CN104811335A - Method for realizing network target range system and network target range management system - Google Patents
Method for realizing network target range system and network target range management system Download PDFInfo
- Publication number
- CN104811335A CN104811335A CN201510135478.XA CN201510135478A CN104811335A CN 104811335 A CN104811335 A CN 104811335A CN 201510135478 A CN201510135478 A CN 201510135478A CN 104811335 A CN104811335 A CN 104811335A
- Authority
- CN
- China
- Prior art keywords
- network
- target range
- resource
- sdn
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
Abstract
The invention discloses a method for realizing a network target range system and a network target range management system, and aims at solving the problem that a network topology structure cannot be rapidly defined and/or changed and/or expanded. The method for realizing the network target range system comprises that an SDN controller calls global network resource; a cloud computing management platform calls computing resource and storage resource; the SDN controller defines the network topology, copies a subnet and isolates the network; the SDN controller distributes a network flow table to SDN switches; and the SDN switches utilize the computing resource and the storage resource in the called network to implement management. Thus, the computing resource, the storage resource and the network resource of the network target range system are scheduled and managed in a uniformed manner, the network topology structure which can be defined rapidly and flexibly required by the network target range system is realized, the network topology can be rapidly and flexibly changed, and the network scale of the target range experiment can be rapidly and flexibly expanded.
Description
Technical field
The invention belongs to technical field of network information safety, be specifically related to a kind of method and the network target range management system that realize network target range system.
Background technology
Network security occurs along with the generation of network, along with network penetration is to each aspect of society, country, people's lives, network security also seems more and more important, and an effective analog platform is built in a controlled environment, simulating the various cyber attack scenarios that may meet with, is a kind of effective way improving network security performance.
Current, network is defined as war space, and the analogue simulation of network-combination yarn has become the important way of training " network soldier ".In order to protect the network security of the U.S., strengthen its network warfare ability, on May 1st, 2008, Defence Advanced Research Projects Agency of U.S. (DARPA) Strategic Technology Office issues the bulletin about " national network target range " the Project-developing work of expansion." national network target range " project has been since the 1950's implements " artificial earth satellite plan ", the unique items that the U.S. directly can assign to DARPA.The construction object in this target range is, network-combination yarn operation that is virtually reality like reality provides virtual environment, tests, to realize the major transformation of network warfare ability, win network war for electronic warfare means such as hostile electronic attack and network attacks.At present, U.S. army has established the network target range be made up of grey net, yellow net, black net, green net four sub-networks.Britain also establishes the network target range of simulation the Internet, and wherein having a kind of is the laboratory being called as " honey jar " system be present in real network.
2013, Science and Technology Ltd. of Qihoo 360 and China domestic Duo Jia prestigious colleges and universities cooperation building network attacking and defending laboratory, build multi-level network under battle conditions " target range ", simultaneously, network security technology personnel for domestic and international every aspect provide the scene experiencing network " target practice ", and co-host the network-combination yarn athletic competition towards college student.At the beginning of 2014, Huadi Computer Group Co., Ltd. also starts research, the design and development of network target range platform, for military training ensures that the analog platform that field (as network-combination yarn dual training, online military exercise etc.) provides network-combination yarn to fight is laid a good foundation.
For a network target range, needing to consider the many aspects such as entity, platform, communication, data, management, is the reproduction to real complex network environment.And in reality, in a lot of situation of network objectives, be not isolated equipment or system, but network configuration of certain scale, in order to simulate multiple different attack and defense mechanism, need the worn-out end overcoming independent target drone, target range is built and as far as possible close to real network environment, target range will be based upon a high unity, build in the middle of identical comprehensive system.This just needs United Dispatching and the various available resources of management on the one hand, also needs in addition constantly to change topological structure to simulate and to innovate different pursuit-evasion strategy.
At present, the exploitation in network target range is normally based on cloud computing platform.Pass through cloud computing platform, " network target range " system architecture achieves the dispatching management of computational resource, storage resources and Internet resources, but can not the definition of fast and flexible and/or changed network topological structure, also cannot the expansion realizing network target range scale of fast and flexible.
Summary of the invention
The embodiment provides a kind of method and the network target range management system that realize network target range system, with fast, definition and/or the topological structure in changed network target range and the expansion of network size flexibly.
According to an aspect of the present invention, provide a kind of method realizing network target range system, described method comprises:
Global network resource is called by SDN controller;
Computational resource and storage resources is called by cloud computing management platform;
SDN controller define grid topology, copy subnet, isolation network;
SDN controller issues network flow table to managed SDN switch;
SDN switch is according to the message of described network flow table switching network target range internal system across physical server, in defined described network topology structure, utilize computational resource and storage resources to carry out user management, safety management, monitoring resource, realize network target range system.
In such scheme, described SDN controller define grid topology comprises: in the server of network target range internal system, gateway, SDN switch, arrange distributed control node, SDN controller unified distributed control node that controls based on called global network resource calls localized network resource, the topological structure of define grid target range system.
In such scheme, described method also comprises:
SDN switch is set to encapsulation and decapsulation that GRE gateway carries out GRE tunnel message.
In such scheme, described method also comprises:
In described network target range, internal system arranges SDN gateway, carries out network switch by SDN switch and SDN gateway, integrated isomery physical resource.
In such scheme, described computational resource and the storage resources of utilizing in defined described network topology structure carries out user management, safety management, monitoring resource, comprise: call localized network resource by the described distributed control node arranged in switch, in the corresponding described localized network resource of network target range internal system, utilize computational resource, storage resources to carry out user management, safety management, monitoring resource.
According to another aspect of the present invention, additionally provide a kind of network target range management system, described system comprises: at least one SDN controller, some SDN switch, cloud computing platform, network target range system; Wherein,
Described SDN controller is connected with described network target range system with cloud computing platform, and described SDN switch is connected with described SDN controller;
Described SDN controller is used for calling global network resource, and for define grid topology, copy subnet, isolation network, and issue network flow table to the SDN switch be connected with described SDN controller;
Described cloud computing management platform is used for calling computational resource and storage resources;
Described SDN switch exchanges the message of described network target range internal system across physical server according to described network flow table, utilizes computational resource and storage resources to carry out user management, safety management, monitoring resource in defined described network topology structure.
In such scheme, described network target range management system also comprises distributed control node, and described distributed control node is arranged in the server of network target range internal system, gateway, SDN switch;
Described SDN controller also calls localized network resource, the topological structure of define grid target range system for the distributed control node that controls unified based on called global network resource.
In such scheme, described SDN switch is also for carrying out encapsulation and the decapsulation of GRE tunnel message.
In such scheme, described network target range management system also comprises: SDN gateway, and described SDN gateway is arranged on described network target range internal system, for carrying out network switch with described SDN switch, and integrated isomery physical resource.
In such scheme, described distributed control node is used for calling localized network resource, and described switch also utilizes computational resource, storage resources to carry out user management, safety management, monitoring resource in the described localized network resource called according to distributed control node.
The technical scheme provided as can be seen from the above embodiment of the present invention, the method in what the present embodiment provided realize network target range, global network resource is called by SDN controller, call computational resource and storage resources by cloud computing management platform simultaneously, achieve the unification of Internet resources, computational resource, storage resources, jointly form a resource pool by above-mentioned resource, carry out the unified distribution of resource, scheduling, management; Again by SDN controller define grid topology, copy subnet, isolation network, as carried out the definition of network topology by the mode of each Node configuration distributed control node inner in network target range, SDN controller issues network flow table to managed SDN switch simultaneously, SDN switch is according to the message of described network flow table switching network target range internal system across physical server, in defined described network topology structure, utilize computational resource and storage resources to carry out user management, safety management, monitoring resource, thus realize network target range system.Present invention achieves the United Dispatching of the computational resource of network target range system, storage resources and Internet resources, management, achieve the fast and flexible define grid topological structure required by the system of network target range simultaneously, fast and flexible realizes the change of network topology, and fast and flexible realizes target range Experimental Network Expansion.
Accompanying drawing explanation
Fig. 1 is the method flow diagram that the specific embodiment of the invention realizes network target range system;
Fig. 2 is specific embodiment of the invention network target range management system internal structure schematic diagram;
Fig. 3 is preferred embodiment of the present invention network target range management system configuration diagram.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly understand, below in conjunction with embodiment also with reference to accompanying drawing, the present invention is described in more detail.Should be appreciated that, these describe just exemplary, and do not really want to limit the scope of the invention.In addition, in the following description, the description to known features and technology is eliminated, to avoid unnecessarily obscuring concept of the present invention.
The embodiment of the present invention realizes network target range system, based on SDN and cloud computing, by calling SDN controller and cloud computing platform, realizes the unified management of Internet resources, computational resource, storage resources.Below in conjunction with the drawings and specific embodiments, the present invention is described in detail.
Fig. 1 is the method flow diagram that the specific embodiment of the invention realizes network target range system.
As shown in Figure 1, the method that embodiment of the present invention realizes network target range system comprises the steps:
Step S101, calls global network resource by SDN controller.
In this step, SDN controller is at least one.If multiple, then carry out work compound or separate operaton as required.Here SDN controller is the total command device realizing network target range system, make network target range system by building self-defining network template, possesses the ability copying extensive subnet, possesses the ability copying business and combat net radio network and control system simultaneously, so, can carry out multinomially independently synchronously testing on same basic framework, improve the practicality in network target range.
That is, the realization of embodiment of the present invention network target range system is based on SDN framework.Target range system based on SDN framework realizes network virtualization by Overlay technology.The essence of Overlay technology is the tunneling technique of L2 over IP, adopts L2 over GRE(GRE to encapsulate two layer message).
Step S102, calls computational resource and storage resources by cloud computing management platform.
This step and step S101, out-of-order requirement, preferentially can perform step S101 as required, also preferentially will perform step S102, also can two steps perform simultaneously.Preferably, step S101 and step S102 carries out simultaneously.By to Internet resources, computational resource, the calling of storage resources, construct a unified resource pool, achieve the unified distribution to network target range resource, scheduling, management.Calling here to resource, defines the mode of software and configuration parameter by SDN controller.By software definition and parameter configuration, realize the automatic management in network target range and the fast construction of target range experimental situation, target range Experimental Network scale easily extensible can be realized.
Step S103, SDN controller define grid topology, copy subnet, isolation network.
In this step, SDN controller define grid topology, can be realized by distributed control node.Concrete, SDN controller arranges distributed control node in the server of network target range internal system, gateway, SDN switch, SDN controller unified distributed control node that controls based on called global network resource calls localized network resource, the topological structure of define grid target range system, the forwarding performance of virtual network, thoroughly can isolate virtual experimental network, the various complex network environments needed for simulated experiment.
Step S104, SDN controller issues network flow table to managed SDN switch.
Here, SDN switch also as the gateway of GRE or the mode by bearing GRE gateway function, can carry out encapsulation and the decapsulation of GRE tunnel message.Compared to the tunnel encapsulation decapsulation realizing GRE with server, better by the performance of SDN switch, and the cpu resource of server can be saved greatly.
Step S105, SDN switch is according to the message of described network flow table switching network target range internal system across physical server, in defined described network topology structure, utilize computational resource and storage resources to carry out user management, safety management, monitoring resource, realize network target range system.
In this step, can the distributed control node controlled by SDN controller be set in SDN switch.The virtual switch (Virtual Switch) that hardware management SDN switch and server run is carried out by distributed control node, can according to the demand flexible configuration virtual network topology of user, thus simulate the network application scene of multiple industry multiple business, realize the self-defined of Range Environment.That is, call localized network resource by the described distributed control node arranged in switch, in the corresponding described localized network resource of network target range internal system, utilize computational resource, storage resources to carry out user management, safety management, monitoring resource.
In addition, the embodiment of the present invention can also arrange SDN gateway in network target range internal system in described network target range internal system, carries out network switch, integrated isomery physical resource by SDN switch and SDN gateway.
SDN gateway can realize that double layer network in network configuration is virtual, the network basic service such as three layers of routing forwarding, four layer address mapping, supports numerous characteristics such as safety, load balancing, master-slave equipment and High Availabitity simultaneously.When needing integrated various isomery physical resource (as fire compartment wall) in network Range Environment, by the network switching function of SDN switch and SDN gateway, carry out integrated various isomery physical resource, manage large scale scale heterogeneous system (node), and newly can add node by fast integration, generate and integrated new equipment copy fast, integrated newest standards and agreement, ensure that the forwarding performance of virtual network simultaneously.
Embodiment of the present invention is by the unified call to Internet resources, computational resource, storage resources, achieve the fast and flexible define grid topological structure required by the system of network target range, fast and flexible realizes the change of network topology, and fast and flexible realizes target range Experimental Network Expansion.
Fig. 2 is specific embodiment of the invention network target range management system internal structure schematic diagram.
As shown in Figure 2, the present embodiment mode network target range course management system comprises: at least one SDN controller 01, some SDN switch 03, cloud computing platform 02, network target range system 04; Wherein,
Described SDN controller 01 is connected with described network target range system 04 with cloud computing platform 02, and described SDN switch 03 is connected with described SDN controller 01;
Described SDN controller 01 for calling global network resource, and for define grid topology, copy subnet, isolation network, and issue network flow table to the SDN switch be connected with described SDN controller;
Described cloud computing management platform 02 is for calling computational resource and storage resources;
Described SDN switch 03 exchanges the message of system 04 inside, described network target range across physical server according to described network flow table, utilizes computational resource and storage resources to carry out user management, safety management, monitoring resource in defined described network topology structure.
Network target range management system also comprises distributed control node, and described distributed control node is arranged in the server of network target range internal system, gateway, SDN switch; Accordingly, SDN controller 01 also calls localized network resource, the topological structure of define grid target range system for the distributed control node that controls unified based on called global network resource.Distributed control node is used for calling localized network resource, and SDN switch 03 also utilizes computational resource, storage resources to carry out user management, safety management, monitoring resource in the described localized network resource called according to distributed control node.
SDN switch 03 also as the gateway of GRE or the mode by bearing GRE gateway function, can carry out encapsulation and the decapsulation of GRE tunnel message.Compared to the tunnel encapsulation decapsulation realizing GRE with server, better by the performance of SDN switch, and the cpu resource of server can be saved greatly.
Described network target range management system can also comprise: SDN gateway, and described SDN gateway is arranged on described network target range internal system, for carrying out network switch with described SDN switch, and integrated isomery physical resource.SDN gateway can realize that double layer network in network configuration is virtual, the network basic service such as three layers of routing forwarding, four layer address mapping, supports numerous characteristics such as safety, load balancing, master-slave equipment and High Availabitity simultaneously.When needing integrated various isomery physical resource (as fire compartment wall) in network Range Environment, by the network switching function of SDN switch and SDN gateway, carry out integrated various isomery physical resource, manage large scale scale heterogeneous system (node), and newly can add node by fast integration, quick generation and integrated new equipment copy, integrated newest standards and agreement, ensure that the forwarding performance of virtual network simultaneously.
Described distributed control node is used for calling localized network resource, and described switch also utilizes computational resource, storage resources to carry out user management, safety management, monitoring resource in the described localized network resource called according to distributed control node.
Fig. 3 is preferred embodiment of the present invention network target range management system configuration diagram.
As shown in Figure 3, the present embodiment network target range management system comprises: a SDN controller 01, cloud computing management platform 02, some SDN switch 03, SDN gateway 05, is distributed in the distributed control node Agent06 in SDN switch 03, SDN gateway 05 and network target range system 04.
Wherein, call global network resource by SDN controller 01, call computational resource and storage resources by cloud computing management platform 02; SDN controller 03 unified distributed control node 06 that controls based on called global network resource calls localized network resource, the topological structure of define grid target range system, copies subnet, isolation network; SDN controller 01 issues network flow table to managed SDN switch 03; SDN gateway 05 is for carrying out network switch with described SDN switch 03, integrated various isomery physical resource.
SDN switch 03 is according to the message of described network flow table switching network target range internal system across physical server, localized network resource is called by the described distributed control node 06 arranged in SDN switch 03, in defined described network topology structure, utilize computational resource and storage resources to carry out user management, safety management, monitoring resource, network target range system 04 is achieved.SDN switch 03 also as the gateway of GRE or the mode by bearing GRE gateway function, can carry out encapsulation and the decapsulation of GRE tunnel message simultaneously.
The network target range management system of the embodiment of the present invention, by the unified call to Internet resources, computational resource, storage resources, achieve the fast and flexible define grid topological structure required by the system of network target range, fast and flexible realizes the change of network topology, and fast and flexible realizes the expansion of target range Experimental Network scale.
It should be noted that, one of ordinary skill in the art will appreciate that all or part of step realizing above-described embodiment can have been come by hardware, the hardware that also can carry out instruction relevant by program completes, as SDN controller, SDN gateway realize by server; This program can be stored in computer-readable recording medium, and storage medium can comprise memory, disk or CD etc., as CD-ROM.
Should be understood that, above-mentioned embodiment of the present invention only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore, any amendment made when without departing from the spirit and scope of the present invention, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.In addition, claims of the present invention be intended to contain fall into claims scope and border or this scope and border equivalents in whole change and modification.
Claims (10)
1. realize a method for network target range system, it is characterized in that, described method comprises:
Global network resource is called by SDN controller;
Computational resource and storage resources is called by cloud computing management platform;
SDN controller define grid topology, copy subnet, isolation network;
SDN controller issues network flow table to managed SDN switch;
SDN switch is according to the message of described network flow table switching network target range internal system across physical server, in defined described network topology structure, utilize computational resource and storage resources to carry out user management, safety management, monitoring resource, realize network target range system.
2. the method realizing network target range system according to claim 1, it is characterized in that, described SDN controller define grid topology comprises: in the server of network target range internal system, gateway, SDN switch, arrange distributed control node, SDN controller unified distributed control node that controls based on called global network resource calls localized network resource, the topological structure of define grid target range system.
3. the method realizing network target range system according to claim 1, is characterized in that, described method also comprises:
SDN switch is set to encapsulation and decapsulation that GRE gateway carries out GRE tunnel message.
4. the method realizing network target range system according to claim 1, is characterized in that, described method also comprises:
In described network target range, internal system arranges SDN gateway, carries out network switch by SDN switch and SDN gateway, integrated isomery physical resource.
5. the method realizing network target range system according to claim 4, it is characterized in that, described computational resource and the storage resources of utilizing in defined described network topology structure carries out user management, safety management, monitoring resource, comprise: call localized network resource by the described distributed control node arranged in switch, in the corresponding described localized network resource of network target range internal system, utilize computational resource, storage resources to carry out user management, safety management, monitoring resource.
6. a network target range management system, is characterized in that, described system comprises: at least one SDN controller, some SDN switch, cloud computing platform, network target range system; Wherein,
Described SDN controller is connected with described network target range system with cloud computing platform, and described SDN switch is connected with described SDN controller;
Described SDN controller is used for calling global network resource, and for define grid topology, copy subnet, isolation network, and issue network flow table to the SDN switch be connected with described SDN controller;
Described cloud computing management platform is used for calling computational resource and storage resources;
Described SDN switch exchanges the message of described network target range internal system across physical server according to described network flow table, utilizes computational resource and storage resources to carry out user management, safety management, monitoring resource in defined described network topology structure.
7. network target range according to claim 6 management system, is characterized in that,
Described network target range management system also comprises distributed control node, and described distributed control node is arranged in the server of network target range internal system, gateway, SDN switch;
Described SDN controller also calls localized network resource, the topological structure of define grid target range system for the distributed control node that controls unified based on called global network resource.
8. network target range according to claim 6 management system, is characterized in that, described SDN switch is also for carrying out encapsulation and the decapsulation of GRE tunnel message.
9. network target range according to claim 6 management system, it is characterized in that, described network target range management system also comprises: SDN gateway, and described SDN gateway is arranged on described network target range internal system, for carrying out network switch with described SDN switch, integrated isomery physical resource.
10. network target range according to claim 9 management system, it is characterized in that, described distributed control node is used for calling localized network resource, and described switch also utilizes computational resource, storage resources to carry out user management, safety management, monitoring resource in the described localized network resource called according to distributed control node.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510135478.XA CN104811335B (en) | 2015-03-26 | 2015-03-26 | A kind of method that realizing network target range system and network target range management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510135478.XA CN104811335B (en) | 2015-03-26 | 2015-03-26 | A kind of method that realizing network target range system and network target range management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104811335A true CN104811335A (en) | 2015-07-29 |
| CN104811335B CN104811335B (en) | 2019-02-15 |
Family
ID=53695846
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510135478.XA Active CN104811335B (en) | 2015-03-26 | 2015-03-26 | A kind of method that realizing network target range system and network target range management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104811335B (en) |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105429806A (en) * | 2015-12-24 | 2016-03-23 | 武汉邮电科学研究院 | Network function virtualization device and method based on data driving |
| CN108021428A (en) * | 2017-12-05 | 2018-05-11 | 华迪计算机集团有限公司 | A kind of method and system that network target range is realized based on Docker |
| CN108153924A (en) * | 2016-12-05 | 2018-06-12 | 北京仿真中心 | A kind of description method of LVC artificial resources |
| CN109298855A (en) * | 2018-10-16 | 2019-02-01 | 国网河北省电力有限公司电力科学研究院 | A kind of network target range management system and its implementation, device, storage medium |
| CN109802852A (en) * | 2018-12-13 | 2019-05-24 | 烽台科技(北京)有限公司 | The construction method and system of network simulation topology applied to network target range |
| CN110109756A (en) * | 2019-04-28 | 2019-08-09 | 北京永信至诚科技股份有限公司 | A kind of network target range construction method, system and storage medium |
| CN110191043A (en) * | 2019-05-23 | 2019-08-30 | 北京永信至诚科技股份有限公司 | The VLAN division method and system in City-level network target range |
| CN111193731A (en) * | 2019-12-26 | 2020-05-22 | 北京永信至诚科技股份有限公司 | Method and device for generating network shooting range scene description file |
| CN111711557A (en) * | 2020-08-18 | 2020-09-25 | 北京赛宁网安科技有限公司 | Remote access system and method for network target range users |
| CN111726421A (en) * | 2020-07-01 | 2020-09-29 | 哈尔滨工业大学(威海) | Method and device for realizing interconnection of network target range and industrial control equipment |
| CN112153010A (en) * | 2020-08-31 | 2020-12-29 | 北京全路通信信号研究设计院集团有限公司 | Network security shooting range system and operation method thereof |
| CN112187610A (en) * | 2020-09-24 | 2021-01-05 | 北京赛宁网安科技有限公司 | Network isolation system and method for network target range |
| CN112367202A (en) * | 2020-11-10 | 2021-02-12 | 西安热工研究院有限公司 | Data exchange method for physical entity control system and virtual simulation production environment |
| CN112929218A (en) * | 2021-02-04 | 2021-06-08 | 西安热工研究院有限公司 | System and device for automatically generating virtual and real environments of industrial control target range |
| CN113691416A (en) * | 2021-07-29 | 2021-11-23 | 中科兴云(北京)科技有限公司 | Distributed layered deployed network target range management platform |
| CN114422201A (en) * | 2021-12-28 | 2022-04-29 | 北京永信至诚科技股份有限公司 | Network target range large-scale user remote access method and system |
| CN114500623A (en) * | 2022-01-17 | 2022-05-13 | 北京永信至诚科技股份有限公司 | Network target range interconnection and intercommunication method, device, equipment and readable storage medium |
| CN114500047A (en) * | 2022-01-26 | 2022-05-13 | 烽台科技(北京)有限公司 | Method and system for heterogeneous interconnection of industrial network target range |
| CN114818396A (en) * | 2022-06-29 | 2022-07-29 | 湖南大佳数据科技有限公司 | Network security shooting range system and drilling method for satellite navigation system |
| CN114816513A (en) * | 2022-06-29 | 2022-07-29 | 湖南大佳数据科技有限公司 | Fusion system and method of network security target range and satellite navigation training system |
| CN117808275A (en) * | 2024-03-01 | 2024-04-02 | 江苏天创科技有限公司 | ACS visualization technology-based target range management method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103701777A (en) * | 2013-12-11 | 2014-04-02 | 长春理工大学 | Remote network attack and defense virtual simulation system based on virtualization and cloud technology |
| US20140245443A1 (en) * | 2013-02-27 | 2014-08-28 | Sayan Chakraborty | Cyber Defense Systems And Methods |
| CN104243270A (en) * | 2014-09-25 | 2014-12-24 | 杭州华三通信技术有限公司 | Tunnel setup method and tunnel setup device |
| CN104410617A (en) * | 2014-11-21 | 2015-03-11 | 西安邮电大学 | Information safety attack and defense system structure of cloud platform |
-
2015
- 2015-03-26 CN CN201510135478.XA patent/CN104811335B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140245443A1 (en) * | 2013-02-27 | 2014-08-28 | Sayan Chakraborty | Cyber Defense Systems And Methods |
| CN103701777A (en) * | 2013-12-11 | 2014-04-02 | 长春理工大学 | Remote network attack and defense virtual simulation system based on virtualization and cloud technology |
| CN104243270A (en) * | 2014-09-25 | 2014-12-24 | 杭州华三通信技术有限公司 | Tunnel setup method and tunnel setup device |
| CN104410617A (en) * | 2014-11-21 | 2015-03-11 | 西安邮电大学 | Information safety attack and defense system structure of cloud platform |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105429806A (en) * | 2015-12-24 | 2016-03-23 | 武汉邮电科学研究院 | Network function virtualization device and method based on data driving |
| CN105429806B (en) * | 2015-12-24 | 2019-06-11 | 武汉邮电科学研究院 | A kind of device and method of the network function virtualization based on data-driven |
| CN108153924A (en) * | 2016-12-05 | 2018-06-12 | 北京仿真中心 | A kind of description method of LVC artificial resources |
| CN108021428A (en) * | 2017-12-05 | 2018-05-11 | 华迪计算机集团有限公司 | A kind of method and system that network target range is realized based on Docker |
| CN109298855A (en) * | 2018-10-16 | 2019-02-01 | 国网河北省电力有限公司电力科学研究院 | A kind of network target range management system and its implementation, device, storage medium |
| CN109802852A (en) * | 2018-12-13 | 2019-05-24 | 烽台科技(北京)有限公司 | The construction method and system of network simulation topology applied to network target range |
| CN109802852B (en) * | 2018-12-13 | 2022-06-17 | 烽台科技(北京)有限公司 | Method and system for constructing network simulation topology applied to network target range |
| CN110109756A (en) * | 2019-04-28 | 2019-08-09 | 北京永信至诚科技股份有限公司 | A kind of network target range construction method, system and storage medium |
| CN110191043A (en) * | 2019-05-23 | 2019-08-30 | 北京永信至诚科技股份有限公司 | The VLAN division method and system in City-level network target range |
| CN111193731A (en) * | 2019-12-26 | 2020-05-22 | 北京永信至诚科技股份有限公司 | Method and device for generating network shooting range scene description file |
| CN111726421B (en) * | 2020-07-01 | 2022-06-07 | 哈尔滨工业大学(威海) | Method and device for realizing interconnection of network target range and industrial control equipment |
| CN111726421A (en) * | 2020-07-01 | 2020-09-29 | 哈尔滨工业大学(威海) | Method and device for realizing interconnection of network target range and industrial control equipment |
| CN111711557B (en) * | 2020-08-18 | 2020-12-04 | 北京赛宁网安科技有限公司 | Remote access system and method for network target range users |
| CN111711557A (en) * | 2020-08-18 | 2020-09-25 | 北京赛宁网安科技有限公司 | Remote access system and method for network target range users |
| CN112153010A (en) * | 2020-08-31 | 2020-12-29 | 北京全路通信信号研究设计院集团有限公司 | Network security shooting range system and operation method thereof |
| CN112187610B (en) * | 2020-09-24 | 2021-11-16 | 北京赛宁网安科技有限公司 | Network isolation system and method for network target range |
| CN112187610A (en) * | 2020-09-24 | 2021-01-05 | 北京赛宁网安科技有限公司 | Network isolation system and method for network target range |
| CN112367202B (en) * | 2020-11-10 | 2022-11-18 | 西安热工研究院有限公司 | Data exchange method for physical entity control system and virtual simulation production environment |
| CN112367202A (en) * | 2020-11-10 | 2021-02-12 | 西安热工研究院有限公司 | Data exchange method for physical entity control system and virtual simulation production environment |
| CN112929218A (en) * | 2021-02-04 | 2021-06-08 | 西安热工研究院有限公司 | System and device for automatically generating virtual and real environments of industrial control target range |
| CN113691416A (en) * | 2021-07-29 | 2021-11-23 | 中科兴云(北京)科技有限公司 | Distributed layered deployed network target range management platform |
| CN114422201A (en) * | 2021-12-28 | 2022-04-29 | 北京永信至诚科技股份有限公司 | Network target range large-scale user remote access method and system |
| CN114500623A (en) * | 2022-01-17 | 2022-05-13 | 北京永信至诚科技股份有限公司 | Network target range interconnection and intercommunication method, device, equipment and readable storage medium |
| CN114500623B (en) * | 2022-01-17 | 2022-12-02 | 北京永信至诚科技股份有限公司 | Network target range interconnection and intercommunication method, device, equipment and readable storage medium |
| CN114500047A (en) * | 2022-01-26 | 2022-05-13 | 烽台科技(北京)有限公司 | Method and system for heterogeneous interconnection of industrial network target range |
| CN114500047B (en) * | 2022-01-26 | 2023-06-27 | 烽台科技(北京)有限公司 | Industrial network shooting range heterogeneous interconnection method and system |
| CN114818396A (en) * | 2022-06-29 | 2022-07-29 | 湖南大佳数据科技有限公司 | Network security shooting range system and drilling method for satellite navigation system |
| CN114816513A (en) * | 2022-06-29 | 2022-07-29 | 湖南大佳数据科技有限公司 | Fusion system and method of network security target range and satellite navigation training system |
| CN114818396B (en) * | 2022-06-29 | 2022-09-20 | 湖南大佳数据科技有限公司 | Network security shooting range system and drilling method for satellite navigation system |
| CN114816513B (en) * | 2022-06-29 | 2022-09-20 | 湖南大佳数据科技有限公司 | Fusion system and method of network security target range and satellite navigation training system |
| CN117808275A (en) * | 2024-03-01 | 2024-04-02 | 江苏天创科技有限公司 | ACS visualization technology-based target range management method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104811335B (en) | 2019-02-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104811335A (en) | Method for realizing network target range system and network target range management system | |
| US9680867B2 (en) | Network stimulation engine | |
| CN103701777B (en) | Based on virtualization and the telecommunication network attacking and defending dummy emulation system of cloud | |
| CN104090825B (en) | Dynamic migration computer network | |
| CN111555913A (en) | Simulation method, system, electronic device and storage medium for simulating real network environment based on virtualization | |
| CN102571698A (en) | Access authority control method, system and device for virtual machine | |
| CN103001823B (en) | A kind of virtual network construction method based on many granularities abstract theory and system | |
| CN114363021A (en) | Network shooting range system, virtual network implementation method and device of network shooting range system | |
| CN113691416A (en) | Distributed layered deployed network target range management platform | |
| CN109510749A (en) | A kind of large-scale virtual network establishing method based on OpenStack and SDN technology | |
| CN104539632A (en) | Programmable network equipment managing and controlling method based on virtual address spaces | |
| CN108156153A (en) | A kind of differential section means of defence based on distributed security domain | |
| CN113438103B (en) | Large-scale network shooting range, construction method, construction device and construction equipment thereof | |
| CN110191043B (en) | VLAN (virtual local area network) dividing method and system for urban network target range | |
| CN107179938A (en) | A kind of information security technology contest attacking and defending environment automatic deployment method | |
| CN114996703A (en) | Power system network safety target range hybrid simulation method, system and equipment | |
| CN106101280A (en) | A kind of network information synchronization update method between data center | |
| Benomar et al. | A Mininet-Based Emulated Testbed for the I/Ocloud | |
| Gan et al. | Research on tactical communication network simulation training based on CGN | |
| Navarro et al. | Community-Lab: Overview and invitation to the research community | |
| Gao et al. | Techniques and research trends of network testbed | |
| Soni et al. | DiG: Data-centers in the Grid | |
| Kumar et al. | Implementing geo-blocking and spoofing protection in multi-domain software defined interconnects | |
| Dutta et al. | An approach for deployment of BRS in software-defined network | |
| CN106161113A (en) | The QinQ message processing method of a kind of linux system and platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |