set by the second device.
For example, under the condition that the number of virtual machines set in the first device is large, the data transmission operation between the virtual machine and the first device through the virtual-serial may be large, and at this time, the performance of the data transmission operation between the virtual machine and the first device may be affected; in order to solve the above problems, virtio-vsock may also be adopted to implement data transmission between each virtual machine and the first device. The virtio-vsock has high data transmission speed and high throughput, but has higher requirement on the kernel version of the first device, namely the host machine, thereby improving the requirement on the hardware configuration of the first device.
As can be seen from the above, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, after the service virtual machine obtains the first address of the first device, the service virtual machine can send the first request to the first device through the virtual-serial based on the first address, so that the first device can set a target address of the first request as the second address, and send the first request to the second device, where the second address includes an address of the second device.
Therefore, in the state detection method applied to the service virtual machine provided by the embodiment of the application, the advantage that the virtual-server has no requirement on the network connection state of the service virtual machine is fully utilized, so that the data interaction function between the first device and the second device can be realized through the virtual-server under the condition that the communication connection between the service virtual machine and the second device is not established, the mode that the service virtual machine obtains the state detection component is more flexible, and the network connection requirement on the service virtual machine obtaining the state detection component is also reduced.
Based on the foregoing embodiment, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, a first request for acquiring a state detection component is sent to the first device, and the method may be implemented through steps B1 to B2:
and B1, receiving a task list sent by the first equipment.
The task list comprises a list of tasks to be processed by the service virtual machine, which is sent to the first equipment by the security management system through the second connection; the second connection comprises a communication connection between the first device and the security management system; and communication connection is not established between the service virtual machine and the safety management system.
In one embodiment, the security management system may be provided in the third device; illustratively, the third device may comprise a physical machine device or a virtual machine device that establishes a communication connection with the first device.
In one embodiment, the first device, the second device, and the third device may be respectively disposed in different clusters or the same cluster; illustratively, a communication connection may be established between the third device and the second device.
In an embodiment, if the third device is a virtual machine device, the third device may be disposed in the first device.
In one embodiment, the security management system may include a system or platform for controlling the startup, configuration, operation of security management components in the business virtual machine, and monitoring the login usage status of the business virtual machine by a user; for example, the security management system may establish a communication connection with the component management system, which may control the component management system to send a status detection instruction to the status detection component, and receive log data and asset information sent by the component management system.
In one embodiment, the task list may include a list of tasks that the service virtual machine needs to perform before acquiring the state detection component; illustratively, the number of the tasks available in the task list may be at least one; illustratively, the task list may include a playbook of security management system settings.
In an embodiment, the number of tasks and/or the type of tasks in the task list may be related to at least one of an operating system of the service virtual machine, a task execution state of the service virtual machine, and a service type processed by the service virtual machine, which is not limited in this embodiment of the present application.
In one embodiment, the second connection may be a wired connection or a wireless connection, which is not limited in this application.
And B2, if the task list comprises the task of acquiring the state detection component, sending a first request to the first equipment.
For example, if the task of acquiring the status detection component is not included in the task list, the operation of sending the first request to the first device may not be performed.
For example, under the condition that the communication connection is not established between the security management system and the service virtual machine, the data transmission process between the security management system and the service virtual machine may be the same as the data transmission process between the service virtual machine and the second device in the foregoing embodiment, and details are not described here again.
As can be seen from the above, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, under the condition that a communication connection is not established between the service virtual machine and the security management system, after receiving a task list, which is sent by the first device and is to be processed by the service virtual machine from the security management system, and when the task list includes a task for acquiring a state detection component, the service virtual machine sends a first request to the first device.
Therefore, in the state detection method applied to the service virtual machine, when communication connection is not established between the service virtual machine and the safety management system, the task list sent by the safety management system can be obtained through the first device, so that flexible data transmission between the service virtual machine and the safety management system is realized, and the network connection limitation of the service virtual machine for receiving the task list is reduced; and when the task list comprises the task of acquiring the state detection component, sending a first request to the first device, thereby realizing flexible control of the operation of acquiring the state detection component by the service virtual machine through the safety management system.
Based on the foregoing embodiment, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, receiving the task list sent by the first device may be implemented through steps C1 to C2:
and step C1, sending a second request to the first equipment under the condition that the communication connection is not established between the service virtual machine and the second equipment.
Wherein the second request comprises an authentication request; the first equipment sets the target address of the second request as a third address and sends the second request to the security management system; the safety management system executes authentication operation on the service virtual machine based on the second request, generates and sends a task list to the first equipment, so that the first equipment sends the task list to the service virtual machine; the third address includes an address of the security management system.
In one embodiment, the service virtual machine may send the second request to the first device via the virtio-serial through vmtools-guest; correspondingly, the first device may receive the second request through vmtools-host, analyze the second request, set a target address of the second request as an address of the security management system when determining that the second request is the authentication request, and send the second request to the security management system.
In one embodiment, the address of the security management system may include an address of the third device and a port number corresponding to the security management system.
In one embodiment, the second request may include at least one of creation time of the service virtual machine, an operating system, a type of service data processed, a state of the service virtual machine not having a state detection component set, and an associated user requirement.
In an embodiment, after receiving the second request, the security management system may parse the second request to obtain the information, verify the information, generate a task list corresponding to the service virtual machine after the verification is completed, package the task list in a second data packet, and send the second data packet to the first device through the second connection.
In one embodiment, the authentication request may include a request to verify the operating system, the service type, the authorization, and the device identity of the service virtual machine.
In an embodiment, after the first device receives the second packet, the vmtools-host may parse the second packet to obtain the identification information of the service virtual machine set by the security management system, determine the service virtual machine from at least one virtual machine set in the first device, and send the task list to the service virtual machine via the virtual-server.
And C2, receiving a task list.
Illustratively, vmtools-guest in the service virtual machine may receive the task list and send the task list to the sf-allowed process, so that the sf-allowed performs parsing judgment on the task list.
As can be seen from the above, in the state detection method applied to the service virtual machine provided in the embodiment of the present application, when a communication connection is not established between the service virtual machine and the second device, the second request is sent to the first device, and the task list can also be received; the second request comprises an authentication request, the first device sets a target address of the second request to be a third address and sends the second request to the security management system, the security management system executes authentication operation on the service virtual machine based on the second request, a task list is generated and sent to the first device, the first device sends the task list to the service virtual machine, and the third address comprises an address of the security management system.
Therefore, according to the state detection method applied to the service virtual machine provided by the embodiment of the application, under the condition that the communication connection between the service virtual machine and the second device is not established, the authentication request can be sent to the security management system through the first device, and the task list sent by the security management system through the first device is received, so that the network requirement of the security management system on the authentication of the service virtual machine is reduced, and the flexibility of the service virtual machine for obtaining the task list is improved.
Based on the foregoing embodiment, the present application further provides another state detection method, which is applied to the first device. The first device is provided with a service virtual machine, a first connection is established between the first device and the second device, and the second device is stored with a state detection component.
It should be noted that the state detection method applied to the first device provided in the embodiment of the present application may be implemented by a processor of the first device, where the processor may be at least one of an ASIC, a DSP, a DSPD, a PLD, an FPGA, a CPU, a controller, a microcontroller, and a microprocessor.
Fig. 2 is a schematic flowchart of a state detection method applied to a first device according to an embodiment of the present application, and as shown in fig. 2, the flowchart may include the following steps:
The first request is sent under the condition that no communication connection is established between the service virtual machine and the second equipment and no state detection component is arranged in the service virtual machine.
And after receiving the first request, the second device obtains a state detection component corresponding to the service virtual machine and sends the state detection component to the first device.
