CN105491047B - A kind of access control method and system of headend equipment - Google Patents
A kind of access control method and system of headend equipment Download PDFInfo
- Publication number
- CN105491047B CN105491047B CN201510915923.4A CN201510915923A CN105491047B CN 105491047 B CN105491047 B CN 105491047B CN 201510915923 A CN201510915923 A CN 201510915923A CN 105491047 B CN105491047 B CN 105491047B
- Authority
- CN
- China
- Prior art keywords
- headend equipment
- network
- gateway
- client
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The present invention discloses the access control method and system of a kind of headend equipment, the headend equipment is accessed in local network by gateway, the method includes the steps: it obtains the login password of the headend equipment and judges whether login password is weak password, if, weak password caution signal is then sent to gateway, then the network segment of local network is obtained from gateway and stores the network segment into white list;When client accesses the headend equipment, the headend equipment is judged after obtaining the network address of the client, when the network address of client is in the network segment that white list store, allows the client access headend equipment;Conversely, the client is forbidden to access the headend equipment.The present invention automatically generates the white list of storage local network network segment using the interaction between headend equipment and gateway, only the client in local network is allowed to access the headend equipment, the client in the network of strange land is forbidden to access the headend equipment.
Description
Technical field
The invention belongs to the communications fields, in particular to the access control method and system of a kind of headend equipment.
Background technique
The login password of a large amount of headend equipment when leaving the factory is all the admin of default, when just beginning to use, headend equipment
User can be prompted to carry out the modification of the headend equipment login password, however, user generally can be by login password for the ease of memory
It is revised as weak password, it further includes that can be exhausted method to pass through that weak password, which includes short password, common password, system default password,
The password that permutation and combination cracks, these passwords are usually made of some words that may be used as password, such as the word, true in dictionary
Real name or word relevant to user name, these passwords can be decoded quickly.Using the name of birthday or pet as close
Code is also weak password, as it is possible that being guessd out easily by acquaintance.
It is easy to be guessed by others as the login password of equipment using weak password or Brute Force, not only local network
The user of (herein referring to the network that an administrator is responsible for) can log in the headend equipment, and strange land network is (relative to local network
Speech) user can also log in the headend equipment.In monitoring field, when the login password of monitoring frontend is weak password, strange land
The user of network is easy the video code flow that decryption obtains the monitoring frontend, so as to cause security risk.
Solving the method that headend equipment password is easy to crack in the prior art is to be modified weak password by mandatory administration person
For strong cipher, but in the case that this method is more than the headend equipment, implementing can be comparatively laborious, and strong cipher is not easy to remember, so that
Administrator is difficult to receive.
Summary of the invention
It is an object of the invention to overcome the deficiencies of the prior art and provide a kind of access control method of headend equipment, with
The login password for solving the problems, such as headend equipment is easy to be cracked when being weak password.
The object of the present invention is achieved like this: a kind of access control method of headend equipment, the headend equipment pass through
Gateway accesses in local network, the method includes the steps:
It obtains the login password of the headend equipment and judges whether login password is weak password, if so, sending weak close
Code caution signal obtains the network segment of local network from gateway to gateway, then and stores the network segment to white list
In;
When client accesses the headend equipment, the headend equipment is sentenced after obtaining the network address of the client
It is disconnected, when the network address of client is in the network segment that white list stores, the client is allowed to access the headend equipment;Instead
It, forbids the client to access the headend equipment.
Further, gateway obtains LSA information using ospf protocol, passes through the net of LSA acquisition of information local network
The network segment of local network is sent to the headend equipment after section.
Further, when the login password of the headend equipment is weak password, the headend equipment then sends packet filtering letter
Number gateway is given, gateway headend equipment according to the packet filtering signal-inhibiting received sends data to strange land network
Client.
Further, the packet filtering signal is that ACL enables signal, and gateway enables signal according to the ACL received
ACL is enabled on the corresponding access interface of the headend equipment, the ACL is configured to that the headend equipment is forbidden to send data
To the client of strange land network.
Further, it after headend equipment judges that login password is revised as strong cipher by weak password, is sent to gateway
Weak password alerts end signal, and it is corresponding to close the headend equipment after receiving weak password warning end signal for gateway
Access interface on enabled ACL.
Further, it after headend equipment judges that its login password is revised as strong cipher by weak password, is sent out to gateway
Weak password is sent to alert end signal, for gateway after receiving weak password warning end signal, headend equipment deletes white list
The network segment of the local network of middle storage.
Using method of the invention, invention additionally provides a kind of access control systems of headend equipment.
A kind of access control system of headend equipment, the headend equipment are accessed in local network by gateway, institute
The system of stating includes:
Password obtains module: obtaining the login password of the headend equipment;
Judgment module: whether the login password for judging the headend equipment is weak password;
Equipment website acquisition module: it after judgment module judges the login password of the headend equipment for weak password, sends
Weak password caution signal then obtains the network segment of local network to gateway from gateway;
White list memory module: the network segment of local network is stored;
When client accesses the headend equipment, equipment website acquisition module obtains the network address of the client and progress
Judgement allows described in client access when the network address of the client is in the network segment that white list memory module stores
Headend equipment;Otherwise, the client is forbidden to access the headend equipment.
Further, gateway obtains LSA information using ospf protocol, passes through the net of LSA acquisition of information local network
The network segment is sent to equipment website acquisition module after section.
Further, the system also includes packet filtering modules, when judgment module judges that the login of the headend equipment is close
When code is weak password, the packet filtering module sends packet filtering signal to gateway, and the gateway is according to the packet received
Trap signal forbids the headend equipment to send data to the client of strange land network.
Further, the packet filtering signal is that ACL enables signal, and gateway enables signal according to the ACL received
ACL is enabled on the corresponding access interface of the headend equipment, the ACL is configured to that the headend equipment is forbidden to send data
To the client of strange land network.
Beneficial effects of the present invention: the present invention does not need artificial participation, using between headend equipment and gateway
Interaction automatically generates the white list of storage local network network segment, only the client in local network is allowed to access the headend equipment,
Forbid the client in the network of strange land to access the headend equipment, is obtained to prevent the client of strange land network from logging in headend equipment
Media data flow.
Meanwhile packet filtering module is arranged by gateway, when judging headend equipment login password for weak password, utilize
Packet filtering module forbids the headend equipment to send data to the client of strange land network, accordingly even when the client of strange land network is broken
The login password of headend equipment has been solved, the headend equipment is successfully accessed, has belonged to strange land net in the network address for judging client
When network diagram section, gateway enables packet filtering module, and the headend equipment is forbidden to send media stream data to the client of strange land network
End, and then prevent the client of strange land network from getting the media stream data in the headend equipment by other means.
LSA information is obtained to judge which network is local network by OSPF using gateway, which network is different
Ground network enables front end to obtain the network segment of local network automatically and is added in white list, and not needing very important person is addition manually,
Access control process is more intelligent.
Detailed description of the invention
Fig. 1 is that the embodiment of the present invention monitors network networking schematic diagram;
Fig. 2 is the flow chart of the headend equipment access control method of the embodiment of the present invention;
Fig. 3 is IP of embodiment of the present invention authority configuration schematic diagram;
Fig. 4 is IP of embodiment of the present invention authority configuration schematic diagram.
Specific embodiment
The invention will be further described with reference to the accompanying drawing and by specific embodiment, and following embodiment is descriptive
, it is not restrictive, this does not limit the scope of protection of the present invention.
The access control method and system of a kind of headend equipment of the invention are applied to monitoring field.Referring to Fig. 1, monitoring
Network is divided into multiple regions for network is monitored according to the range of management of administrator, wherein the network of same area is by same pipe
Reason person is responsible for management, and the network of different zones is managed respectively by different administrators.The administrator in each region is responsible for present networks
The maintenance and configuration work of the network equipment, monitoring device.Internal operation IGP agreement (Interior in each region
Gateway Protocol, Interior Gateway Protocol), mutual introduce routed between each region reaches the mutual of the whole network routing
It is logical, to reach the demand exchanged visits between each region.With ospf protocol (the Open Shortest in Interior Gateway Protocol
Path First, Open Shortest Path First) for, routing iinformation is obtained by ospf protocol interaction between each router,
Wherein, introducing external network routing be by 5 class LSA (Link-State Advertisement, Link State Advertisement) into
Row publication, and the network routing inside one's respective area is issued by 1,2 and 3 class LSA.It is i.e. each in one's respective area
Respective 1 class, 2 classes and 3 class LSA information, the router of one's respective area and perimeter are obtained by ospf protocol between router
Router respective 5 class LSA information is obtained by ospf protocol.
LSA includes the information such as IP address, subnet mask, network type, the Cost value of equipment, is exchanged between ospf router
Be not routing table, but LSA, OSPF be by obtaining all link-state information in network, to calculate up to every
A accurate network path of target.
Wherein, 1 class LSA is router lsa (Router LSA), and each router can all generate router lsa notice.
This most basic LSA notice lists router all link or interface, and specifies their state and along every chain
All known ospf neighbors of the outbound cost in road direction and chain road.
2 class LSA are Network-LSAs (Network LSA), list all routers being attached thereto, including specified circuit by
Device itself.2 class LSA describe the network information inside this ospf area.
3 class LSA are network summary lsa (Network Summary LSA), are originated by Area Border Router, area
Domain border router will send network summary lsa to a region, for noticing the destination address of the region exterior.3 class LSA are retouched
State the network information of other ospf areas.
5 class LSA are Autonomy System-External LSA (Autonomous System External LSA), or are known as external
LSA (External LSA), for noticing outside the destination or the OSPF autonomous system that reach outside OSPF autonomous system
The LSA of default route.The external routes network information that 5 class LSA description introduces.
In the present embodiment, headend equipment (be here IPC, i.e. web camera) connects gateway by cable, thus
So that the headend equipment is linked into local network by the gateway, and led to by the gateway with external device
Letter.Artificially carry out the configuration of network address, the IP address including the headend equipment to the headend equipment by administrator first
And gateway address.Wherein, managing the network area that the administrator of the headend equipment is responsible for is local network, and by other administrators
Responsible network area is then strange land network.
When in use, for security consideration, generally all one unified login password can be set to headend equipment, multiple
When client accesses the headend equipment, the headend equipment could be accessed by needing to input correct login password.Front end in order to prevent
The login password of equipment is easy to crack, and network user's unauthorized access headend equipment in strange land obtains media stream data, referring to fig. 2,
Steps are as follows for the access control method of the headend equipment of the present embodiment:
The login password of the headend equipment is obtained by headend equipment and judges whether it is weak password, if login password is weak
Password, the headend equipment are then sent to corresponding gateway (headend equipment to be linked into the gateway of local network)
Carry the message of weak password caution signal.Wherein, the judgment rule of weak password can be arranged as needed, in the present embodiment,
By short password (such as Password Length is less than 6), common password (such as 123456789, abcdef etc.), system default password
(such as admin), can be exhausted password that method cracked by permutation and combination (be made of some words that may be used as password,
The password of word, Real Name or word composition relevant to user name in such as dictionary), birthday of headend equipment user and
The name of pet is as weak password.
Gateway can be that router or interchanger select interchanger to access as headend equipment in the present embodiment
The gateway of local network.Weak password caution signal is transmitted by the XML message of privately owned customization.It specifically, will be weak
Password caution signal is set as Alarm field, when headend equipment judges its current login password for weak password, by Alarm
Field is set as 1 and is sent to the gateway that the headend equipment is linked into local network, and specific XML message format is as follows:
When the gateway that the headend equipment is linked into local network receives the message of carrying weak password caution signal
Afterwards, which obtains LSA information using ospf protocol, by after the network segment of LSA acquisition of information local network by local network
The network segment of network is sent to the headend equipment.Specifically, by the network address of all devices in local network (i.e. internal to route)
Be sent to headend equipment by XML message, referring to Fig. 1, the inside routing of local network be 1.1.1.0/255.255.255.0,
20.20.20.0/255.255.255.0 and 202.169.50.128/255.255.255.192.Specific XML message format is such as
Under:
The gateway that the headend equipment is linked into local network is obtained into 1 class, 2 classes, 3 classes and 5 classes by ospf protocol
LSA information and be stored in the local link condition database of the gateway.Inside routing is by inquiring the front end
What the local link condition database that equipment is linked into the gateway of local network obtained, wherein 2 classes, 3 class LSA are described
Local network.For example, in the home network, it is 202.169.50.128/ that headend equipment, which obtains device network address,
255.255.255.192 LSA information message format it is as follows:
The headend equipment accesses LSA information in the local link condition database of respective gateway equipment, carries out to LSA information
Screening obtains the network address in LSA in 2 class LSA and 3 class LSA information, the i.e. network segment of local network.Referring to Fig. 3, front end is set
For after the network segment that the gateway for being linked into local network obtains local network, the network segment of local network is stored to white
In list, when client accesses the headend equipment, which is judged after obtaining the network address of the client, when
When the network address of client is in the network segment that white list stores, the client is allowed to access the headend equipment;Conversely, forbidding this
Client accesses the headend equipment.Wherein, store in white list is the network address for allowing to access the headend equipment.
Meanwhile when the headend equipment judges the login password of oneself for weak password, which sends packet filtering letter
Number gateway is given, gateway forbids the headend equipment to send data to strange land network according to the packet filtering signal received
Client.In the present embodiment, packet filtering signal is that ACL enables signal, and gateway enables signal according to the ACL received
ACL (Access Control List, accesses control list) is enabled on the access interface of the headend equipment accessing gateway equipment
Function, the ACL are configured to forbid the headend equipment that data are issued the strange land network equipment.In a specific embodiment,
The IP address of headend equipment is 1.1.1.1, the then ACL that gateway enables on the corresponding access interface of the headend equipment are as follows:
When the headend equipment is after receiving local network information, local white list access function is opened;When the front end is set
After receiving the strange land network information, forbids the equipment of strange land network to access the headend equipment, i.e., only allow setting for local network
It is standby to access the headend equipment.
After the login password of the headend equipment is revised as strong cipher by weak password by user, which accesses to it
Gateway send carry weak password warning end signal message.Wherein, the judgment rule of strong cipher can come as needed
Setting, for example, the judgment rule of strong cipher can be arranged to such as under type: Password Length at least 8 characters do not include complete
Portion or certain customers' account name, including at least the three classes in following four classes character: capitalization, lowercase, number, Yi Jijian
On disk symbol (such as!,@, #), can not find out in dictionary, be not command name, be not name, be not user name, be not computer
Name, it is significantly different with pervious password.
In the present embodiment, after headend equipment judges that oneself login password is modified to strong cipher, then by Alarm field
It is set as 0 and is sent to for the headend equipment to be linked into the gateway of local network, specific XML message format is as follows:
Referring to fig. 4, the gateway which is linked into local network is receiving carrying weak password warning knot
After the message of beam signal, the weak password packet filtering rules that the corresponding headend equipment enables are canceled, that is, close the headend equipment
Enabled ACL on corresponding access interface, meanwhile, which deletes the network segment of the local network stored in white list.
Using method of the invention, invention additionally provides a kind of access control systems of headend equipment, including password
Module, judgment module, equipment website acquisition module and white list memory module are obtained, which is applied in headend equipment, benefit
The login password that module obtains the headend equipment is obtained with password, after getting the login password of the headend equipment, by sentencing
Disconnected module judges whether the login password is weak password, if login password is weak password, equipment website acquisition module sends weak
Password caution signal to gateway, gateway after receiving weak password caution signal, send the network segment of local network to
The network segment is stored in by equipment website acquisition module, equipment website acquisition module after the network segment that gateway obtains local network
In white list memory module.
When client accesses the headend equipment, equipment website acquisition module obtains the network address of the client and is sentenced
It is disconnected, when the network address of the client is in the network segment that white list memory module stores, the client is allowed to access the front end
Equipment;Otherwise, the client is forbidden to access the headend equipment.If judgment module judges the login password of headend equipment to be strong close
Code, then client can directly access the headend equipment.
In the present embodiment, gateway obtains LSA information using ospf protocol, judges which is this by LSA information
Ground network, which is strange land network.Network address in 2 class LSA and 3 class LSA belongs to local network, and gateway is receiving
After weak password caution signal, the network segment of local network is sent to equipment website acquisition module.Network address category in 5 class LSA
In strange land network.
In addition, the client of strange land network obtains monitoring media flow data by other means in order to prevent, the system is also
Including packet filtering module, when judgment module judges the login password of headend equipment for weak password, the transmission of packet filtering module was wrapped
Signal is filtered to the headend equipment, the headend equipment is forbidden to send data to the client of strange land network.Specifically, packet filtering signal
Signal is enabled for ACL, gateway enables ACL on the corresponding access interface of the headend equipment, before ACL is configured to forbid this
End equipment sends data to the client of strange land network.
Method and system of the invention automatically generate storage local network using the interaction between headend equipment and gateway
The white list of network diagram section only allows the client in local network to access the headend equipment, forbids the client in the network of strange land
The headend equipment is accessed, so that preventing the client of strange land network from logging in headend equipment obtains media data flow.
The above is only presently preferred embodiments of the present invention, is not intended to limit the invention in any way, it is all according to the present invention
Technical spirit any simple modification to the above embodiments, change and equivalent structural changes, still fall within skill of the present invention
The protection scope of art scheme.
Claims (10)
1. a kind of access control method of headend equipment, the headend equipment is accessed in local network by gateway, special
Sign is, the method includes the steps:
It obtains the login password of the headend equipment and judges whether login password is weak password, if so, it is alert to send weak password
Signal is accused to gateway, then the network segment of local network is obtained from gateway and stores the network segment into white list;
When client accesses the headend equipment, the headend equipment is judged after obtaining the network address of the client, when
When the network address of client is in the network segment that white list stores, the client is allowed to access the headend equipment;Conversely, forbidding
The client accesses the headend equipment.
2. the access control method of headend equipment as described in claim 1, which is characterized in that gateway is obtained using ospf protocol
To LSA information, by the way that the network segment of local network is sent to the headend equipment after the network segment of LSA acquisition of information local network.
3. the access control method of headend equipment as described in claim 1, which is characterized in that the login password of the headend equipment
When for weak password, the headend equipment then sends packet filtering signal to gateway, and gateway is according to the packet filtering received
Headend equipment described in signal-inhibiting sends data to the client of strange land network.
4. the access control method of headend equipment as claimed in claim 3, which is characterized in that the packet filtering signal opens for ACL
With signal, gateway enables signal according to the ACL received and enables ACL on the corresponding access interface of the headend equipment,
The client that the ACL is configured to that the headend equipment is forbidden to send data to strange land network.
5. the access control method of headend equipment as claimed in claim 4, which is characterized in that when headend equipment judges login password
After being revised as strong cipher by weak password, to gateway send weak password alert end signal, gateway receive it is weak close
After code warning end signal, enabled ACL on the corresponding access interface of the headend equipment is closed.
6. the access control method of headend equipment as described in claim 1, which is characterized in that when headend equipment judges that its login is close
Code strong cipher is revised as by weak password after, to gateway send weak password alert end signal, gateway receive it is weak
After password alerts end signal, headend equipment deletes the network segment of the local network stored in white list.
7. a kind of access control system of headend equipment, the headend equipment is accessed in local network by gateway, special
Sign is, the system comprises:
Password obtains module: obtaining the login password of the headend equipment;
Judgment module: whether the login password for judging the headend equipment is weak password;
Equipment website acquisition module: it after judgment module judges the login password of the headend equipment for weak password, sends weak close
Code caution signal then obtains the network segment of local network to gateway from gateway;
White list memory module: the network segment of local network is stored;
When client accesses the headend equipment, equipment website acquisition module obtains the network address of the client and is sentenced
It is disconnected, when the network address of the client is in the network segment that white list memory module stores, before allowing client access described
End equipment;Otherwise, the client is forbidden to access the headend equipment.
8. the access control system of headend equipment as claimed in claim 7, which is characterized in that gateway is obtained using ospf protocol
To LSA information, by the way that the network segment is sent to equipment website acquisition module after the network segment of LSA acquisition of information local network.
9. the access control system of headend equipment as claimed in claim 7, which is characterized in that the system also includes packet filtering moulds
Block, when judgment module judges the login password of the headend equipment for weak password, the packet filtering module sends packet filtering letter
Number gateway is given, gateway headend equipment according to the packet filtering signal-inhibiting received sends data to strange land net
The client of network.
10. the access control system of headend equipment as claimed in claim 9, which is characterized in that the packet filtering signal opens for ACL
With signal, gateway enables signal according to the ACL received and enables ACL on the corresponding access interface of the headend equipment,
The client that the ACL is configured to that the headend equipment is forbidden to send data to strange land network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510915923.4A CN105491047B (en) | 2015-12-10 | 2015-12-10 | A kind of access control method and system of headend equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510915923.4A CN105491047B (en) | 2015-12-10 | 2015-12-10 | A kind of access control method and system of headend equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105491047A CN105491047A (en) | 2016-04-13 |
| CN105491047B true CN105491047B (en) | 2019-01-11 |
Family
ID=55677761
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510915923.4A Active CN105491047B (en) | 2015-12-10 | 2015-12-10 | A kind of access control method and system of headend equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105491047B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105915842B (en) * | 2016-04-14 | 2019-08-02 | 浙江宇视科技有限公司 | A kind of password amending method, device and video monitoring system |
| CN107395602A (en) * | 2017-07-28 | 2017-11-24 | 济南中维世纪科技有限公司 | The method that monitoring device manages remote connection unit |
| CN110311882B (en) * | 2018-03-27 | 2022-03-11 | 浙江宇视科技有限公司 | Security management method and device for user password of network equipment |
| CN112307462A (en) * | 2020-07-20 | 2021-02-02 | 神州融安科技(北京)有限公司 | Method and device for prompting weak password, electronic equipment and computer-readable storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118398A (en) * | 2011-03-31 | 2011-07-06 | 北京星网锐捷网络技术有限公司 | Access control method, device and system |
| CN102710623A (en) * | 2012-05-23 | 2012-10-03 | 中国电力科学研究院 | Intelligent grid electricity information privacy protection method based on multi-party interaction |
| CN103888459A (en) * | 2014-03-25 | 2014-06-25 | 深信服网络科技(深圳)有限公司 | Method and device for detecting intranet intrusion of network |
| WO2014145087A1 (en) * | 2013-03-15 | 2014-09-18 | General Instrument Corporation | Remote access to streaming video |
| CN104683127A (en) * | 2013-11-27 | 2015-06-03 | 北京神州泰岳软件股份有限公司 | Method and system for centrally checking weak passwords of equipment |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7010608B2 (en) * | 2001-09-28 | 2006-03-07 | Intel Corporation | System and method for remotely accessing a home server while preserving end-to-end security |
| US8635367B2 (en) * | 2009-12-23 | 2014-01-21 | Citrix Systems, Inc. | Systems and methods for managing static proximity in multi-core GSLB appliance |
-
2015
- 2015-12-10 CN CN201510915923.4A patent/CN105491047B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118398A (en) * | 2011-03-31 | 2011-07-06 | 北京星网锐捷网络技术有限公司 | Access control method, device and system |
| CN102710623A (en) * | 2012-05-23 | 2012-10-03 | 中国电力科学研究院 | Intelligent grid electricity information privacy protection method based on multi-party interaction |
| WO2014145087A1 (en) * | 2013-03-15 | 2014-09-18 | General Instrument Corporation | Remote access to streaming video |
| CN104683127A (en) * | 2013-11-27 | 2015-06-03 | 北京神州泰岳软件股份有限公司 | Method and system for centrally checking weak passwords of equipment |
| CN103888459A (en) * | 2014-03-25 | 2014-06-25 | 深信服网络科技(深圳)有限公司 | Method and device for detecting intranet intrusion of network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105491047A (en) | 2016-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10129097B2 (en) | GUI and high-level API wrapper for software defined networking and software defined access for controlling network routing and rules | |
| US10841279B2 (en) | Learning network topology and monitoring compliance with security goals | |
| US20170364702A1 (en) | Internal controls engine and reporting of events generated by a network or associated applications | |
| US20170366395A1 (en) | Automated sensing of network conditions for dynamically provisioning efficient vpn tunnels | |
| CN105491047B (en) | A kind of access control method and system of headend equipment | |
| US10404728B2 (en) | Learning internal ranges from network traffic data to augment anomaly detection systems | |
| US5968176A (en) | Multilayer firewall system | |
| WO2019149273A1 (en) | Method and device for interworking between service function chain domains | |
| CN105262738B (en) | A kind of method of router and its preventing ARP aggression | |
| US11018937B2 (en) | Determining an effect of a network configuration change | |
| US20210201638A1 (en) | Network sanitization for dedicated communication function and edge enforcement | |
| US20070171834A1 (en) | Method and system for testing provisioned services in a network | |
| CN103053138A (en) | A device and method for egress packet forwarding using mesh tagging | |
| US10454896B2 (en) | Critical infrastructure security framework | |
| CN105847300B (en) | The method for visualizing and device of enterprise network boundary device topology | |
| CN109525601A (en) | The lateral flow partition method and device of terminal room in Intranet | |
| CN105791047A (en) | Method for controlling management system of secure video private network | |
| CN110266550A (en) | The method and device of failure effect forecast | |
| CN113949537B (en) | Firewall management method and system based on eBPF | |
| Hadley et al. | Software-defined networking redefines performance for ethernet control systems | |
| CN106060040A (en) | Enterprise network access control method and device | |
| Odarchenko et al. | 5G Networks Cyberincidents Monitoring System for Drone Communications | |
| Ali et al. | Byod cyber forensic eco-system | |
| Azhari et al. | Secured Internet Office Network with the Internet of Things Using Packet Tracer Analysis | |
| Rudraraju et al. | Dynamic design and implementation of security intelligence for industry |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |