CN2660799Y - Single PC source recombination type network security isolator - Google Patents
Single PC source recombination type network security isolator Download PDFInfo
- Publication number
- CN2660799Y CN2660799Y CN 200320104486 CN200320104486U CN2660799Y CN 2660799 Y CN2660799 Y CN 2660799Y CN 200320104486 CN200320104486 CN 200320104486 CN 200320104486 U CN200320104486 U CN 200320104486U CN 2660799 Y CN2660799 Y CN 2660799Y
- Authority
- CN
- China
- Prior art keywords
- network
- module
- control module
- resource
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
A single PC resource recombinant network security isolation device is characterized in that the device includes a signal input device 1 and/or a pressing key input module3, a central processor 5, at least two network channel control modules, a hardware power control module 13 and network output interface 14; wherein, the signal input device is connected with the I/O port of the central processor through a signal pre-processor, the pressing key input module output is connected with the I/O of the central processor, and an instruction memory, a resource arrangement module and a main board state monitoring port are connected with the central processor in the way of busbar; the output terminal of the central processor control signal is respectively connected with the network channel control module and a hardware power control module, and each network channel control module is connected with the network output module connected with network card of the machine. The utility model can be used for switching of more than one network, and each network can be corresponding to local or remote storage resource, with the function of flexibility, strong adaptation, low investment and completely physical separation of network.
Description
Technical field
The utility model is a kind of local resource network security isolation technology capable of being combined that possesses, but realizes that the work station storage resources makes up distribution, but in each network the storage resources computer network security spacer assembly of overlapping other resource sharings not.
Background technology
Along with the maturation and the high speed development of network technology and technique of internet, increasing enterprises and institutions begin the information that building network is realized office automation and shared internet.But safety problem also appears suddenly out, hacker's invasion, and inside information problem such as divulge a secret is continuous.Recognize that from national IT application leading group's first session national authorities will be E-Government as the emphasis of China's information work in period from now on, its focus of work is will set up a safety and unified electronic government affair network.The electronic government affair network of China will be made of " government affairs Intranet " and " government affairs outer net ", and take physical isolation between " private network " (scientific research net, finance net etc.) two or three net of internal institution special use, and logic connects between government affairs outer net and the internet.Wherein the government affairs Intranet mainly is the office net of secondary government affairs above the provincial level department, with the provincial following government affairs department of pair office net physical isolation.The government affairs outer net is the government services private network, mainly moves the professional service industry that government affairs department gears to the needs of the society and does not need business in interior online operation.
Avoid illegal invasion at network how to protect the work station place; and how same computer problem such as switches between inside and outside net; people have designed the intranet and extranet isolation card; as publication number is the Chinese patent " network security computer with single motherboard " of CN1281190A; realize same the various switching that stands between the inside and outside net with a kind of network selector; with isolation and the switching that is connected physically, ensure the safety of internal-external network.This Network Physical Separator comes down to by increasing a hard disk, utilizes switching internal, the outer net hard disk to reach the purpose of Network Isolation.
But there are some defectives in this method: because there are two cover storage mediums in work station, not only increased equipment cost, brought difficulty also for network and the maintenance of doing the station, increased the work of maintenance personnel amount and checked difficulty; If aggressive program (Hacker Program and worm) exists and is distributed in the storage medium of work station, will cause great threat to network security, because all there are two cover storage mediums in each work station, also caused great obstacle simultaneously to knowing work.And this " network security computer with single motherboard " device can not be used for plural network and isolate.
Simultaneously,, this switching mode switches owing to can not being used for plural network, but and the memory device of each network correspondence, but can only be local storage resources, can not use remote storage resource such as network.
Summary of the invention
The purpose of this utility model is the defective that overcomes prior art, adopt a kind of local resource network security isolation technology capable of being combined that possesses, a kind of safer, management maintenance of being more convenient for is provided, but can be used for to plural network switch and the memory device of each network correspondence both local, but also single PC resource recombinant type network safety isolator of remote storage resource.
For achieving the above object, the technical scheme that the utility model is taked is as follows: but promptly a kind of single PC resource recombinant type network safety isolator, comprise the signal loader and or keyboard input module, center processor, command memory, resource module, mainboard state monitoring module, control selector, at least two network channel control modules, hard disks power supply control module and network input interfaces are set.Wherein the signal loader is connected with the I/O mouth of center processor by Signal Pretreatment, the keyboard input module output is connected with the I/O mouth of center processor, and command memory, resource are provided with module, mainboard status monitoring interface is connected with center processor by bus mode; The center processor control signal output ends connects network channel control module and hard disk power supply control module respectively, each network channel control module is connected with network output module on this machine of being connected network interface card, or connecting network channel control module and hard disk power supply control module respectively by the control selector, each network channel control module is connected with network output module on this machine of being connected network interface card.
The beneficial effects of the utility model are: the connection of network input can be multiselect one control of two or more network of network inputs, and one or more hard disk resource of local hard drive resource select combined control.And except local local hard drive can be stored, but also can be to the Combination Control of telecommunication network storage resources.This utility model have use flexibly, adaptability is strong, reduce investment outlay, reduce maintenance, the physically-isolated function of complete network.
Description of drawings
The embodiment of the indefiniteness that structure of the present utility model can provide by accompanying drawing further specifies.
Fig. 1 is circuit theory diagrams of the present utility model.
Embodiment
Referring to accompanying drawing: to be the user send instruction and return the link of isolator implementation status to isolator by computer signal loader 1, and what adopt among the embodiment is the PS/2 interface.
The signal that signal preprocessor 2 is used for the input of distinguishing signal loader spreads not effectively, and invalid data abandon, and active data converts corresponding instruction to and flows to center processor.Can adopt the R232 chip.
Keyboard input module 3 is used to the user to provide directly and selects to the button of safety insulating device.Send instruction by I/O to center processor by it, and the execution result of receiving center processor.
Power supply module 4 is modules that relevant voltage is provided for the operation of center processor and relevant control circuit.
Whether center processor 5 is used to receive the instruction of importing with process user, directly or by the corresponding network and the hard disk resource of the control of control selector can use.Can adopt the 89C51 family chip.
Command memory 6 is an eprom memory, is used to store the right instructions that the user sends to the network security isolator for the last time.
Resource is provided with module 7 and is toggle switch or jumper switch, but is used for the combination setting to Internet resources and storage resources.
Mainboard monitoring interface 8: plain mode is the reset terminal that directly connects this machine PCI slot and center processor.Be used to monitor the reset signal that mainboard sends, in case the reset signal of receiving is promptly sent instruction to center processor.
Control selector 9: be the one-to-many connector, the instruction that it can send according to center processor is sent which resource user of commands for controlling to each control module and can be used.
Adopt 3 network channel control modules in the present embodiment, promptly Intranet passage control module 10 is controlled the instruction of selecting it by it, and whether control inner-mesh network resource is available; Outer net passage control module 11, by its instruction according to the control selector, whether control outer net Internet resources are available: private network passage control module 12, by its instruction according to the control selector, whether control private network Internet resources are available.Described 3 network channel control modules all adopt the switch relay group to realize.
Hard disk control module 13 adopts the switch relay group to realize, is used for the instruction according to control selector 9, and whether control four hard disk output interfaces has voltage output.
Network output interface 14 is connected on the network interface card of the computer that this spacer assembly is installed, and network and this machine network interface card that sub-control module allows to use are connected.
State display module 15 adopts light-emitting diode group to constitute, and it can show which resource user can use according to the instruction that center processor sends.
Operation principle of the present utility model is as follows:
1, when the user use a computer serial ports by the signal loader after the network security isolator sends an order that switches to internal network, the instruction that signal transmission device sends the user is connected with signal preprocessor by special-purpose I/O interface and transmits data.Signal preprocessor is verified after receiving data.If the data fit requirement then becomes data transaction corresponding instruction to send to center processor by the I/O interface of special use.After center processor is received instruction, at first resource is provided with module check, determines that the user switches the operable resource in back, this resource information is write command memory, and return the signal that an instruction is carried out to signal preprocessor.At last return to message that runs succeeded of computer user by the signal loader by signal preprocessor.
After the user restarted computer, computer was guiding the computer-chronograph mainboard to send reset signal to each parts of computer again.After the mainboard state monitoring module of safety isolator detects the mainboard reset signal, notify center processor immediately.Center processor is received after the reset signal and to be controlled the operating state of each submodule by the control selector according to the state of storing in the command memory.Intranet passage control module is connected, and inner-mesh network input and network input interface are connected, and the computer network interface card and the Intranet that allow the user operate are communicated with.The outer net control module disconnects, and outer net can not be connected with this machine network interface card.The private network control module disconnects, and private network can not be connected with this machine network interface card.The hard disk supply module is provided with the setting of module according to resource, when the user uses Intranet, can only use the network remote storage resources, and four output ports of hard disk control module are all with voltage output (the local hard drive resource is unavailable).The instruction rear center's processor that runs succeeded is that module is sent instruction to state, shows present user's available resources.
2, use keyboard input module after the network security isolator sends an order that switches to the private network network as the user, the instruction that keyboard input module sends the user is by special-purpose I/O interface and center processor swap data.After center processor is received instruction, at first resource is provided with module inspection, determine the user switch the back operable resource, this resource information is write in the command memory.
After the user restarted computer, computer guided the computer-chronograph mainboard to send reset signal to each parts of computer again.After the mainboard monitoring modular of safety isolator detects the mainboard reset signal, notify center processor immediately.Center processor is received after the reset signal and to be controlled the operating state of each submodule by the control selector according to the state in the command memory.Intranet passage control module disconnects, and Intranet can not be connected with this machine network interface card.The outer net control module disconnects, and outer net can not be connected with this machine network interface card.The private network control module is connected, and the input of private network network is communicated with the network output interface, and the computer network interface card and the private network that allow the user operate are communicated with.The hard disk supply module is provided with the setting of module according to resource, when the user uses private network, can use the resource of local hard drive 1, the resource of having only local hard drive power supply output 1 in four output ports of hard disk control module, have only local hard drive power supply output 1 that voltage output is arranged in four output interfaces of hard disk control module, remaining three output port is not all exported with voltage.
Claims (1)
- But 1, a kind of single PC resource recombinant type network safety isolator is characterized in that: comprise that signal loader (1) and/or keyboard input module (3), central processing unit (5), command memory (6), resource are provided with module (7), mainboard state monitoring module (8), at least two network channel control modules, hard disk power supply control module (13) and network output interfaces (14); Wherein the signal loader is connected with the I/O mouth of center processor by signal preprocessor, keyboard input module output connects with the I/O mouth of center processor, and command memory, resource are provided with module, mainboard status monitoring interface is connected with center processor by the mode of bus; The center processor control signal output ends connects network channel control module and hard disk power supply control module respectively, or connects network channel control module and hard disk power supply control module respectively by the control selector; Each network channel control module is connected with network output module on this machine of being connected network interface card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200320104486 CN2660799Y (en) | 2003-12-18 | 2003-12-18 | Single PC source recombination type network security isolator |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200320104486 CN2660799Y (en) | 2003-12-18 | 2003-12-18 | Single PC source recombination type network security isolator |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2660799Y true CN2660799Y (en) | 2004-12-01 |
Family
ID=34340887
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200320104486 Expired - Lifetime CN2660799Y (en) | 2003-12-18 | 2003-12-18 | Single PC source recombination type network security isolator |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2660799Y (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101849437A (en) * | 2007-09-07 | 2010-09-29 | 阿诺德·曾德 | Method and system for control and power supply of at least one electrical consumer |
-
2003
- 2003-12-18 CN CN 200320104486 patent/CN2660799Y/en not_active Expired - Lifetime
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101849437A (en) * | 2007-09-07 | 2010-09-29 | 阿诺德·曾德 | Method and system for control and power supply of at least one electrical consumer |
| CN101849437B (en) * | 2007-09-07 | 2015-05-06 | 阿诺德·曾德 | Method and system for control and power supply of at least one electrical consumer |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104615401B (en) | One kind realizes KVM methods based on FPGA | |
| CN102662369A (en) | System integration comprehensive management control system | |
| CN103036876B (en) | A kind of Integral computer equipment and application thereof realizing unified operation under Network Isolation state | |
| CN209627406U (en) | One-way import system is isolated in inter-network based on radio-frequency technique | |
| CN2660799Y (en) | Single PC source recombination type network security isolator | |
| CN2337611Y (en) | Safety network computer capable of simultaneously connecting internal network and external network | |
| CN203465646U (en) | Integrated multi-functional built-in multiple host master switch board | |
| CN1283826A (en) | Single-motherboard network security computer | |
| CN101699457A (en) | Computer interface signal transmission management system and interface monitoring method | |
| CN216162725U (en) | Data network shutdown machine | |
| CN1567263A (en) | Signal manager of mouse, keyboard and display applied to cluster | |
| CN1152317C (en) | Secret related computer | |
| CN203313298U (en) | Signal switching apparatus | |
| CN1220132C (en) | Intelligent type switcher for computers | |
| CN1421794A (en) | Network safety control equipment based on physical isolation and data exchange monitoring | |
| CN2907103Y (en) | Dual-network electronic switch | |
| CN1504915A (en) | Method and apparatus for multi machines switching | |
| CN110806810A (en) | Data control system based on KVM | |
| CN216391046U (en) | Telecontrol communication isolating device with bypass control | |
| CN216795016U (en) | Safety monitoring device suitable for industrial control network | |
| CN2580699Y (en) | Web-linkage device for building office application network | |
| CN1410897A (en) | Method of constructing office work application network and its device | |
| CN218570292U (en) | Multi-path HDMI switching module | |
| CN219800206U (en) | Access control device based on Ethernet communication protocol | |
| CN2454798Y (en) | Network synchronous switch-over apparatus for physical separation of internal and external nets |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CX01 | Expiry of patent term |
Expiration termination date: 20131218 Granted publication date: 20041201 |