And step 203, receiving and sending the state detection component to the service virtual machine.
As can be seen from the above, in the state detection method applied to the first device, when a communication connection is not established between the service virtual machine and the second device in which the state detection component is stored, the state detection component stored in the second device can be indirectly and automatically obtained through the first device, so that the process step of obtaining the state detection component by the service virtual machine is simplified, the degree of freedom and flexibility of obtaining the state detection component by the service virtual machine are improved, and the service virtual machine can automatically, intelligently and flexibly obtain the state detection component; moreover, the state in which the service virtual machine and the second device storing the state detection component do not establish a communication connection is usually an initialized state of the service virtual machine after creation is completed, so that the state detection method provided by the embodiment of the application also enables the service virtual machine to flexibly obtain the state detection component in real time after creation is completed, that is, after the service virtual machine is on-line, and thus the security of the service virtual machine in processing a service data flow can be greatly improved.
Based on the foregoing embodiment, in the state detection method applied to the first device provided in the embodiment of the present application, sending the first request to the second device may be implemented through steps D1 to D2:
and D1, obtaining a second address.
Wherein the second address comprises an address of the second device.
And D2, setting the target address of the first request as a second address.
And D3, sending the first request to the second equipment.
Correspondingly, receiving a first request for acquiring the state detection component sent by the service virtual machine includes:
and receiving a first request sent by the service virtual machine through the virtio-serial.
As can be seen from the above, in the state detection method applied to the first device provided in the embodiment of the present application, by means of the advantage that the virtual-service does not have a requirement on the network connection state of the service virtual machine and the setting operation of the first device on the target address of the first request, the service virtual machine can implement a data interaction function between the first device and the second device through the virtual-service when the communication connection is not established with the second device, so that the manner in which the service virtual machine obtains the state detection component is more flexible.
Based on the foregoing embodiment, in the state detection method applied to the first device provided in the embodiment of the present application, before receiving the first request for acquiring the state detection component sent by the service virtual machine, steps E1 to E2 may also be performed:
and E1, receiving a task list sent by the safety management system through the second connection.
The task list comprises a list of tasks to be processed by the service virtual machine; the second connection comprises a communication connection between the first device and the security management system; and communication connection is not established between the safety management system and the service virtual machine.
And E2, sending the task list to the service virtual machine so that the service virtual machine sends a first request to the first device when the task list comprises a task for acquiring the state detection component.
As can be seen from the above, in the state detection method applied to the first device, when the communication connection is not established between the service virtual machine and the security management system, the task list sent by the security management system can be obtained through the first device, so that flexible data transmission between the service virtual machine and the security management system is realized, and the network connection limitation of the service virtual machine for receiving the task list is reduced; and when the task list comprises the task of acquiring the state detection component, sending a first request to the first device, thereby realizing flexible control of the operation of acquiring the state detection component by the service virtual machine through the safety management system.
Based on the foregoing embodiment, in the state detection method applied to the first device provided in the embodiment of the present application, receiving the task list sent by the security management system may be implemented through steps F1 to F4:
and F1, receiving a second request sent by the service virtual machine.
Wherein the second request comprises an authentication request; the second request is sent without establishing a communication connection between the service virtual machine and the second device.
And F2, acquiring a third address, and setting the target address of the second request as the third address.
Wherein the third address comprises an address of a security management system.
And step F3, sending a second request to the security management system for the security management system to execute authentication operation, and generating and sending the task list to the first device.
And F4, sending the task list to the service virtual machine.
Therefore, the state detection method applied to the first device provided by the embodiment of the application can send the authentication request to the security management system through the first device and receive the task list sent by the security management system through the first device under the condition that the service virtual machine and the second device are not in communication connection, so that the network requirement of the security management system on the authentication of the service virtual machine is reduced, and the flexibility of obtaining the task list for the service virtual machine is improved.
Fig. 3 is a schematic structural diagram of a state detection component configuration window 3 according to an embodiment of the present application, and as shown in fig. 3, the state detection component configuration window 3 may include a first control 301, a second control 302, and a virtual machine form 303.
The first control 301 may include an installation setting option, and if the option is selected, it indicates that the virtual machine is enabled to automatically install the state detection component; the second control 302 is used to display the number of virtual machines not installed with a status detection component, such as the virtual machines (10 machines) not installed with a status detection component shown in the figure.
Wherein the virtual machine form 303 comprises a third control 3031 for manually selecting an installation status detection component, after the control is selected, at least one virtual machine installation status detection component can be selected and controlled in the virtual machine form 303.
Illustratively, the virtual machine form 303 may further include information presentation controls such as a status packet 3032, search controls 3033, a virtual machine name 3034, an IP address 3035, an operating system 3036, an installation status 3037, and an operation 3038; the state packet 3032 may display the virtual machines in a packet manner according to the installation state and the non-installation state; the search control 3033 may receive a virtual machine name input by a user, and search the virtual machine in the virtual machine form 303 based on the virtual machine name after the search control 3033 is triggered; the virtual machine name 3034 is used to display the names of virtual machines in a state where the state detection component is not installed, such as the first to sixth virtual machines shown in the figure; the IP address 3035 is used to display the IP address of each virtual machine corresponding to the virtual machine displayed by the virtual machine name 3034; the operating system 3036 is used to display the installed state of the state detection component of the virtual machine, such as the uninstalled state in fig. 3, as indicated by the virtual machine name 3034; operation 3038 is configured to display whether each virtual machine in the form is automatically installable, and if the installation option in operation 3038 is triggered, the virtual machine may be enabled to automatically acquire and install the status detection component.
Illustratively, the window shown in fig. 3 may be created in a component management system or a security management system, which may be manually set by a professional technician or a user.
Fig. 4 is a schematic structural diagram of a service virtual machine automatically acquiring and installing a state detection component according to an embodiment of the present application.
As shown in fig. 4, a service virtual machine 4011 is provided in the first device 401; a component management system 4021 is provided in the second device 402; illustratively, the component management system 4021 may store therein a status detection component (not shown in the figure); a security management system 4031 may be provided in the third device 403.
Exemplarily, sf-optional 40111 and vmtools-guest40112 may be set in the business virtual machine 4011; the first device 401 may have vmtools-host 4012 and virtio-serial 4013 for implementing data transfer between vmtools-host 4012 and vmtools-guest40112 disposed therein.
After the service virtual machine 4011 is created and switched to the running state, the sf-ansable 40111 process may detect the service virtual machine 4011, and if it is detected that a state detection component, such as an agent, is not set in the service virtual machine 4011, a second request may be generated and sent to the virtio-serial 4013 through the vmtools-guest 40112; the virtio-serial 4013 may transmit the second request to the vmtools-host 4012, and the vmtools-host 4012 sets a target address of the second request as an address of the third device 403 and a port corresponding to the security management system 4031, and sends the second request to the security management system 4031 through the second connection.
Illustratively, after receiving the second request, the security management system 4031 may parse the second request to determine whether the operating system of the service virtual machine, the service virtual machine have set the status detection component, and obtain the task list, package the task list in a second data packet, and send the second data packet to the first device 401 through the second connection; after receiving the second data packet, the first device 401 analyzes the second data packet, determines a service virtual machine 4011 from a plurality of virtual machines set therein, and then sends the task list to vmtools-guest40112 through vmtools-host 4012 via virtual-serial 4013, and then the vmtools-guest40112 shares the task list to sf-optional 40111; when the sf-anchor 40111 determines that the task list comprises the acquisition state detection component, a first request can be generated, and the first request is sent to vmtools-host 4012 through vmtools-guest40112 via virtio-serial 4013; vmtools-host 4012 sets a target address of the first request as an address of component management system 4021, such as an address of second device 402 and a port of component management system 4021, and sends the first request to component management system 4021 through the first connection based on the address; after the component management system 4021 sends the state detection component to the first device 401 through the first connection, the vmtools-host 4012 sends the state detection component to the vmtools-guest40112 through the vmtools-guest40112 via the virtual-serial 4013, so that the vmtools-guest40112 can share the state detection component to the sf-optional 40111, and after the sf-optional 40111 receives the state detection component, the installation script can be executed, the installation of the state detection component is completed, and the state detection component is started to execute the state detection operation.
Therefore, according to the state detection method provided by the embodiment of the application, under the condition that no communication connection is established between the service virtual machine and the second device in which the state detection component is stored, the state detection component stored in the second device can be indirectly and automatically obtained through the first device, so that the process steps of the service virtual machine for obtaining the state detection component are simplified, the degree of freedom and the flexibility of the service virtual machine for obtaining the state detection component are improved, and the service virtual machine can automatically, intelligently and flexibly obtain the state detection component; moreover, the state that the communication connection between the service virtual machine and the second device stored with the state detection component is not established is usually an initialization state of the service virtual machine after the creation is completed, so that the state detection method provided by the embodiment of the application also enables the service virtual machine to be capable of flexibly acquiring the state detection component in real time after the creation is completed, that is, after the service virtual machine is online, and thus, the security of the service virtual machine for processing the service data flow can be greatly improved.
Based on the foregoing embodiment, the embodiment of the present application further provides a service virtual machine 4011, where the service virtual machine is disposed in the first device; fig. 5 is a schematic structural diagram of a service virtual machine 4011 provided in this embodiment of the application, as shown in fig. 5, the virtual machine may include a first processor 501 and a first memory 502; the first memory 502 stores a computer program, and when the first processor 501 executes the computer program, the state detection method applied to the service virtual machine as provided in any of the foregoing embodiments can be implemented.
Based on the foregoing embodiments, an embodiment of the present application further provides a first device 401, fig. 6 is a schematic structural diagram of the first device 401 provided in the embodiment of the present application, and as shown in fig. 6, the device may include a second processor 601 and a second memory 602, where the second memory 602 stores a computer program, and when the computer program is executed by the second processor 601, the state detection method applied to the first device as provided in any of the foregoing embodiments can be implemented.
Illustratively, the first processor and the second processor may be at least one of an ASIC, a DSP, a DSPD, a PLD, an FPGA, a CPU, a controller, a microcontroller, and a microprocessor; the first Memory and the second Memory may be volatile memories (RAMs), such as Random Access Memories (RAMs); or a non-volatile Memory (non-volatile Memory), such as a Read-Only Memory (ROM), a flash Memory (flash Memory), a Hard Disk Drive (Hard Disk Drive, HDD) or a Solid State Disk (SSD); or a combination of the above types of memories and provides instructions and data to the first processor as well as the second processor.
Based on the foregoing embodiments, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored in the storage medium, and when the computer program is executed by a processor, the method for detecting a state of a service virtual machine or a first device as described in any previous embodiment can be implemented.
The foregoing description of the various embodiments is intended to highlight different aspects of the various embodiments that are the same or similar, which can be referenced with one another and therefore are not repeated herein for brevity.
The methods disclosed in the method embodiments provided by the present application can be combined arbitrarily without conflict to obtain new method embodiments.
The features disclosed in the various product embodiments provided in the present application may be combined arbitrarily without conflict, to arrive at new product embodiments.
The features disclosed in the various method or apparatus embodiments provided herein may be combined in any combination to arrive at new method or apparatus embodiments without conflict.
The computer-readable storage medium may be a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Programmable Read Only Memory (EPROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a magnetic Random Access Memory (FRAM), a Flash Memory (Flash Memory), a magnetic surface Memory, an optical Disc, or a Compact Disc Read-Only Memory (CD-ROM); and may be various electronic devices such as mobile phones, computers, tablet devices, personal digital assistants, etc., including one or any combination of the above-mentioned memories.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a component of' 8230; \8230;" does not exclude the presence of another like element in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present application are merely for description, and do not represent the advantages and disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus necessary general hardware nodes, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method described in the embodiments of the present application.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are included in the scope of the present application.
Claims (11)
1. A state detection method is characterized in that the method is applied to a service virtual machine; the service virtual machine is arranged in the first equipment; a first connection is established between the first device and the second device; a state detection component is stored in the second equipment; the method comprises the following steps:
under the condition that the communication connection between the service virtual machine and the second equipment is not established, if the state detection component is not set in the service virtual machine, sending a first request for acquiring the state detection component to the first equipment, so that the first equipment can send the first request to the second equipment through the first connection; the second device responds to the first request and sends the state detection component to the first device, so that the first device sends the state detection component to the service virtual machine;
receiving the state detection component sent by the first device;
and executing state detection operation on the service virtual machine through the state detection component.
2. The method of claim 1, wherein sending a first request to the first device to obtain the status detection component comprises:
obtaining a first address; wherein the first address comprises an address of the first device;
based on the first address, sending the first request to the first equipment through a virtio-serial so that the first equipment can set a target address of the first request as a second address, and sending the first request to the second equipment; wherein the second address comprises an address of the second device.
3. The method of claim 1, wherein sending a first request to the first device to obtain the status detection component comprises:
receiving a task list sent by the first equipment; the task list comprises a list of tasks to be processed by the virtual machine, which are sent to the first equipment by the security management system through a second connection; communication connection is not established between the service virtual machine and the safety management system; the second connection comprises a communication connection between the security management system and the first device;
and if the task list comprises the task of acquiring the state detection component, sending the first request to the first equipment.
4. The method of claim 3, wherein the receiving the task list sent by the first device comprises:
sending a second request to the first device under the condition that the communication connection is not established between the service virtual machine and the second device; wherein the second request comprises an authentication request; the first device sets the target address of the second request as a third address and sends the second request to the security management system; the security management system executes authentication operation on the service virtual machine based on the second request, generates and sends the task list to the first device, so that the first device sends the task list to the service virtual machine; the third address comprises an address of the security management system;
and receiving the task list.
5. A state detection method, characterized in that the method is applied to a first device; a service virtual machine is arranged in the first equipment; a first connection is established between the first equipment and the second equipment; a state detection component is stored in the second device; the method comprises the following steps:
receiving a first request for acquiring the state detection component, which is sent by the service virtual machine; wherein the first request is sent without establishing a communication connection between the service virtual machine and the second device and without setting the state detection component in the service virtual machine;
sending the first request to the second device over the first connection; after receiving the first request, the second device obtains the state detection component corresponding to the service virtual machine, and sends the state detection component to the first device;
and receiving and sending the state detection component to the service virtual machine.
6. The method of claim 5, wherein sending the first request to the second device comprises:
obtaining a second address; wherein the second address comprises an address of the second device;
setting a target address of the first request as the second address;
sending the first request to the second device;
the receiving of the first request for acquiring the state detection component sent by the service virtual machine includes:
and receiving the first request sent by the service virtual machine through a virtio-serial.
7. The method of claim 5, wherein prior to receiving the first request sent by the service virtual machine to acquire the status detection component, the method further comprises:
receiving a task list sent by a safety management system through a second connection; the task list comprises a list of tasks to be processed by the service virtual machine; the second connection comprises a communication connection between the first device and the security management system; communication connection is not established between the safety management system and the service virtual machine;
and sending the task list to the service virtual machine so that the service virtual machine sends the first request to the first device when the task list comprises a task for acquiring the state detection component.
8. The method of claim 7, wherein receiving the task list sent by the security management system comprises:
receiving a second request sent by the service virtual machine; wherein the second request comprises an authentication request; the second request is sent without establishing a communication connection between the service virtual machine and the second device;
obtaining a third address, and setting a target address of the second request as the third address; wherein the third address comprises an address of the security management system;
sending the second request to the security management system, so that the security management system can execute authentication operation, generate and send the task list to the first device;
and sending the task list to the service virtual machine.
9. A service virtual machine is characterized in that the service virtual machine is arranged in first equipment; the business virtual machine comprises a first processor and a first memory, wherein: the first memory has a computer program stored therein; the first processor, when executing the computer program, is capable of implementing a state detection method as claimed in any one of claims 1 to 4.
10. A first device, wherein the first device comprises a second processor and a second memory; wherein the second memory has stored therein a computer program; the second processor, when executing the computer program, is capable of implementing a state detection method as claimed in any one of claims 5 to 8.
11. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, is able to carry out a state detection method according to any one of claims 1 to 4 or 5 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211258197.XA CN115658221A (en) | 2022-10-13 | 2022-10-13 | State detection method, service virtual machine, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211258197.XA CN115658221A (en) | 2022-10-13 | 2022-10-13 | State detection method, service virtual machine, equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115658221A true CN115658221A (en) | 2023-01-31 |
Family
ID=84987177
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211258197.XA Pending CN115658221A (en) | 2022-10-13 | 2022-10-13 | State detection method, service virtual machine, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115658221A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117193936A (en) * | 2023-08-28 | 2023-12-08 | 北京志凌海纳科技有限公司 | Virtual machine management method, device and equipment under super fusion architecture |
-
2022
- 2022-10-13 CN CN202211258197.XA patent/CN115658221A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117193936A (en) * | 2023-08-28 | 2023-12-08 | 北京志凌海纳科技有限公司 | Virtual machine management method, device and equipment under super fusion architecture |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9875353B2 (en) | Log information generation apparatus and recording medium, and log information extraction apparatus and recording medium | |
| US9838414B2 (en) | System and method for a security asset manager | |
| US10812597B2 (en) | Content delivery network (CDN) management system, method, and apparatus | |
| CN107534647B (en) | System, computing device, and storage medium for transmitting startup script | |
| US8463885B2 (en) | Systems and methods for generating management agent installations | |
| US20100106804A1 (en) | System and method for processing local files using remote applications | |
| CN106789535B (en) | IP access method and device of SSL VPN | |
| US20140052849A1 (en) | Sensor-based Detection and Remediation System | |
| CN108289074B (en) | User account login method and device | |
| CN112272177A (en) | Method for deploying honey net trapping nodes in batches | |
| US7447751B2 (en) | Method for deploying a virtual private network | |
| CN111737232A (en) | Database management method, system, device, equipment and computer storage medium | |
| CN114124584A (en) | Method, device and system for remotely accessing office network, network access equipment and medium | |
| CN115658221A (en) | State detection method, service virtual machine, equipment and medium | |
| CN113032805B (en) | Data access method and device, electronic equipment and storage medium | |
| CN111935195B (en) | Distributed system management method, device, storage medium and distributed management system | |
| CN113645314A (en) | Private cloud deployment method and server | |
| CN109451497B (en) | Wireless network connection method and device, electronic equipment and storage medium | |
| CN107659621B (en) | RAID control card configuration method and device | |
| WO2014079489A1 (en) | Methods and systems for managing access to a location indicated by a link in a remote access system | |
| CN110022310B (en) | Authorization method and device based on cloud computing open network operating system | |
| US10216926B2 (en) | Isolation of untrusted code in operating system without isolation capability | |
| US11487570B1 (en) | Efficient creation of endpoints for accessing services directly within a cloud-based system | |
| US20130246629A1 (en) | Connecting to a Cloud Service for Secure Access | |
| CN114629683B (en) | Access method, device, equipment and storage medium of management server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |