CN109962914A - A kind of firewall configuration method and device - Google Patents
A kind of firewall configuration method and device Download PDFInfo
- Publication number
- CN109962914A CN109962914A CN201910186573.0A CN201910186573A CN109962914A CN 109962914 A CN109962914 A CN 109962914A CN 201910186573 A CN201910186573 A CN 201910186573A CN 109962914 A CN109962914 A CN 109962914A
- Authority
- CN
- China
- Prior art keywords
- firewall box
- firewall
- target
- information
- facility information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
Disclose a kind of firewall configuration method and device.A kind of firewall configuration method, which is characterized in that the method is applied to OpenStack server-side, comprising: receive data distributing request;It determines and whether specifies target firewall box in the data distributing request, the target firewall box is any appliance in preparatory matched several firewall boxes;Refer in the case where set the goal firewall box in data distributing request, according to the facility information of the target firewall box, sends the configuration data specified in the data distributing request;In the data distributing request in the case where not specified target firewall box, the facility information of matched several firewall boxes in advance is obtained;Target firewall box is determined according to facility information obtained, and the configuration data specified in the data distributing request is sent to identified target firewall box.
Description
Technical field
This specification embodiment is related to network communication technology field more particularly to a kind of firewall configuration method and device.
Background technique
OpenStack is that the open source cloud computing management platform project of current main-stream is provided by the multiple components for being included
The extensions clothes such as the kernel services such as calculating, network, storage and FWaaS (Firewall as a Service, firewall service)
Business.
When OpenStack server-side and firewall hardware equipment interconnection, FWaaS may be implemented, firewall box is matched
It sets.In the prior art, FWaaS is merely able to carry out resource for firewall box and the configuration such as issues, and can not configure simultaneously
More firewall boxes.Therefore it is impossible to meet the demands that more firewall boxes are disposed under large-scale network-estabilishing cloud environment.
Summary of the invention
In view of this, this specification embodiment provides a kind of firewall configuration method and device, it is applied to OpenStack and takes
Business end, technical solution are as follows:
A kind of firewall configuration method, which is characterized in that the method is applied to OpenStack server-side, comprising:
Receive data distributing request;
It determines in the data distributing request and whether specifies target firewall box, the target firewall box is preparatory
Any appliance in matched several firewall boxes;
The data distributing request in refer to set the goal firewall box in the case where, according to the target firewall box
Facility information, send the configuration data specified in data distributing request;
In the data distributing request in the case where not specified target firewall box, obtain matched in advance several anti-
The facility information of wall with flues equipment;
Target firewall box is determined according to facility information obtained, and is sent to identified target firewall box
The configuration data specified in the data distributing request.
A kind of firewall configuration device, which is characterized in that described device is applied to OpenStack server-side, comprising:
Request receiving module issues request for receiving data;
Specified determining module, for determining in the data distributing request whether specify target firewall box, the mesh
Marking firewall box is any appliance in preparatory matched several firewall boxes;
Data transmission blocks, in the case where setting the goal firewall box for referring in data distributing request, according to
The facility information of the target firewall box sends the configuration data specified in the data distributing request;
Information acquisition module, in the case where not specified target firewall box, being obtained in data distributing request
Obtain the facility information of several firewall boxes matched in advance;
Equipment determining module, for determining target firewall box according to facility information obtained;
The data transmission blocks are also used to send to identified target firewall box in the data distributing request
Specified configuration data.
Technical solution provided by this specification embodiment can match the facility information of several firewall boxes in advance,
So as in data distributing, to a certain firewall box down distributing configuration data that is specified or determining, to realize one
FWaaS can carry out resources for more firewall boxes and the configuration such as issue, while configure more firewall boxes, meet big rule
The demand of more firewall boxes is disposed under mould networking cloud environment.
It should be understood that above general description and following detailed description be only it is exemplary and explanatory, not
This specification embodiment can be limited.
In addition, any embodiment in this specification embodiment does not need to reach above-mentioned whole effects.
Detailed description of the invention
In order to illustrate more clearly of this specification embodiment or technical solution in the prior art, below will to embodiment or
Attached drawing needed to be used in the description of the prior art is briefly described, it should be apparent that, the accompanying drawings in the following description is only
The some embodiments recorded in this specification embodiment for those of ordinary skill in the art can also be attached according to these
Figure obtains other attached drawings.
Fig. 1 is the flow diagram of this specification embodiment firewall configuration method;
Fig. 2 is the structural schematic diagram of this specification embodiment firewall configuration device;
Fig. 3 is the structural schematic diagram of this specification embodiment data transmission blocks;
Fig. 4 is the structural schematic diagram of this specification embodiment equipment determining module;
Fig. 5 is the structural schematic diagram for configuring a kind of equipment of this specification embodiment device.
Specific embodiment
In order to make those skilled in the art more fully understand the technical solution in this specification embodiment, below in conjunction with this
Attached drawing in specification embodiment is described in detail the technical solution in this specification embodiment, it is clear that described
Embodiment is only a part of the embodiment of this specification, instead of all the embodiments.The embodiment of base in this manual,
Those of ordinary skill in the art's every other embodiment obtained, all should belong to the range of protection.
In view of the problems of the existing technology, this specification provides a kind of firewall configuration method, is applied to OpenStack
Server-side, shown in Figure 1, this method may comprise steps of:
S101 receives data distributing request;
This specification embodiment does not limit the trigger mechanism of data distributing request.
In one example, can by user in configuration interface manually, such as by can be to OpenStack server-side
The Web configuration interface or Command Line Interface configured issues data distributing request to OpenStack server-side;
In another example, it can also be set out automatically according to pre-set time or other conditions, it such as can be with
Periodically carry out data distributing;Etc..
Those skilled in the art can be configured according to actual needs.
S102 determines in the data distributing request whether specify target firewall box, the target firewall box
For any appliance in preparatory matched several firewall boxes;
In this specification embodiment, it can specifically be pre-configured with several firewall boxes in several ways, this illustrates reality
It applies example not limiting this, those skilled in the art can be configured flexibly according to the actual situation.
It, first can be by developer by fire prevention to be matched in a kind of specific embodiment of this specification embodiment
In the information write-in matching files of wall equipment, for example, creating fwaas_driver.ini file and with configuration group [fw_device_
1] 1 firewall is indicated, so as to add more firewall boxes in matching files.
Further, it is also possible to which several information of firewall box are written in matching files, set for example, can be written into firewall
The docking that the information of the equipment such as standby IP, user name, password and description itself and every firewall box need to configure
Docking informations such as vlan, docking IP information and docking RT equipment etc..
Accordingly, OpenStack server-side can obtain firewall box matching files first, and parse the matching
File obtains the several groups facility information for including in this document;Wherein, any group of facility information is to be matched anti-for describing to correspond to
Wall with flues equipment;Then by several groups firewall box information obtained, it is stored in the firewall box information that local terminal is pre-created
In table, so as to local terminal acquisition when issuing matched data to matched firewall box.May include in the table major key id,
The fields such as router_id, fw_ip, username, password, status and priority.
In addition, if firewall box need to be docked with router, then the router data table pre-established can also be extended,
Firewall box column are added for it, for identifying the firewall box of each router docking.
In another specific embodiment of this specification embodiment, can also to above-mentioned firewall box information table into
Row updates.It can receive firewall box information table first and update request, for example, can be triggered by user by configuration interface,
Or setting timing automatic trigger mechanism, etc..After receiving update request, obtains the update and request corresponding firewall
Equipment matching files, and the matching files are parsed, obtain the several groups facility information for including in this document;Compare and parses
To facility information and local terminal firewall box information table in the facility information that stores it is whether consistent, and in inconsistent situation
Under, the facility information stored in local terminal firewall box information table is updated using the facility information parsed.
For example, OpenStack server-side can traverse configuration file fwaas_ when starting FWaaS service
Configuration group [fw_device_n] in driver.ini, and the configuration group being not present in local terminal firewall box information table is believed
Breath is written in the table, and deletes the configuration group information for existing in the table but being not present in configuration file.
In addition, OpenStack server-side start FWaaS service when, can also according in configuration group docking vlan and
IP information is docked, corresponding vlan-if interface is created;And default route is created, outgoing interface is the vlan-if mouthfuls, and next-hop is
The IP of the direct-connected mouth vlan of RT equipment.
It may include that firewall is set in another specific embodiment of this specification embodiment, in above equipment information
Standby operating status situation.It is preparatory to be stored in local terminal by several groups firewall box information obtained for OpenStack server-side
It, can also be according to the every group of firewall box information stored in table: to this group of firewall after the firewall box information table of creation
The corresponding firewall box of facility information carries out state-detection;In the case where testing result is operating status, which is tied
Fruit is stored in this group of firewall box information;In the case where testing result is not running state, which is stored in the group
Firewall box information, and carry out equipment not running warning.
For example, if firewall box can normal communication, be operating status (as be labeled as Active), otherwise for not
Operating status (as being labeled as Down), and can prompt check network failure in Web configuration interface.
S103, the data distributing request in refer to set the goal firewall box in the case where, according to the target prevent fires
The facility information of wall equipment sends the configuration data specified in the data distributing request;
User can specify the firewall box of OpenStack server-side data distributing, for example, can configure boundary in Web
The selection in face (such as interface Dashboard), for another example, can be specified by order line " -- device " attribute, etc..To,
There may be specified target firewall boxes in the data distributing request.
Specifically, OpenStack server-side can obtain the mesh stored in the firewall box information table first
The facility information of firewall box is marked, and determines the state-detection in the facility information as a result, according to the state-detection knot
Fruit determines whether the target firewall box is operating status.
If so, according to the facility information of the target firewall box, described in the transmission of Xiang Suoshu target firewall box
The configuration data specified in data distributing request;If it is not, then carrying out the target firewall box not running warning.
S104 in the data distributing request in the case where not specified target firewall box, is obtained matched in advance
The facility information of several firewall boxes;
S105 determines target firewall box according to facility information obtained, and sets to identified target firewall
Preparation send the configuration data specified in the data distributing request.
For ease of description, S104 is illustrated in conjunction with S105.
And if data distributing request in not specified target firewall box, can by OpenStack server-side according to
The facility information of firewall box determines target firewall box and sends configuration data.
Specifically, preset several indexs can be obtained first, and are directed to any group of firewall box information obtained:
It determines in this group of facility information, several finger target values, using identified index value, it is corresponding anti-to calculate this group of facility information
Load capacity value is met default screening rule according to each load capacity value calculated by the load capacity value of wall with flues equipment
Equipment is determined as target firewall box.
For example, several indexs may include: the memory headroom of firewall box, memory space, maximum concurrent remainder,
And/or newly-built session number, etc..
The indices of matching firewall box can be periodically collected (as using 5s by the period) by FWaaS Agent
Value, and the weight of default indices calculate the weighted results of indices value as load capacity value, so that energy will be loaded
The maximum firewall box of force value is determined as target firewall box.
It can also be a fire prevention with 2 firewall boxes in a kind of specific embodiment of this specification embodiment
Wall group, 2 equipment are respectively master and slave firewall box, to avoid influencing entire when a firewall box breaks down
The firewall functionality of system is realized.In each firewall group, can by configuration distributing mouth IP (usually managing an IP) address,
The IP address corresponds to 2 firewall boxes in the firewall group.
It is specified in data distributing request when OpenStack server-side sends configuration data to firewall box
Firewall box can be a firewall group, and master firewall equipment of the OpenStack server-side in the firewall group is fortune
In the case where row state, configuration data is sent to the master firewall equipment, and the master firewall equipment in the firewall group is not
In the case where for operating status, the slave firewall equipment into the firewall group sends configuration data;Similarly, if under data
Hair request in and not specified firewall box, then OpenStack server-side can be calculated according to the index value of master firewall equipment
Load capacity value, or the load capacity value of the firewall group is calculated according to the index value of master and slave firewall box, to select
The firewall box for meeting default screening rule sends configuration data.
Corresponding to above method embodiment, this specification embodiment also provides a kind of firewall configuration device, is applied to
OpenStack server-side, it is shown in Figure 2, the apparatus may include:
Request receiving module 110 issues request for receiving data;
Specified determining module 120, it is described for determining in the data distributing request whether specify target firewall box
Target firewall box is any appliance in preparatory matched several firewall boxes;
Data transmission blocks 130, in the case where setting the goal firewall box for referring in data distributing request, root
According to the facility information of the target firewall box, the configuration data specified in the data distributing request is sent;
Information acquisition module 140, in the case where being used for the not specified target firewall box in data distributing request,
Obtain the facility information of matched several firewall boxes in advance;
Equipment determining module 150, for determining target firewall box according to facility information obtained;
The data transmission blocks 130 are also used to send the data distributing to identified target firewall box and ask
The configuration data specified in asking.
It is shown in Figure 3 in a kind of specific embodiment of this specification embodiment, the data transmission blocks 130,
May include:
Information obtainment unit 131 is set for obtaining the target firewall stored in the firewall box information table
Standby facility information, and determine the state-detection result in the facility information;
Status determining unit 132, for according to the state-detection as a result, determine the target firewall box whether be
Operating status;
Data transmission unit 133 is used in the case where the target firewall box is operating status, according to the mesh
The facility information of firewall box is marked, Xiang Suoshu target firewall box sends the configuration number specified in the data distributing request
According to;
Warning unit 134, for carrying out the target in the case where the target firewall box is not running state
The warning of firewall box not running.
It is shown in Figure 4 in a kind of specific embodiment of this specification embodiment, the equipment determining module 150,
May include:
Index obtaining unit 151, for obtaining preset several indexs;
Equipment screening unit 152, for being directed to any group of firewall box information obtained: determining this group of facility information
In, several finger target values;Using identified index value, the load energy that this group of facility information corresponds to firewall box is calculated
Force value;According to each load capacity value calculated, load capacity value is met to the equipment of default screening rule, it is anti-to be determined as target
Wall with flues equipment.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with
It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize this specification example scheme.Ordinary skill people
Member can understand and implement without creative efforts.
This specification embodiment also provides a kind of computer equipment, includes at least memory, processor and is stored in
On reservoir and the computer program that can run on a processor, wherein processor realizes fire prevention above-mentioned when executing described program
Wall configuration method.This method includes at least:
A kind of firewall configuration method, which is characterized in that the method is applied to OpenStack server-side, comprising:
Receive data distributing request;
It determines in the data distributing request and whether specifies target firewall box, the target firewall box is preparatory
Any appliance in matched several firewall boxes;
The data distributing request in refer to set the goal firewall box in the case where, according to the target firewall box
Facility information, send the configuration data specified in data distributing request;
In the data distributing request in the case where not specified target firewall box, obtain matched in advance several anti-
The facility information of wall with flues equipment;
Target firewall box is determined according to facility information obtained, and is sent to identified target firewall box
The configuration data specified in the data distributing request.
Fig. 5 shows one kind provided by this specification embodiment and more specifically calculates device hardware structural schematic diagram,
The equipment may include: processor 1010, memory 1020, input/output interface 1030, communication interface 1040 and bus
1050.Wherein processor 1010, memory 1020, input/output interface 1030 and communication interface 1040 are real by bus 1050
The now communication connection inside equipment each other.
Processor 1010 can use general CPU (Central Processing Unit, central processing unit), micro- place
Reason device, application specific integrated circuit (Application Specific Integrated Circuit, ASIC) or one
Or the modes such as multiple integrated circuits are realized, for executing relative program, to realize technical side provided by this specification embodiment
Case.
Memory 1020 can use ROM (Read Only Memory, read-only memory), RAM (Random Access
Memory, random access memory), static storage device, the forms such as dynamic memory realize.Memory 1020 can store
Operating system and other applications are realizing technical solution provided by this specification embodiment by software or firmware
When, relevant program code is stored in memory 1020, and execution is called by processor 1010.
Input/output interface 1030 is for connecting input/output module, to realize information input and output.Input and output/
Module can be used as component Configuration (not shown) in a device, can also be external in equipment to provide corresponding function.Wherein
Input equipment may include keyboard, mouse, touch screen, microphone, various kinds of sensors etc., output equipment may include display,
Loudspeaker, vibrator, indicator light etc..
Communication interface 1040 is used for connection communication module (not shown), to realize the communication of this equipment and other equipment
Interaction.Wherein communication module can be realized by wired mode (such as USB, cable etc.) and be communicated, can also be wirelessly
(such as mobile network, WIFI, bluetooth etc.) realizes communication.
Bus 1050 include an access, equipment various components (such as processor 1010, memory 1020, input/it is defeated
Outgoing interface 1030 and communication interface 1040) between transmit information.
It should be noted that although above equipment illustrates only processor 1010, memory 1020, input/output interface
1030, communication interface 1040 and bus 1050, but in the specific implementation process, which can also include realizing normal fortune
Other assemblies necessary to row.In addition, it will be appreciated by those skilled in the art that, it can also be only comprising real in above equipment
Component necessary to existing this specification example scheme, without including all components shown in figure.
Although this specification includes many specific implementation details, these are not necessarily to be construed as the model for limiting any invention
It encloses or range claimed, and is primarily used for describing the feature of the specific embodiment of specific invention.In this specification
Certain features described in multiple embodiments can also be combined implementation in a single embodiment.On the other hand, individually implementing
Various features described in example can also be performed separately in various embodiments or be implemented with any suitable sub-portfolio.This
Outside, although feature can work in certain combinations as described above and even initially so be claimed, institute is come from
One or more features in claimed combination can be removed from the combination in some cases, and claimed
Combination can be directed toward the modification of sub-portfolio or sub-portfolio.
Similarly, although depicting operation in the accompanying drawings with particular order, this is understood not to require these behaviour
Make the particular order shown in execute or sequentially carry out or require the operation of all illustrations to be performed, to realize desired knot
Fruit.In some cases, multitask and parallel processing may be advantageous.In addition, the various system modules in above-described embodiment
Separation with component is understood not to be required to such separation in all embodiments, and it is to be understood that described
Program assembly and system can be usually integrated in together in single software product, or be packaged into multiple software product.
The specific embodiment of theme has been described as a result,.Other embodiments are within the scope of the appended claims.?
In some cases, the movement recorded in claims can be executed in different order and still realize desired result.This
Outside, the processing described in attached drawing and it is nonessential shown in particular order or sequential order, to realize desired result.In certain realities
In existing, multitask and parallel processing be may be advantageous.
The foregoing is merely the preferred embodiments of this specification embodiment, do not implement to limit this specification
Example, all within the spirit and principle of this specification embodiment, any modification, equivalent substitution, improvement and etc. done should all include
Within the scope of the protection of this specification embodiment.
Claims (10)
1. a kind of firewall configuration method, which is characterized in that the method is applied to OpenStack server-side, comprising:
Receive data distributing request;
It determines and whether specifies target firewall box in the data distributing request, the target firewall box is matching in advance
Several firewall boxes in any appliance;
The data distributing request in refer to set the goal firewall box in the case where, according to setting for the target firewall box
Standby information sends the configuration data specified in the data distributing request;
In the data distributing request in the case where not specified target firewall box, matched several firewalls in advance are obtained
The facility information of equipment;
Target firewall box is determined according to facility information obtained, and to described in the transmission of identified target firewall box
The configuration data specified in data distributing request.
2. the method according to claim 1, wherein several firewall boxes of matching, comprising:
Obtain firewall box matching files;
The matching files are parsed, the several groups facility information for including in this document is obtained;Wherein, any group of facility information is used for
The corresponding firewall box to be matched of description;
Several groups firewall box information obtained is stored in the firewall box information table that local terminal is pre-created, so as to
Local terminal acquisition when issuing matched data to matched firewall box.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
It receives firewall box information table and updates request;
It obtains the update and requests corresponding firewall box matching files;
The matching files are parsed, the several groups facility information for including in this document is obtained;
Whether consistent compare the facility information stored in the facility information and local terminal firewall box information table parsed, and
In the case of inconsistencies, the equipment stored in local terminal firewall box information table is believed using the facility information parsed
Breath is updated.
4. according to the method described in claim 2, it is characterized in that, the method is by several groups firewall box obtained
Information, after being stored in the firewall box information table that local terminal is pre-created, further includes:
According to the every group of firewall box information stored in table:
State-detection is carried out to the corresponding firewall box of this group of firewall box information;
In the case where testing result is operating status, which is stored in this group of firewall box information;
In the case where testing result is not running state, which is stored in this group of firewall box information, and carry out
The warning of equipment not running.
5. the method according to claim 1, wherein described believe according to the equipment of the target firewall box
Breath sends the configuration data specified in the data distributing request, comprising:
The facility information of the target firewall box stored in the firewall box information table is obtained, and is set described in determination
State-detection result in standby information;
According to the state-detection as a result, determining whether the target firewall box is operating status;
If so, Xiang Suoshu target firewall box sends the data according to the facility information of the target firewall box
Issue the configuration data specified in request;
If it is not, then carrying out the target firewall box not running warning.
6. the method according to claim 1, wherein described determine that target is prevented fires according to facility information obtained
Wall equipment, comprising:
Preset several indexs are obtained, and are directed to any group of firewall box information obtained:
It determines in this group of facility information, several finger target values;
Using identified index value, the load capacity value that this group of facility information corresponds to firewall box is calculated;
According to each load capacity value calculated, load capacity value is met to the equipment of default screening rule, it is anti-to be determined as target
Wall with flues equipment.
7. the method according to claim 1, wherein several indexs include:
Memory headroom, memory space, maximum concurrent remainder, and/or the newly-built session number of firewall box.
8. a kind of firewall configuration device, which is characterized in that described device is applied to OpenStack server-side, comprising:
Request receiving module issues request for receiving data;
Specified determining module, for determining in the data distributing request whether specify target firewall box, the target is anti-
Wall with flues equipment is any appliance in preparatory matched several firewall boxes;
Data transmission blocks, in the case where setting the goal firewall box for referring in data distributing request, according to described
The facility information of target firewall box sends the configuration data specified in the data distributing request;
Information acquisition module, in the case where not specified target firewall box, being obtained pre- in data distributing request
The first facility information of matched several firewall boxes;
Equipment determining module, for determining target firewall box according to facility information obtained;
The data transmission blocks are also used to send to identified target firewall box in the data distributing request and specify
Configuration data.
9. device according to claim 8, which is characterized in that the data transmission blocks, comprising:
Information obtainment unit, the equipment for obtaining the target firewall box stored in the firewall box information table
Information, and determine the state-detection result in the facility information;
Status determining unit, for according to the state-detection as a result, determining whether the target firewall box is operation shape
State;
Data transmission unit, for being prevented fires according to the target in the case where the target firewall box is operating status
The facility information of wall equipment, Xiang Suoshu target firewall box send the configuration data specified in the data distributing request;
Warning unit, for carrying out the target firewall in the case where the target firewall box is not running state
The warning of equipment not running.
10. device according to claim 8, which is characterized in that the equipment determining module, comprising:
Index obtaining unit, for obtaining preset several indexs;
Equipment screening unit, for being directed to any group of firewall box information obtained: it determines in this group of facility information, it is described
Several finger target values;Using identified index value, the load capacity value that this group of facility information corresponds to firewall box is calculated;Root
According to each load capacity value calculated, load capacity value is met to the equipment of default screening rule, is determined as target firewall and sets
It is standby.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910186573.0A CN109962914B (en) | 2019-03-12 | 2019-03-12 | Firewall configuration method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910186573.0A CN109962914B (en) | 2019-03-12 | 2019-03-12 | Firewall configuration method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109962914A true CN109962914A (en) | 2019-07-02 |
CN109962914B CN109962914B (en) | 2021-07-23 |
Family
ID=67024253
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910186573.0A Active CN109962914B (en) | 2019-03-12 | 2019-03-12 | Firewall configuration method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109962914B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113162979A (en) * | 2021-03-17 | 2021-07-23 | 深圳乐播科技有限公司 | Service publishing method, device, equipment and storage medium |
CN113329022A (en) * | 2021-05-31 | 2021-08-31 | 北京天融信网络安全技术有限公司 | Information processing method of virtual firewall and electronic equipment |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101610264A (en) * | 2009-07-24 | 2009-12-23 | 深圳市永达电子股份有限公司 | The management method of a kind of firewall system, safety service platform and firewall system |
CN102055742A (en) * | 2009-11-10 | 2011-05-11 | 中国移动通信集团吉林有限公司 | Method and device for configuring firewall |
US20140351392A1 (en) * | 2012-05-08 | 2014-11-27 | Guest Tek Interactive Entertainment Ltd. | Automatically configuring computer network at hospitality establishment with reservation-specific settings |
CN104579723A (en) * | 2013-10-16 | 2015-04-29 | 宇宙互联有限公司 | Gateway configuration management system and method |
US9223635B2 (en) * | 2012-10-28 | 2015-12-29 | Citrix Systems, Inc. | Network offering in cloud computing environment |
CN106302466A (en) * | 2016-08-17 | 2017-01-04 | 东软集团股份有限公司 | The management method of a kind of fire wall and system |
CN107888597A (en) * | 2017-11-16 | 2018-04-06 | 杭州迪普科技股份有限公司 | A kind of FWaaS security domains collocation method and device |
CN107959585A (en) * | 2017-11-08 | 2018-04-24 | 新华三信息安全技术有限公司 | A kind of firewall configuration method, apparatus and electronic equipment |
CN108173842A (en) * | 2017-12-26 | 2018-06-15 | 国家电网公司 | The disposition optimization method of software definition fire wall based on openstack cloud platforms |
CN108471397A (en) * | 2018-01-31 | 2018-08-31 | 华为技术有限公司 | Firewall configuration, file transmitting method and device |
CN109361711A (en) * | 2018-12-14 | 2019-02-19 | 泰康保险集团股份有限公司 | Firewall configuration method, apparatus, electronic equipment and computer-readable medium |
-
2019
- 2019-03-12 CN CN201910186573.0A patent/CN109962914B/en active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101610264A (en) * | 2009-07-24 | 2009-12-23 | 深圳市永达电子股份有限公司 | The management method of a kind of firewall system, safety service platform and firewall system |
CN102055742A (en) * | 2009-11-10 | 2011-05-11 | 中国移动通信集团吉林有限公司 | Method and device for configuring firewall |
US20140351392A1 (en) * | 2012-05-08 | 2014-11-27 | Guest Tek Interactive Entertainment Ltd. | Automatically configuring computer network at hospitality establishment with reservation-specific settings |
US9223635B2 (en) * | 2012-10-28 | 2015-12-29 | Citrix Systems, Inc. | Network offering in cloud computing environment |
CN104579723A (en) * | 2013-10-16 | 2015-04-29 | 宇宙互联有限公司 | Gateway configuration management system and method |
CN106302466A (en) * | 2016-08-17 | 2017-01-04 | 东软集团股份有限公司 | The management method of a kind of fire wall and system |
CN107959585A (en) * | 2017-11-08 | 2018-04-24 | 新华三信息安全技术有限公司 | A kind of firewall configuration method, apparatus and electronic equipment |
CN107888597A (en) * | 2017-11-16 | 2018-04-06 | 杭州迪普科技股份有限公司 | A kind of FWaaS security domains collocation method and device |
CN108173842A (en) * | 2017-12-26 | 2018-06-15 | 国家电网公司 | The disposition optimization method of software definition fire wall based on openstack cloud platforms |
CN108471397A (en) * | 2018-01-31 | 2018-08-31 | 华为技术有限公司 | Firewall configuration, file transmitting method and device |
CN109361711A (en) * | 2018-12-14 | 2019-02-19 | 泰康保险集团股份有限公司 | Firewall configuration method, apparatus, electronic equipment and computer-readable medium |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113162979A (en) * | 2021-03-17 | 2021-07-23 | 深圳乐播科技有限公司 | Service publishing method, device, equipment and storage medium |
CN113162979B (en) * | 2021-03-17 | 2021-11-23 | 深圳乐播科技有限公司 | Service publishing method, device, equipment and storage medium |
CN113329022A (en) * | 2021-05-31 | 2021-08-31 | 北京天融信网络安全技术有限公司 | Information processing method of virtual firewall and electronic equipment |
CN113329022B (en) * | 2021-05-31 | 2022-08-05 | 北京天融信网络安全技术有限公司 | Information processing method of virtual firewall and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN109962914B (en) | 2021-07-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108234168B (en) | Data display method and system based on service topology | |
CN105979009B (en) | A kind of increase load automatic balancing method for cloud application container | |
CN107689882A (en) | The method and apparatus of service deployment in a kind of virtualization network | |
CN110489126B (en) | Compiling task execution method and device, storage medium and electronic device | |
CN108563579B (en) | White box testing method, device and system and storage medium | |
CN106445473B (en) | container deployment method and device | |
GB2523338A (en) | Testing a virtualised network function in a network | |
EP3244569A1 (en) | Asset information management method and device | |
CN115185647B (en) | virtio equipment direct connection method and related device | |
CN113742031A (en) | Node state information acquisition method and device, electronic equipment and readable storage medium | |
CN109962914A (en) | A kind of firewall configuration method and device | |
US20230254383A1 (en) | Operations control of network services | |
CN111934904B (en) | Capacity expansion method, controller and system | |
CN115795929A (en) | Simulation deduction evaluation system and method | |
CN110532060A (en) | A kind of hybrid network environmental data collecting method and system | |
CN110069406A (en) | The TPC-DS test method and system of automatic trigger | |
CN108650337B (en) | Server detection method, system and storage medium | |
CN110727511B (en) | Control method for application program, network side device and computer readable storage medium | |
CN112698930A (en) | Method, device, equipment and medium for obtaining server identification | |
CN107707424A (en) | The control method and system of load condition | |
CN109739518A (en) | Generate the method and device of offline software resource | |
CN113656152B (en) | Local simulation method, system, medium and electronic equipment based on container cloud environment | |
CN115134281A (en) | Network consumption source type component performance test optimization method, system and device | |
JP2014186432A (en) | Electronic apparatus and script generation device | |
KR101737468B1 (en) | Apparatus and method for managing resource in virtualization environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |