CN109450871B - Distributed virtual firewall device and system deployment method thereof - Google Patents
Distributed virtual firewall device and system deployment method thereof Download PDFInfo
- Publication number
- CN109450871B CN109450871B CN201811231482.6A CN201811231482A CN109450871B CN 109450871 B CN109450871 B CN 109450871B CN 201811231482 A CN201811231482 A CN 201811231482A CN 109450871 B CN109450871 B CN 109450871B
- Authority
- CN
- China
- Prior art keywords
- information
- virtual firewall
- module
- host
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a system deployment method of a distributed virtual firewall device, which relates to the technical field related to computer network technology, wherein the distributed virtual firewall device comprises a network virtual firewall, a host virtual firewall, a virtual switch, a host, a cloud computer and an external interface; the system deployment method comprises a network virtual firewall, a host virtual firewall, a network virtual firewall access rule platform, a host virtual firewall access rule platform and a user information setting platform; the network virtual firewall is arranged inside the cloud computer, the network virtual firewall access rule platform receives and compares and filters information obtained from the virtual switch through the network virtual firewall information verification filtering module, and the host virtual firewall can prevent virus information in external hardware from invading the inside of the cloud computer to damage internal files of the cloud computer when the host is connected with the external hardware, and can prevent virus information or junk information in the virtual switch from directly entering the inside of the cloud computer.
Description
Technical Field
The present invention relates to the field of computer network technologies, and in particular, to a distributed virtual firewall apparatus and a system deployment method thereof.
Background
Virtualization is one of the hot technologies at present, and has been widely applied to the fields of cloud computing platforms, virtual storage, virtual operating systems, virtual desktops, virtual terminals, and the like. The security of virtualization is also becoming more and more important, and firewalls (also known as guard walls) were invented in 1993 by the firm Point founder Gil shewed and introduced into the internet (US5606668(a) 1993-12-15). It is a network security system located between an internal network and an external network. A secure guard system allows or restricts the passage of transmitted data according to certain rules.
At present, most of the existing virtual firewall devices for computers are centralized virtual firewall devices, which have slow processing speed and poor processing effect.
Therefore, it is necessary to provide a distributed virtual firewall device and a system deployment method thereof to solve the above problems.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a distributed virtual firewall device and a system deployment method thereof, which solve the problems of low processing speed and poor processing effect of the traditional centralized virtual firewall device.
(II) technical scheme
In order to achieve the purpose, the invention is realized by the following technical scheme:
a distributed virtual firewall device comprises a network virtual firewall, a host virtual firewall, a virtual switch, a host, a cloud computer and an external interface;
the output end of the host virtual firewall is electrically connected with the input end of the host, the output end of the virtual switch is electrically connected with the input end of the network virtual firewall, the output end of the host is electrically connected with the input end of the network virtual firewall, the external interface is electrically connected with the input end of the host virtual firewall, and the output end of the network virtual firewall is electrically connected with the input end of the cloud computer;
the network virtual firewall comprises a network virtual firewall access rule platform and a network information processing and sending module, wherein the network virtual firewall access rule platform comprises a network virtual firewall information verification filtering module;
the output end of the network virtual firewall access rule platform is electrically connected with the input end of a network virtual firewall information verification filtering module, and the output end of the network virtual firewall information verification filtering module is electrically connected with the input end of a network information processing and sending module;
the host virtual firewall comprises a host virtual firewall access rule platform and a host information processing and sending module, wherein the host virtual firewall access rule platform comprises a host virtual firewall information verification and filtering module;
the output end of the host virtual firewall access rule platform is electrically connected with the input end of the host virtual firewall information verification filtering module, and the output end of the host virtual firewall information verification filtering module is electrically connected with the input end of the host information processing and sending module;
the cloud computer includes cloud computer intranet node, user information setting platform and virtual hot wall management platform that prevents, the virtual output that prevents hot wall of network is connected with the input electricity of cloud computer intranet node, the output that user information set up the platform is connected with the virtual input electricity that prevents hot wall management platform, the virtual output that prevents hot wall management platform is connected with the input electricity that user information set up the platform.
Optionally, the output end of the network information processing and sending module is electrically connected with the input end of the cloud computer;
the output end of the host information processing and sending module is electrically connected with the input end of the host.
Optionally, the user information setting platform includes an information setting module, a feedback information receiving module and a sending module;
the output end of the information setting module is electrically connected with the input end of the sending module;
the output end of the feedback information receiving module is electrically connected with the input end of the information setting module.
Optionally, the virtual firewall management platform includes an information receiving module, an information confirming module, an information sending module, and a feedback module;
and the output end of the information receiving module is electrically connected with the input end of the information confirming module.
Optionally, the network virtual firewall access rule platform and the host virtual firewall access rule platform are both internally provided with an information updating module;
the input end of the information updating module is electrically connected with the output end of the information sending module.
Optionally, the output end of the sending module is electrically connected with the input end of the information receiving module;
the input end of the feedback information receiving module is electrically connected with the output end of the feedback module.
Optionally, the intranet nodes of the cloud computer are arranged inside the cloud computer;
the user information setting platform and the virtual firewall management platform are both arranged inside the cloud computer.
A system deployment method of a distributed virtual firewall device comprises a network virtual firewall, a host virtual firewall, a network virtual firewall access rule platform, a host virtual firewall access rule platform and a user information setting platform; the network virtual firewall is arranged inside the cloud computer, the network virtual firewall access rule platform receives and contrasts and filters information obtained from the virtual switch through a network virtual firewall information verification filtering module, and the network virtual firewall information verification filtering module transmits the information which is contrasted and filtered and accords with the network virtual firewall access rule to an intranet node of the cloud computer through a network information processing and transmitting module;
the host virtual firewall is arranged in the host, the host virtual firewall access rule platform receives and filters information acquired from an external interface through a host virtual firewall information verification filtering module in a comparison mode, and the host virtual firewall information verification filtering module transmits the information which is matched with the host virtual firewall access rule after the comparison and the filtering to the host through a host information processing and sending module;
the information received by the host is transmitted to a network virtual firewall, and the network virtual firewall compares, filters and transmits the information transmitted by the host to the intranet node of the cloud computer again;
the user information setting platform sets target information which a user wants to intercept through an information setting module, the information setting module transmits the target information set by the user to an information receiving module of the virtual firewall management platform through a sending module, the information receiving module transmits the target information to an information confirming module, and the information confirming module confirms whether the received target information can be realized and normally used;
the information confirmation module transmits the confirmed target information meeting the requirements to the information sending module, and the information confirmation module transmits the confirmed target information not meeting the requirements to the feedback module.
Optionally, the information sending module respectively sends the target information meeting the requirements to the information updating module;
and the information updating module respectively updates the network virtual firewall access rule of the network virtual firewall access rule platform and the host virtual firewall access rule of the host virtual firewall access rule platform according to the target information.
Optionally, the feedback module feeds back the target information which does not meet the requirement to the feedback information receiving module;
the feedback information receiving module feeds the target information which does not meet the requirement back to the information setting module, so that the user can input the target information again.
(III) advantageous effects
The invention provides a distributed virtual firewall device and a system deployment method thereof, which have the following beneficial effects:
(1) according to the invention, when the host is connected with the external hardware, the phenomenon that the internal file of the cloud computer is damaged due to the fact that the virus information in the external hardware invades into the cloud computer can be prevented through the host virtual firewall, and the phenomenon that the virus information or the garbage information in the virtual switch directly enters into the cloud computer to cause system breakdown of the cloud computer or inconvenience in cleaning excessive internal garbage files can be prevented through the network virtual firewall.
(2) The information processed and filtered by the host virtual firewall is transmitted to the network virtual firewall, so that the information is secondarily authenticated and filtered by the network virtual firewall, the safety of the cloud computer is improved, the user information setting platform can enable a user to set the information to be intercepted by the user, the operability of the user is improved, the information updating module can update the access rule of the network virtual firewall and the access rule of the host virtual firewall after the user sets correct target information, and the network virtual firewall and the host virtual firewall can intercept the target information set by the user in time.
Drawings
Fig. 1 is a schematic diagram of a distributed virtual firewall according to the present invention.
FIG. 2 is a schematic diagram of a network virtual firewall according to the present invention.
FIG. 3 is a diagram illustrating a virtual firewall architecture of a host according to the present invention.
Fig. 4 is a schematic structural diagram of a user information setting platform according to the present invention.
Fig. 5 is a schematic diagram of the working process of the user information setting platform according to the present invention.
FIG. 6 is a flowchart illustrating the operation of the host virtual firewall according to the present invention.
FIG. 7 is a schematic diagram illustrating a working process of the network virtual firewall according to the present invention.
In the figure: 1-network virtual firewall, 2-host virtual firewall, 3-virtual switch, 4-host, 5-cloud computer, 6-external interface, 7-network virtual firewall access rule platform, 8-network information processing sending module, 9-network virtual firewall information verification filtering module, 10-host virtual firewall access rule platform, 11-host information processing sending module, 12-host virtual firewall information verification filtering module, 13-cloud computer intranet node, 14-user information setting platform, 141-information setting module, 142-feedback information receiving module, 143-sending module, 15-virtual firewall management platform, 151-information receiving module, 152-information confirmation module, 153-information sending module, 154-feedback module, 16-information updating module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "central," "longitudinal," "lateral," "length," "width," "thickness," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," "clockwise," "counterclockwise," "axial," "radial," "circumferential," and the like are used in the orientations and positional relationships indicated in the drawings for convenience in describing the invention and to simplify the description, and are not intended to indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and are therefore not to be considered limiting of the invention.
In the present invention, unless otherwise expressly specified or limited, the terms "disposed," "mounted," "connected," and "fixed" are to be construed broadly and may, for example, be fixedly connected or detachably connected; may be a mechanical connection; may be directly connected or indirectly connected through an intermediate. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
According to the present invention, as shown in fig. 1-7, there is provided a technical solution:
a distributed virtual firewall device comprises a network virtual firewall 1, a host virtual firewall 2, a virtual switch 3, a host 4, a cloud computer 5 and an external interface 6;
the output end of the host virtual firewall 2 is electrically connected with the input end of the host 4, the output end of the virtual switch 3 is electrically connected with the input end of the network virtual firewall 1, the output end of the host 4 is electrically connected with the input end of the network virtual firewall 1, the external interface 6 is electrically connected with the input end of the host virtual firewall 2, and the output end of the network virtual firewall 1 is electrically connected with the input end of the cloud computer 5;
the network virtual firewall 1 comprises a network virtual firewall access rule platform 7 and a network information processing and sending module 8, wherein the network virtual firewall access rule platform 7 comprises a network virtual firewall information verification and filtering module 9;
the output end of the network virtual firewall access rule platform 7 is electrically connected with the input end of a network virtual firewall information verification filtering module 9, and the output end of the network virtual firewall information verification filtering module 9 is electrically connected with the input end of a network information processing and sending module 8;
the host virtual firewall 2 comprises a host virtual firewall access rule platform 10 and a host information processing and sending module 11, wherein the host virtual firewall access rule platform 10 comprises a host virtual firewall information verification and filtering module 12;
the output end of the host virtual firewall access rule platform 10 is electrically connected with the input end of the host virtual firewall information verification filtering module 12, and the output end of the host virtual firewall information verification filtering module 12 is electrically connected with the input end of the host information processing and sending module 11;
the cloud computer 5 comprises a cloud computer intranet node 13, a user information setting platform 14 and a virtual firewall management platform 15, wherein the output end of the network virtual firewall 1 is electrically connected with the input end of the cloud computer intranet node 13, the output end of the user information setting platform 14 is electrically connected with the input end of the virtual firewall management platform 15, and the output end of the virtual firewall management platform 15 is electrically connected with the input end of the user information setting platform 14.
As an optional technical scheme of the invention: the output end of the network information processing and sending module 8 is electrically connected with the input end of the cloud computer 5;
the output end of the host information processing and sending module 11 is electrically connected with the input end of the host 4.
As an optional technical scheme of the invention: the user information setting platform 14 comprises an information setting module 141, a feedback information receiving module 142 and a sending module 143;
the output end of the information setting module 141 is electrically connected with the input end of the sending module 143;
an output terminal of the feedback information receiving module 142 is electrically connected to an input terminal of the information setting module 141.
As an optional technical scheme of the invention: the virtual firewall management platform 15 comprises an information receiving module 151, an information confirming module 152, an information sending module 153 and a feedback module 154;
an output terminal of the information receiving module 151 is electrically connected to an input terminal of the information confirmation module 152.
As an optional technical scheme of the invention: the network virtual firewall access rule platform 7 and the host virtual firewall access rule platform 10 are internally provided with information updating modules 16;
the input end of the information updating module 16 is electrically connected with the output end of the information sending module 153.
As an optional technical scheme of the invention: the output end of the sending module 143 is electrically connected with the input end of the information receiving module 151;
an input of the feedback information receiving module 142 is electrically connected to an output of the feedback module 154.
As an optional technical scheme of the invention: the cloud computer intranet node 13 is arranged inside the cloud computer 5;
the user information setting platform 14 and the virtual firewall management platform 15 are both provided inside the cloud computer 5.
A system deployment method of a distributed virtual firewall device comprises a network virtual firewall 1, a host virtual firewall 2, a network virtual firewall access rule platform 7, a host virtual firewall access rule platform 10 and a user information setting platform 14; the network virtual firewall 1 is arranged inside the cloud computer 5, the network virtual firewall access rule platform 7 receives and contrasts and filters information obtained from the virtual switch 3 through a network virtual firewall information verification filtering module 9, and the network virtual firewall information verification filtering module 9 transmits the information which is contrasted and filtered and accords with the network virtual firewall access rule to a cloud computer intranet node 13 through a network information processing and sending module 8;
the host virtual firewall 2 is arranged inside the host 4, the host virtual firewall access rule platform 10 receives and contrasts and filters the information acquired from the external interface 6 through the host virtual firewall information verification filtering module 12, and the host virtual firewall information verification filtering module 12 transmits the information which is contrasted and filtered and accords with the host virtual firewall access rule to the host 4 through the host information processing and transmitting module 11;
the information received by the host 4 is transmitted to the network virtual firewall 1, and the network virtual firewall 1 compares, filters and transmits the information transmitted by the host 4 to the cloud computer intranet node 13 again;
the user information setting platform 14 sets target information that a user wants to intercept through the information setting module 141, the information setting module 141 transmits the target information set by the user to the information receiving module 151 of the virtual firewall management platform 15 through the sending module 143, the information receiving module 151 transmits the target information to the information confirming module 152, and the information confirming module 152 confirms whether the received target information can be realized and normally used;
the information confirmation module 152 sends the confirmed target information meeting the requirement to the information sending module 153, and the information confirmation module 152 sends the confirmed target information not meeting the requirement to the feedback module 154.
As an optional technical scheme of the invention: the information sending module 153 sends the target information meeting the requirements to the information updating module 16;
the information updating module 16 respectively updates the network virtual firewall access rule of the network virtual firewall access rule platform 7 and the host virtual firewall access rule of the host virtual firewall access rule platform 10 according to the target information.
As an optional technical scheme of the invention: the feedback module 154 feeds the unsatisfactory target information back to the feedback information receiving module 142;
the feedback information receiving module 142 feeds the unsatisfactory target information back to the information setting module 141, so that the user can input the target information again.
It is noted that in the present disclosure, unless otherwise explicitly specified or limited, a first feature "on" or "under" a second feature may be directly contacted with the first and second features, or indirectly contacted with the first and second features through intervening media. Also, a first feature "on," "over," and "above" a second feature may be directly or diagonally above the second feature, or may simply indicate that the first feature is at a higher level than the second feature. A first feature being "under," "below," and "beneath" a second feature may be directly under or obliquely under the first feature, or may simply mean that the first feature is at a lesser elevation than the second feature.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.
Claims (10)
1. The system deployment method of the distributed virtual firewall device is characterized by comprising a network virtual firewall (1), a host virtual firewall (2), a network virtual firewall access rule platform (7), a host virtual firewall access rule platform (10) and a user information setting platform (14);
the network virtual firewall (1) is arranged inside the cloud computer (5), the network virtual firewall access rule platform (7) receives and contrasts and filters information obtained from the virtual switch (3) through a network virtual firewall information verification filtering module (9), and the network virtual firewall information verification filtering module (9) transmits the information which is contrasted and filtered and accords with the network virtual firewall access rule to an intranet node (13) of the cloud computer through a network information processing and transmitting module (8);
the host virtual firewall (2) is arranged inside the host (4), the host virtual firewall access rule platform (10) receives and contrasts and filters information acquired from the external interface (6) through a host virtual firewall information verification filtering module (12), and the host virtual firewall information verification filtering module (12) transmits the information which is contrasted and filtered and conforms to the host virtual firewall access rule to the host (4) through a host information processing and transmitting module (11);
the information received by the host (4) is transmitted to the network virtual firewall (1), and the network virtual firewall (1) compares, filters and transmits the information transmitted by the host (4) to the cloud computer intranet node (13);
the user information setting platform (14) sets target information which a user wants to intercept through an information setting module (141), the information setting module (141) transmits the target information set by the user to an information receiving module (151) of the virtual firewall management platform (15) through a transmitting module (143), the information receiving module (151) transmits the target information to an information confirming module (152), and the information confirming module (152) confirms whether the received target information can be realized and normally used;
the information confirmation module (152) transmits the confirmed target information meeting the requirements to the information sending module (153), and the information confirmation module (152) transmits the confirmed target information not meeting the requirements to the feedback module (154).
2. The system deployment method of the distributed virtual firewall device according to claim 1, wherein:
the information sending module (153) respectively transmits the target information meeting the requirements to the information updating module (16);
and the information updating module (16) respectively updates the network virtual firewall access rule of the network virtual firewall access rule platform (7) and the host virtual firewall access rule of the host virtual firewall access rule platform (10) according to the target information.
3. The system deployment method of the distributed virtual firewall device according to claim 1, wherein:
the feedback module (154) feeds the target information which does not meet the requirement back to the feedback information receiving module (142);
the feedback information receiving module (142) feeds the target information which does not meet the requirement back to the information setting module (141) so as to enable the user to input the target information again.
4. A distributed virtual firewall apparatus according to the system deployment method of the distributed virtual firewall apparatus of any one of claims 1 to 3, wherein: the system comprises a network virtual firewall (1), a host virtual firewall (2), a virtual switch (3), a host (4), a cloud computer (5) and an external interface (6);
the output end of the host virtual firewall (2) is electrically connected with the input end of a host (4), the output end of the virtual switch (3) is electrically connected with the input end of the network virtual firewall (1), the output end of the host (4) is electrically connected with the input end of the network virtual firewall (1), the external interface (6) is electrically connected with the input end of the host virtual firewall (2), and the output end of the network virtual firewall (1) is electrically connected with the input end of a cloud computer (5);
the network virtual firewall (1) comprises a network virtual firewall access rule platform (7) and a network information processing and sending module (8), wherein the network virtual firewall access rule platform (7) comprises a network virtual firewall information verification filtering module (9);
the output end of the network virtual firewall access rule platform (7) is electrically connected with the input end of a network virtual firewall information verification filtering module (9), and the output end of the network virtual firewall information verification filtering module (9) is electrically connected with the input end of a network information processing and sending module (8);
the host virtual firewall (2) comprises a host virtual firewall access rule platform (10) and a host information processing and sending module (11), wherein the host virtual firewall access rule platform (10) comprises a host virtual firewall information verification filtering module (12);
the output end of the host virtual firewall access rule platform (10) is electrically connected with the input end of the host virtual firewall information verification filtering module (12), and the output end of the host virtual firewall information verification filtering module (12) is electrically connected with the input end of the host information processing and sending module (11);
cloud computer (5) set up platform (14) and virtual hot wall management platform (15) including cloud computer intranet node (13), user information, the output that the virtual hot wall (1) of network was prevented is connected with the input electricity of cloud computer intranet node (13), the output that user information set up platform (14) is connected with the input electricity that virtual hot wall management platform (15) was prevented, the output that virtual hot wall management platform (15) was prevented is connected with the input electricity that user information set up platform (14).
5. The distributed virtual firewall apparatus according to claim 4, wherein:
the output end of the network information processing and sending module (8) is electrically connected with the input end of the cloud computer (5);
the output end of the host information processing and sending module (11) is electrically connected with the input end of the host (4).
6. The distributed virtual firewall apparatus according to claim 4, wherein:
the user information setting platform (14) comprises an information setting module (141), a feedback information receiving module (142) and a sending module (143);
the output end of the information setting module (141) is electrically connected with the input end of the sending module (143);
the output end of the feedback information receiving module (142) is electrically connected with the input end of the information setting module (141).
7. The distributed virtual firewall apparatus according to claim 4, wherein:
the virtual firewall management platform (15) comprises an information receiving module (151), an information confirming module (152), an information sending module (153) and a feedback module (154);
the output end of the information receiving module (151) is electrically connected with the input end of the information confirming module (152);
the output end of the information confirmation module (152) is electrically connected with the input ends of the information sending module (153) and the feedback module (154) respectively.
8. The distributed virtual firewall apparatus according to claim 4, wherein:
information updating modules (16) are arranged inside the network virtual firewall access rule platform (7) and the host virtual firewall access rule platform (10);
the input end of the information updating module (16) is electrically connected with the output end of the information sending module (153).
9. The distributed virtual firewall apparatus according to claim 6, wherein:
the output end of the sending module (143) is electrically connected with the input end of the information receiving module (151);
the input end of the feedback information receiving module (142) is electrically connected with the output end of the feedback module (154).
10. The distributed virtual firewall apparatus according to claim 4, wherein: the cloud computer intranet node (13) is arranged inside the cloud computer (5);
the user information setting platform (14) and the virtual firewall management platform (15) are both arranged inside the cloud computer (5).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811231482.6A CN109450871B (en) | 2018-10-22 | 2018-10-22 | Distributed virtual firewall device and system deployment method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811231482.6A CN109450871B (en) | 2018-10-22 | 2018-10-22 | Distributed virtual firewall device and system deployment method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109450871A CN109450871A (en) | 2019-03-08 |
| CN109450871B true CN109450871B (en) | 2021-02-23 |
Family
ID=65548330
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811231482.6A Active CN109450871B (en) | 2018-10-22 | 2018-10-22 | Distributed virtual firewall device and system deployment method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109450871B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112532638A (en) * | 2020-12-03 | 2021-03-19 | 四川师范大学 | Distributed content filtering firewall |
| CN112911598A (en) * | 2021-02-23 | 2021-06-04 | 上海锐伟电子科技有限公司 | Network firewall management method and system of mobile equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104113522A (en) * | 2014-02-20 | 2014-10-22 | 西安未来国际信息股份有限公司 | Design of virtual firewall assembly acting on cloud computing data center security domain |
| CN104301321A (en) * | 2014-10-22 | 2015-01-21 | 北京启明星辰信息技术股份有限公司 | Method and system for achieving distributed network safety protection |
| CN105704087A (en) * | 2014-11-25 | 2016-06-22 | 甘肃省科学技术情报研究所 | Device for realizing network security management based on virtualization and management method |
| CN107872443A (en) * | 2016-09-28 | 2018-04-03 | 深圳市深信服电子科技有限公司 | Virtual network security protection system, flow lead method and device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8255985B2 (en) * | 2006-11-13 | 2012-08-28 | At&T Intellectual Property I, L.P. | Methods, network services, and computer program products for recommending security policies to firewalls |
| CN103095778A (en) * | 2011-11-07 | 2013-05-08 | 北京知道创宇信息技术有限公司 | Web application firewall and web application safety protection method |
| CN105141571A (en) * | 2014-06-09 | 2015-12-09 | 中兴通讯股份有限公司 | Distributed virtual firewall device and method |
-
2018
- 2018-10-22 CN CN201811231482.6A patent/CN109450871B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104113522A (en) * | 2014-02-20 | 2014-10-22 | 西安未来国际信息股份有限公司 | Design of virtual firewall assembly acting on cloud computing data center security domain |
| CN104301321A (en) * | 2014-10-22 | 2015-01-21 | 北京启明星辰信息技术股份有限公司 | Method and system for achieving distributed network safety protection |
| CN105704087A (en) * | 2014-11-25 | 2016-06-22 | 甘肃省科学技术情报研究所 | Device for realizing network security management based on virtualization and management method |
| CN107872443A (en) * | 2016-09-28 | 2018-04-03 | 深圳市深信服电子科技有限公司 | Virtual network security protection system, flow lead method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109450871A (en) | 2019-03-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109753806B (en) | Server protection method and device | |
| CN103650428B (en) | Network quarantine system, network quarantine method and program thereof | |
| CN109450871B (en) | Distributed virtual firewall device and system deployment method thereof | |
| EP2490370B1 (en) | Method for providing an anti-malware service | |
| EP3335145B1 (en) | Using multiple layers of policy management to manage risk | |
| CN103384240B (en) | A kind of P2P active defense method and system | |
| CN112788035B (en) | Network attack warning method of UPF terminal under 5G and terminal | |
| CN103236932A (en) | Webpage tamper-proofing device and method based on access control and directory protection | |
| CN106209847A (en) | Electric data transmission method and device | |
| CN113872951B (en) | Hybrid cloud security policy issuing method and device, electronic equipment and storage medium | |
| CN108521425A (en) | A kind of industry control protocol filtering method and board | |
| CN106209844A (en) | The electric power safety means of communication | |
| CN112463255B (en) | Virtual interface loading method and device, physical network card and storage medium | |
| CN105933333A (en) | Authentication charging method and export gateway of enterprise network | |
| CN113922988B (en) | Network-based host security policy detection method and system | |
| AU2021231671B2 (en) | Systems and methods for implementing universal targets in network traffic classification | |
| US10063588B2 (en) | Device and method for transferring files from a portable storage device | |
| CN111624869B (en) | Method and system for automatically sensing attack behavior and Ethernet switch | |
| CN114244555A (en) | Method for adjusting security policy | |
| CN112217770B (en) | Security detection method, security detection device, computer equipment and storage medium | |
| CN111092886B (en) | Terminal defense method, system, equipment and computer readable storage medium | |
| CN111147480B (en) | File access control method, device, equipment and medium | |
| CN110535867B (en) | Server safety device and method and server | |
| CN103916441A (en) | NAS system preventing computer viruses and method for searching for and killing computer viruses | |
| CN104598821A (en) | Universal prevention and control method for computer viruses, Trojan horses and hackers and device thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210527 Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province Patentee after: Yami Technology (Guangzhou) Co., Ltd Address before: 364012 No.1 Dongxiao North Road, Xinluo District, Longyan City, Fujian Province Patentee before: LONGYAN University |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210929 Address after: 518000 405, huashenghui complex building, No. 15, Jinhai Road, Lequn community, Xixiang street, Bao'an District, Shenzhen, Guangdong Patentee after: Shenzhen Weigu Technology Co.,Ltd. Address before: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province Patentee before: Yami Technology (Guangzhou) Co., Ltd |