CN108696395B - Network switching device under multi-network isolation environment and application method thereof - Google Patents
Network switching device under multi-network isolation environment and application method thereof Download PDFInfo
- Publication number
- CN108696395B CN108696395B CN201810500954.7A CN201810500954A CN108696395B CN 108696395 B CN108696395 B CN 108696395B CN 201810500954 A CN201810500954 A CN 201810500954A CN 108696395 B CN108696395 B CN 108696395B
- Authority
- CN
- China
- Prior art keywords
- network
- configuration information
- storage unit
- gating
- state detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/0816—Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a network switching device under a multi-network isolation environment and an application method thereof.A gating switch is arranged between a computer network interface arranged on a shell of the network switching device and all network end network interfaces, each gating path of the gating switch comprises a state detection line which is electrically isolated from other lines, a configuration storage unit and a data communication interface which are mutually connected are also arranged in the shell, the state detection lines are respectively connected with the configuration storage unit, and the configuration storage unit selects and switches network configuration information which is stored in the configuration storage unit and can be read according to the on-off state of each state detection line. The invention can solve the safety problem caused by different security information of a plurality of networks stored in the computer terminal under the condition of keeping the convenience of the automatic switching technology of the computer terminal, solve the safety risk caused by detecting the current network and improve the safety of network access in a multi-network isolation environment.
Description
Technical Field
The invention relates to a data transmission security technology under a multi-network isolation environment, in particular to a network switching device under the multi-network isolation environment and an application method thereof.
Background
Due to the different security requirements for different networks, there are often multiple electrically isolated network environments within governments, military, privacy-demanding enterprises or organizations, and computer terminals are not normally allowed to connect to these isolated networks at the same time. When the same computer terminal accesses a plurality of isolated networks in a time-sharing manner, it is necessary to make sure that the access to the current network does not contain information about other networks. For example, the virtual computing technology can implement the requirement by running a plurality of virtual environments isolated from each other, each connected to a network, or running at most one virtual environment at the same time, the virtual environment corresponding to the connected network, inside the terminal. Network handover occurs when a computer terminal needs to connect to a different physical network. In order to ensure that the network switches are electrically isolated in nature and form, a network switch device can be manually operated (for example, a switch of a corresponding network on the network switch device is pressed) to physically switch, as shown in fig. 1, a computer network interface 11 and at least two network-side network interfaces 12 are arranged on a housing 1 of the network switch device in the prior art, a gating switch 13 is arranged between the computer network interface 11 and all the network-side network interfaces 12, and a button for operating the gating switch 13 is arranged on the housing 1. Then, the computer terminal connected with the network switch can adopt an automatic switching technology to take out a server list stored by the terminal or a characteristic IP address related to the physical network, such as a gateway address, take out the IP address of the corresponding terminal stored by the terminal or initiate a DHCP request again to change the IP address of the computer terminal, and then perform connectivity test on the current connection network to identify the connected physical network. However, this prior art may cause security problem, and from the perspective of upper layer applications, the terminal simultaneously stores or simultaneously has access to connectivity test information of all isolated networks, and such information may be stolen; the security detection systems such as the firewall of each classified network and the like receive the detection message and possibly cause security alarm; more concealed and easier to ignore, when the physical network data packet at the bottom layer is sent, and whether the high-security network is connected or not is detected, the high-security IP information is carried by the detection message and enters the low-security network, the switch and the routing equipment in the low-security network can acquire the high-security network information, and if the switch and the router are controlled by malicious codes, the switch and the router can cause secret loss, so how to acquire the key information of the high-security network in the low-security network for a long time in a hidden manner is just one of the important contents of the high-security sustainable attack APT. Another method for realizing automatic switching without storing different security level IP information in the computer terminal is to store only one piece of server IP information in the computer terminal, and the IP information is converted into different server IPs by the routing device in the network after being switched to different networks through addresses, but this method is inconvenient to implement and definitely requires each network to use different IP addresses in many application occasions. Therefore, how to improve the security of the network service access under the multi-network isolation environment from the technical scheme under the condition of keeping the convenience of the network service access under the multi-network isolation environment is a problem to be solved in the prior art.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: the invention can solve the safety problem caused by that the computer terminal stores different security information of a plurality of networks under the condition of keeping the convenience of the automatic switching technology of the computer terminal, solve the safety risk caused by detecting the current network and improve the safety of network access under the multi-network isolation environment.
In order to solve the technical problems, the invention adopts the technical scheme that:
the invention provides a network switching device under a multi-network isolation environment, which comprises a shell, wherein a computer network interface and at least two network end network interfaces are arranged on the shell, gating switches are arranged between the computer network interface and all the network end network interfaces, each gating path of each gating switch comprises a state detection line, the state detection lines are electrically isolated from other lines of the gating path, configuration storage units and data communication interfaces which are mutually connected are also arranged in the shell, the state detection lines are respectively connected with configuration storage units, and the configuration storage units select and switch network configuration information which is stored in the configuration storage units and can be read according to the on-off states of the state detection lines.
Preferably, a writing interface for writing network configuration information into the configuration storage unit is arranged on the housing.
Preferably, the configuration storage unit includes memories corresponding to each gating path of the gating switch one to one, output ends of all the memories are respectively connected to the data communication interface, network configuration information of a network to which the corresponding gating path is connected is stored in each memory, and a state detection line of each gating path is connected to a chip selection address line of the corresponding memory.
Preferably, the configuration storage unit includes a memory having a storage region corresponding to each gating path of the gating switch, a data output line of the memory is connected to the data communication interface, each storage region stores network configuration information of a network to which the corresponding gating path is connected, the state detection lines of all the gating paths are connected to the memory, and the state detection lines of each gating path are used for controlling the data output line of the memory to output the network configuration information of the corresponding network.
The invention provides an application method of a network switching device under a multi-network isolation environment, which comprises the following implementation steps:
1) monitoring the network connection state of a local computer, wherein the local computer is respectively connected to each physical network which is isolated from each other through a network switching device under the multi-network isolation environment and is connected with a configuration storage unit of the network switching device through a data communication interface; if the network of the local computer is monitored to be disconnected and then connected, skipping to execute the step 2);
2) reading the network configuration information in the configuration storage unit through a data communication interface;
3) and the application reads the obtained network configuration information.
Preferably, the detailed steps of step 2) include: and reading the encrypted network configuration information in the configuration storage unit through the data communication interface, and decrypting the encrypted new network configuration information to obtain the decrypted network configuration information.
Preferably, the network configuration information read in step 2) includes local network configuration information, and the network configuration information read in step 3) includes local network configuration information applied to the network of the local computer.
Preferably, the network configuration information read in step 2) further includes server network address information, and the network configuration information read by the application in step 3) further includes server network address information applied to the designated application software of the local computer so as to establish network connection between the designated application software and the server.
The network switching device in the multi-network isolation environment has the following advantages:
1. the invention can improve the security of the computer terminal accessing a plurality of isolated networks on the premise of keeping the convenience of the automatic switching technology of the client terminal under the multi-network isolated environment; by moving the related information of a plurality of isolated networks from the computer terminal into the network switching device, the data security on the computer terminal is improved.
2. The invention can shift the relative network configuration information of a plurality of isolated networks into the network switching device from the computer terminal, and can further store different network information by separating one or a plurality of memory chips, thereby being beneficial to the scale production and distribution of security and secrecy equipment and improving the convenience of security and secrecy management.
3. According to the invention, the computer terminal directly reads the current physical network information from the network switching device through network switching, and does not need to send a detection data packet containing other network information to the current physical network, so that the safety is improved, and an information stealing channel for high-level sustainable attack APT is cut off; the connection information of the current connection network is read from the network switching equipment, so that the connection can be directly switched to the new network, the convenience of automatic switching is kept, the network switching speed is increased due to the fact that the detection process is omitted, and the user experience is better.
4. The invention ensures physical electrical isolation by the fact that the part for storing the multi-network information in the network switching device is not electrically connected with the network port circuit in the network switching device; the switching of the current network information is realized by linking the current network information output by the network switching device with the network switching switch, and the network switching device can only return the related information of the current connected network, thereby improving the safety.
The application method of the network switching device in the multi-network isolation environment of the present invention is the application of the network switching device in the multi-network isolation environment of the present invention, and can also solve the technical problem to be solved by the network switching device in the multi-network isolation environment, and achieve the aforementioned beneficial effects of the network switching device in the multi-network isolation environment of the present invention, and therefore, the detailed description thereof is omitted.
Drawings
Fig. 1 is a schematic structural diagram of a network switching apparatus in the prior art.
Fig. 2 is a schematic structural diagram of a network switching device according to an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a configuration memory cell according to an embodiment of the invention.
Illustration of the drawings: 1. a housing; 11. a computer network interface; 12. a network side network interface; 13. a gating switch; 2. configuring a storage unit; 3. a data communication interface; 4. and writing the interface.
Detailed Description
The following will take two isolated networks as an example to further describe the network switching device and the application method thereof in the multi-network isolated environment in detail.
The first embodiment is as follows:
as shown in fig. 2, the present embodiment provides a network switching device under a multi-network isolation environment, which includes a housing 1, a computer network interface 11 and two network end network interfaces 12 are disposed on the housing 1, gating switches 13 are disposed between the computer network interface 11 and all the network end network interfaces 12, each gating path of the gating switch 13 includes a state detection line, the state detection line is electrically isolated from other lines of the gating path, the housing 1 is further provided with a configuration storage unit 2 and a data communication interface 3 that are connected to each other, the state detection lines are respectively connected to the configuration storage unit 2, and the configuration storage unit 2 selectively switches network configuration information stored in the configuration storage unit 2 according to on-off states of the state detection lines. As in the prior art, the casing 1 is provided with key switches for controlling the gating switches 13 to select different gating paths, for example, in this embodiment, the casing 1 is provided with 2 key switches K1 and K2, the key switch K1 corresponds to the network side network interface 12#1 (connected to the network 1), the key switch K2 corresponds to the network side network interface 12#2 (connected to the network 2, and the network 2 and the network 1 are electrically isolated from each other), the key switch K1 is pressed to connect the computer network interface 11 to the network side network interface 12#1, the key switch K2 is pressed to connect the computer network interface 11 to the network side network interface 12#2, and at most one of the 2 key switches K1 and K2 is in a pressed state. In the present embodiment, on the basis of the above structure, a state detection line a1 and a2 that is electrically isolated from other lines of the gate path to which the state detection line a 8926 and a2 are added to each gate path of the gate switch 13, the state detection lines a1 and a2 enable detection of the gate state of the gate path to be completed and send the detection to the configuration storage unit 2, and the configuration storage unit 2 selects and switches the network configuration information stored in the configuration storage unit 2 for reading according to the on-off state of each state detection line.
As shown in fig. 3, the configuration storage unit 2 in this embodiment includes memories C1 and C2 corresponding to each gate path of the gate switch 13, the output terminals of all the memories are respectively connected to the data communication interface 3, each memory stores network configuration information of a network to which the corresponding gate path is connected, and the state detection line of each gate path is connected to the chip select address line of the corresponding memory. In this embodiment, the state detection lines a1 and a2 share a high power supply line, and output a low level when the corresponding strobe path is strobed, and the chip select address lines of the memories C1 and C2 are active low. The key switch determines that the computer network interface 11 is connected to the gating path, the combination state of the key switch also determines signals on state detection lines A1 and A2, the key switch K1 is pressed, the key switch K2 is reset, the computer network interface 11 is connected to the network 1, the state detection line A1 is at a low level, the state detection line A2 is at a high level, and data in a memory C1 can be read; the key switch K2 is pressed, the key switch K1 is reset, the computer network interface 11 is connected to the network 2, the state detection line a2 is low, the state detection line a1 is high, and data in the memory C2 can be read. It should be noted that the memories C1 and C2 should be configured to be read only to avoid tampering with the network configuration information, which is more secure.
In this embodiment, the data communication interface 3 specifically adopts a USB interface. The high-level power supply line shared by the state detection lines a1 and a2 is supplied directly from the power supply line and the ground line in the USB data line or converted by the voltage conversion unit.
In this embodiment, the shell 1 is provided with a write interface 4 for writing network configuration information into the configuration storage unit 2, and the write interface 4 can write network configuration information of a plurality of networks into the configuration storage unit 2. When the write interface 4 writes the network configuration information of a plurality of networks into the configuration storage unit 2, it is also necessary to perform a gating operation on the gating switch 13 to select the memory chips C1 and C2 to write the network configuration information of the corresponding networks.
The embodiment provides an application method of a network switching device in a multi-network isolation environment, which comprises the following implementation steps:
1) monitoring the network connection state of a local computer, wherein the local computer is respectively connected to each physical network which is isolated from each other through the network switching device under the multi-network isolation environment and is connected with the configuration storage unit 2 of the network switching device through a data communication interface 3; if the network of the local computer is monitored to be disconnected and then connected, skipping to execute the step 2);
2) reading the network configuration information in the configuration storage unit 2 through the data communication interface 3;
3) and the application reads the obtained network configuration information.
The application method of the network switching device in this embodiment is specifically realized by a computer program in a local computer, where the computer program monitors signal changes on a network card NIC through a NetLink socket, and when a signal that the network card is disconnected and then connected is found, the step 2) is executed by skipping to read the network configuration information in the configuration storage unit 2 through the data communication interface 3.
In this embodiment, the detailed steps of step 2) include: the encrypted network configuration information in the configuration storage unit 2 is read through the data communication interface, the encrypted new network configuration information is decrypted to obtain the decrypted network configuration information, and the security of the electrical isolation network can be further improved through encrypting the network configuration information of the storage network.
In this embodiment, the network configuration information read in step 2) includes local network configuration information, and the network configuration information obtained by applying and reading in step 3) includes local network configuration information (for example, information such as an IP address, a subnet mask, a gateway, and a DNS) applied to the network of the local computer, so that the computer can directly connect to a new isolated network according to the read network configuration information, thereby subtracting a detection process, increasing a network switching speed, and improving user experience.
In this embodiment, the network configuration information read in step 2) further includes server network address information, and the network configuration information obtained by application reading in step 3) further includes network address information (for example, information such as an IP address) of a designated application software application server of the local computer, so as to facilitate establishment of network connection between the designated application software and the server, thereby further hiding the network address information of the designated application software application server, and preventing the network address information of the software application server from being divulged.
Example two:
the present embodiment is basically the same as the first embodiment, and the main difference is the implementation manner of configuring the memory cell 2. In this embodiment, the configuration storage unit 2 includes a memory having storage regions corresponding to each gating path of the gating switch 13 one by one, a data output line of the memory is connected to the data communication interface 3, each storage region stores network configuration information of a network to which the corresponding gating path is connected, state detection lines of all the gating paths are connected to the memory, and the state detection line of each gating path is used to control the data output line of the memory to output the network configuration information of the corresponding network. In this way, the cost on the memory can be reduced.
Example three:
the present embodiment is basically the same as the first embodiment, and the main difference is the implementation manner of the data communication interface 3. In this embodiment, the data communication interface 3 is a serial communication interface, and can also provide a high-level power supply line shared by the state detection lines a1 and a2 according to the VCC pin thereof. In addition, the data communication interface 3 may also adopt other data communication interfaces with VCC pin types as required. On this basis, the state detection lines a1 and a2 can also be supplied with high-level power by additionally adding a VCC power supply cable between the computer and the network switching device.
Example four:
the present embodiment is basically the same as the first embodiment, and the main difference is the implementation manner of configuring the memory cell 2. In the embodiment, the configuration storage unit 2 comprises a single chip microcomputer, the storage unit state detection lines A1 and A2 and the storages C1 and C2 are respectively connected with the single chip microcomputer, and the storages C1 and C2 are indirectly selected as the only readable storage media of the computer by using the single chip microcomputer as control equipment; in addition, related network configuration information can be directly sent to the computer through the data communication interface 3 through the single chip microcomputer, but compared with the above embodiment, the cost and the implementation complexity are higher.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.
Claims (7)
1. The utility model provides a network auto-change over device under environment is kept apart to many networks, includes shell (1), be equipped with computer network interface (11) and two at least network end network interfaces (12) on shell (1), be equipped with gating switch (13) between computer network interface (11) and all network end network interfaces (12), its characterized in that: each gating path of the gating switch (13) comprises a state detection line, the state detection lines are electrically isolated from other lines of the gating path, a configuration storage unit (2) and a data communication interface (3) which are connected with each other are further arranged in the shell (1), the state detection lines are respectively connected with the configuration storage unit (2), and the configuration storage unit (2) selects and switches network configuration information which is stored in the configuration storage unit (2) and can be read according to the on-off state of each state detection line; the configuration storage unit (2) comprises a memory with storage areas corresponding to each gating path of the gating switch (13) one by one, a data output line of the memory is connected with the data communication interface (3), each storage area stores network configuration information of a network connected with the corresponding gating path, state detection lines of all the gating paths are connected with the memory, and the state detection lines of each gating path are used for controlling the data output line of the memory to output the network configuration information of the corresponding network.
2. The network switching device under the multi-network isolation environment according to claim 1, wherein: and a writing interface (4) for writing network configuration information into the configuration storage unit (2) is arranged on the shell (1).
3. The network switching device under the multi-network isolation environment according to claim 1, wherein: the configuration storage unit (2) comprises memories corresponding to each gating path of the gating switch (13) one by one, the output ends of all the memories are respectively connected with the data communication interface (3), network configuration information of a network connected with the corresponding gating path is stored in each memory, and a state detection line of each gating path is connected with a chip selection address line of the corresponding memory.
4. An application method of a network switching device under a multi-network isolation environment is characterized by comprising the following implementation steps:
1) monitoring the network connection state of a local computer, wherein the local computer is respectively connected to each physical network which is isolated from each other through a network switching device under the multi-network isolation environment of any one of claims 1 to 3 and is connected with a configuration storage unit (2) of the network switching device through a data communication interface (3); if the network of the local computer is monitored to be disconnected and then connected, skipping to execute the step 2);
2) reading the network configuration information in the configuration storage unit (2) through the data communication interface (3);
3) and the application reads the obtained network configuration information.
5. The method of claim 4, wherein the network switching method in a multi-network isolated environment comprises: the detailed steps of the step 2) comprise: and reading the encrypted network configuration information in the configuration storage unit (2) through a data communication interface, and decrypting the encrypted new network configuration information to obtain the decrypted network configuration information.
6. The method of claim 4, wherein the network switching method in a multi-network isolated environment comprises: the network configuration information read in the step 2) includes local network configuration information, and the network configuration information read in the step 3) includes local network configuration information for applying the network of the local computer.
7. The method of claim 6, wherein the network switching method in a multi-network isolated environment comprises: the network configuration information read in the step 2) further comprises server network address information, and the network configuration information obtained by the application reading in the step 3) further comprises server network address information applied to the appointed application software of the local computer so as to establish network connection between the appointed application software and the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810500954.7A CN108696395B (en) | 2018-05-23 | 2018-05-23 | Network switching device under multi-network isolation environment and application method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810500954.7A CN108696395B (en) | 2018-05-23 | 2018-05-23 | Network switching device under multi-network isolation environment and application method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108696395A CN108696395A (en) | 2018-10-23 |
CN108696395B true CN108696395B (en) | 2021-06-25 |
Family
ID=63846854
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810500954.7A Active CN108696395B (en) | 2018-05-23 | 2018-05-23 | Network switching device under multi-network isolation environment and application method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108696395B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113471773A (en) * | 2021-05-28 | 2021-10-01 | 山东英信计算机技术有限公司 | RJ45 socket device, server and network switching method |
CN113992578B (en) * | 2021-09-09 | 2023-11-03 | 新华三大数据技术有限公司 | Method, device, equipment and storage medium for switching servers of cloud desktop terminal |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN2444265Y (en) * | 2000-08-23 | 2001-08-22 | 深圳市宏网实业有限公司 | Switchover switch for physical insulating of internal, external network hard disk |
CN2715432Y (en) * | 2004-06-15 | 2005-08-03 | 尹理根 | Physical isolation device for network safety |
CN2790052Y (en) * | 2005-04-18 | 2006-06-21 | 梁雁文 | Single-net wire network isolation system |
CN201114132Y (en) * | 2007-07-10 | 2008-09-10 | 梁雁文 | Computer network isolated system |
CN201608722U (en) * | 2010-03-16 | 2010-10-13 | 山东渔翁信息技术股份有限公司 | Secure physical isolation device for network |
CN201662811U (en) * | 2010-08-20 | 2010-12-01 | 河南省电力公司 | Dual-network isolated SSD hard disk |
CN102130808A (en) * | 2010-01-15 | 2011-07-20 | 张建华 | Enhanced mixed physical isolation method |
CN202512576U (en) * | 2012-04-13 | 2012-10-31 | 无锡工艺职业技术学院 | Computer security device capable of achieving physical isolation of network |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7016358B2 (en) * | 2001-05-14 | 2006-03-21 | Canon Kabushiki Kaisha | Interface device with network isolation |
CN100563255C (en) * | 2006-06-14 | 2009-11-25 | 杭州华三通信技术有限公司 | The partition method of Internet protocol storage area network and spacer assembly |
-
2018
- 2018-05-23 CN CN201810500954.7A patent/CN108696395B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN2444265Y (en) * | 2000-08-23 | 2001-08-22 | 深圳市宏网实业有限公司 | Switchover switch for physical insulating of internal, external network hard disk |
CN2715432Y (en) * | 2004-06-15 | 2005-08-03 | 尹理根 | Physical isolation device for network safety |
CN2790052Y (en) * | 2005-04-18 | 2006-06-21 | 梁雁文 | Single-net wire network isolation system |
CN201114132Y (en) * | 2007-07-10 | 2008-09-10 | 梁雁文 | Computer network isolated system |
CN102130808A (en) * | 2010-01-15 | 2011-07-20 | 张建华 | Enhanced mixed physical isolation method |
CN201608722U (en) * | 2010-03-16 | 2010-10-13 | 山东渔翁信息技术股份有限公司 | Secure physical isolation device for network |
CN201662811U (en) * | 2010-08-20 | 2010-12-01 | 河南省电力公司 | Dual-network isolated SSD hard disk |
CN202512576U (en) * | 2012-04-13 | 2012-10-31 | 无锡工艺职业技术学院 | Computer security device capable of achieving physical isolation of network |
Non-Patent Citations (2)
Title |
---|
《网络物理隔离的特点分析》;高晰;《武汉电力职业技术学院学报》;20121215;正文第1-4页 * |
基于物理隔离的网络安全的实现;蔡东蛟;《计算机安全》;20071105;正文第1-2页 * |
Also Published As
Publication number | Publication date |
---|---|
CN108696395A (en) | 2018-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9578034B2 (en) | Trusted peripheral device for a host in a shared electronic environment | |
CN101730987B (en) | Managing network components using USB keys | |
CN107743075B (en) | Multi-system network interconnection equipment, method and device | |
CN105511805A (en) | Data processing method and device for cluster file system | |
KR102340468B1 (en) | Logging traffic on computer networks | |
CN109587065A (en) | Method, apparatus, interchanger, equipment and the storage medium to E-Packet | |
US9325497B2 (en) | Power line based theft protection of electronic devices | |
CN108696395B (en) | Network switching device under multi-network isolation environment and application method thereof | |
CN103236941A (en) | Link discovery method and device | |
US20100070662A1 (en) | Method, apparatus and system for serial attached scsi (sas) zoning management of a domain using initiator isolation | |
CN105430016A (en) | Network access authentication method and system | |
CN102130808A (en) | Enhanced mixed physical isolation method | |
US20060250966A1 (en) | Method for local area network security | |
CN111083088B (en) | Cloud platform hierarchical management method and device based on multiple security domains | |
CN114338153A (en) | IPSec negotiation method and device | |
CN109889421B (en) | Router management method, device, terminal, system and storage medium | |
CN109450785B (en) | Method and device for safely sharing USB (universal serial bus) equipment of convergence gateway | |
CN111131280A (en) | Internal and external network isolation system | |
CN114268486B (en) | Serial port encryption circuit, encryption method thereof, communication manager and communication system | |
EP3407201A1 (en) | An ip-gpio system, corresponding apparatus and method | |
CN210629540U (en) | Safety isolation control computer system | |
CN103067282A (en) | Data backup method, device and system | |
CN114172841A (en) | Message forwarding method and device, electronic equipment and reading and storing medium | |
WO2021173252A1 (en) | Encrypted overlay network for physical attack resiliency | |
KR20190103292A (en) | Asymmetric System and Network Architecture |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 410000 4th floor, Gongmei building, 156 Sany Avenue, Kaifu District, Changsha City, Hunan Province Applicant after: Hunan Qilin Xin'an Technology Co., Ltd Address before: 410000 4th floor, Gongmei building, 156 Sany Avenue, Kaifu District, Changsha City, Hunan Province Applicant before: HUNAN KYLIN XINAN TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |