CN110278123A - Inspection method, device, electronic equipment and readable storage medium storing program for executing - Google Patents

Inspection method, device, electronic equipment and readable storage medium storing program for executing Download PDF

Info

Publication number
CN110278123A
CN110278123A CN201910391693.4A CN201910391693A CN110278123A CN 110278123 A CN110278123 A CN 110278123A CN 201910391693 A CN201910391693 A CN 201910391693A CN 110278123 A CN110278123 A CN 110278123A
Authority
CN
China
Prior art keywords
rule
parameter
equipment
regularity
under test
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910391693.4A
Other languages
Chinese (zh)
Other versions
CN110278123B (en
Inventor
张玉妹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN201910391693.4A priority Critical patent/CN110278123B/en
Publication of CN110278123A publication Critical patent/CN110278123A/en
Application granted granted Critical
Publication of CN110278123B publication Critical patent/CN110278123B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Environmental & Geological Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Present disclose provides a kind of inspection method, device, electronic equipment and readable storage medium storing program for executing, wherein this method comprises: identifying at least one inspection task, the task that checks includes tested type and tested rule, and being tested rule includes parameter of regularity;The extraction instruction for carrying the extracting rule of parameter of regularity, and the extracting rule according to parameter of regularity are received, the parameter value for the parameter of regularity being arranged on the tested corresponding equipment under test of type is extracted;The parameter value that parameter of regularity in tested rule is replaced with to parameter of regularity, generates the corresponding tested rule of each equipment under test;For each equipment under test, the equipment Regulation being arranged on equipment under test tested rule match whether corresponding with equipment under test is judged.The above method, which is realized, adjusts the regular scope of examination according to the actual disposition dynamic of equipment under test, goes artificially to adjust Rule content without the difference according to equipment, realizes dynamic conjunction rule and checks, improves the flexibility for closing rule inspection.

Description

Inspection method, device, electronic equipment and readable storage medium storing program for executing
Technical field
This disclosure relates to network operation security technology area, and in particular to a kind of inspection method, device, electronic equipment and can Read storage medium.
Background technique
It in terms of network operation safety, therefore needs to do equipment conjunction rule and checks, to guarantee that network is located for a long time In a safe and stable running environment.It closes rule and checks to include to the inspection of equipment/interface loop, equipment access configuration inspection Deng.Many webmastering softwares (such as IMC intelligent management platform), which provide, at present closes rule audit function, there are conjunction rule and checks flexibly The low problem of property.
Summary of the invention
Based on this, the embodiment of the present disclosure provides a kind of inspection method, device, electronic equipment and readable storage medium storing program for executing, with Solve the problems, such as that closing rule in the prior art checks that flexibility is low.
According in a first aspect, the embodiment of the present disclosure provides a kind of inspection method, comprising: identify that at least one is checked and appoint Business, the inspection task include tested type and tested rule, and the tested rule includes parameter of regularity;It receives described in carrying The extraction of the extracting rule of parameter of regularity instructs, and the extracting rule according to the parameter of regularity, extracts the tested type pair The parameter value for the parameter of regularity being arranged on the equipment under test answered;The parameter of regularity in the tested rule is replaced with The parameter value of the parameter of regularity generates the corresponding tested rule of each equipment under test;For each equipment under test, the quilt is judged The equipment Regulation being arranged on measurement equipment tested rule match whether corresponding with the equipment under test.
Optionally, the tested type includes interface level inspect-type, facility level inspect-type and link rank At least one of inspect-type;Then the corresponding equipment under test of the tested type includes interface level inspect-type connecing of including The equipment that the equipment and link rank inspect-type that equipment, facility level inspect-type belonging to mouthful include include.
Optionally, judge whether the equipment Regulation being arranged on the equipment under test is corresponding with the equipment under test by gauge It then matches, comprising: according to the parameter of regularity, searched in the configuration rule of the equipment under test corresponding with the parameter of regularity Equipment Regulation;Judge the occurrence for the equipment Regulation being arranged on equipment under test quilt whether corresponding with the equipment under test Gauge then in occurrence it is completely the same.
Optionally, described according to the parameter of regularity, it is searched and the rule in the configuration rule of the equipment under test The corresponding equipment Regulation of parameter, comprising: according to the parameter of regularity, determine it is corresponding with the parameter of regularity start to identify and End of identification;It is extracted in the configuration rule of the equipment under test and starts mark and end of identification is corresponding matches with described It sets, by the configuration as equipment Regulation corresponding with the parameter of regularity in the configuration rule of the equipment under test.
Optionally, before the step of at least one checks task in the identification, further includes: obtain and close the conjunction rule that rule check Regular repository and business demand;Inspection task is generated according to the regular repository of the conjunction and the business demand.
Optionally, the extracting rule according to the parameter of regularity is extracted and is set on the corresponding equipment under test of the tested type The parameter value for the parameter of regularity set, comprising: obtain the first configuration information of the corresponding equipment under test of the tested type;According to According to the extracting rule of the parameter of regularity, extracted in first configuration information on the corresponding equipment under test of the tested type The parameter value for the parameter of regularity being arranged.
According to second aspect, the embodiment of the present disclosure provides a kind of check device, comprising: first processing module, for knowing At least one does not check that task, the inspection task include tested type and tested rule, and the tested rule includes rule Parameter;Second processing module, for receiving the extraction instruction for carrying the extracting rule of the parameter of regularity, and according to the rule The extracting rule of parameter extracts the parameter value for the parameter of regularity being arranged on the corresponding equipment under test of the tested type;The Three processing modules are generated for the parameter of regularity in the tested rule to be replaced with to the parameter value of the parameter of regularity The corresponding tested rule of each equipment under test;Fourth processing module judges on the equipment under test for being directed to each equipment under test The equipment Regulation of setting tested rule match whether corresponding with the equipment under test.
Optionally, the tested type includes interface level inspect-type, facility level inspect-type and link rank At least one of inspect-type;Then the corresponding equipment under test of the tested type includes interface level inspect-type connecing of including The equipment that the equipment and link rank inspect-type that equipment, facility level inspect-type belonging to mouthful include include.
Optionally, the fourth processing module includes: the first processing submodule, is used for according to the parameter of regularity, in institute It states and searches equipment Regulation corresponding with the parameter of regularity in the configuration rule of equipment under test;First judging submodule, for sentencing In the occurrence tested rule whether corresponding with the equipment under test for the equipment Regulation being arranged on the equipment under test of breaking It is completely the same with item.
Optionally, the first processing submodule includes: first processing units, for determining according to the parameter of regularity It is corresponding with the parameter of regularity to start mark and end of identification;The second processing unit, for matching in the equipment under test It sets to extract in rule and starts mark and the corresponding configuration of end of identification with described, by the configuration conduct equipment under test Configuration rule in equipment Regulation corresponding with the parameter of regularity.
Optionally, further includes: first obtains module, needs for obtaining the regular repository of conjunction for closing rule inspection and business It asks;5th processing module, for generating inspection task according to the regular repository of the conjunction and the business demand.
Optionally, the Second processing module includes: the first acquisition submodule, corresponding for obtaining the tested type First configuration information of equipment under test;Second processing submodule, for the extracting rule according to the parameter of regularity, described The parameter value for the parameter of regularity being arranged on the corresponding equipment under test of the tested type is extracted in one configuration information.
According to the third aspect, the embodiment of the present disclosure provides a kind of electronic equipment, comprising: memory and processor, it is described Connection is communicated with each other between memory and the processor, computer instruction is stored in the memory, and the processor is logical It crosses and executes the computer instruction, thereby executing the inspection method any in disclosure first aspect.
According to fourth aspect, the embodiment of the present disclosure provides a kind of computer readable storage medium, described computer-readable Storage medium is stored with computer instruction, and the computer instruction is for making the computer thereby executing disclosure first aspect In any inspection method.
Disclosed technique scheme, has the advantages that
The inspection method that the disclosure provides, comprising: identify that at least one inspection task, the inspection task include tested class Type and tested rule, the tested rule includes parameter of regularity;Receive the extraction for carrying the extracting rule of the parameter of regularity Instruction, and the extracting rule according to the parameter of regularity, extract be arranged on the corresponding equipment under test of the tested type it is described The parameter value of parameter of regularity;The parameter of regularity in the tested rule is replaced with to the parameter value of the parameter of regularity, it is raw At the corresponding tested rule of each equipment under test;For each equipment under test, the equipment Regulation being arranged on the equipment under test is judged Whether tested rule match corresponding with the equipment under test.Above-mentioned inspection method is obtained according to the extracting rule of parameter of regularity Each actual parameter value of equipment under test, and above-mentioned parameter value is substituted into tested rule to generate each equipment under test corresponding tested Rule realizes and adjusts the regular scope of examination according to the actual disposition dynamic of equipment under test, without going people according to the difference of equipment To adjust Rule content, realizes dynamic and close rule inspection, improve and close the flexibility that rule check.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of disclosure specific embodiment or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the disclosure, for those of ordinary skill in the art, before not making the creative labor It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the flow chart of a specific example of the inspection method of the embodiment of the present disclosure;
Fig. 2 is the flow chart of another specific example of the inspection method of the embodiment of the present disclosure;
Fig. 3 is the flow chart of another specific example of the inspection method of the embodiment of the present disclosure;
Fig. 4 is the flow chart of another specific example of the inspection method of the embodiment of the present disclosure;
Fig. 5 is the flow chart of another specific example of the inspection method of the embodiment of the present disclosure;
Fig. 6 is the schematic diagram of a specific example of the extraction instruction of the inspection method of the embodiment of the present disclosure;
Fig. 7 is the schematic diagram of another specific example of the extraction instruction of the inspection method of the embodiment of the present disclosure;
Fig. 8 is the block diagram of a specific example of the check device of the embodiment of the present disclosure;
Fig. 9 is the hardware structural diagram of the electronic equipment of the embodiment of the present disclosure.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present disclosure clearer, below in conjunction with the embodiment of the present disclosure In attached drawing, the technical solution in the embodiment of the present disclosure is clearly and completely described, it is clear that described embodiment is Disclosure a part of the embodiment, instead of all the embodiments.Based on the embodiment in the disclosure, those skilled in the art are not having Every other embodiment obtained under the premise of creative work is made, the range of disclosure protection is belonged to.
In the description of the disclosure, it should be noted that term " center ", "upper", "lower", "left", "right", "vertical", The orientation or positional relationship of the instructions such as "horizontal", "inner", "outside" be based on the orientation or positional relationship shown in the drawings, merely to Convenient for description the disclosure and simplify description, rather than the device or element of indication or suggestion meaning must have a particular orientation, It is constructed and operated in a specific orientation, therefore should not be understood as the limitation to the disclosure.In addition, term " first ", " second ", " third " is used for descriptive purposes only and cannot be understood as indicating or suggesting relative importance.
In the description of the disclosure, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in open.
As long as in addition, the non-structure each other of technical characteristic involved in disclosure different embodiments disclosed below It can be combined with each other at conflict.
Inventors have found that audit function is advised in the conjunction that many webmastering softwares (such as IMC intelligent management platform) provide at present, It when batch detection device, can only go to check all equipment according to a kind of fixed Rule content, cannot match according to equipment is practical It sets and Rule content is adjusted flexibly, cause the flexibility checked lower.Such as check the VLAN configuration of interface, since distinct device is matched The VLAN set is different, therefore carries out needing artificial formulation multiple rule to match to adapt to distinct device when conjunction rule check to distinct device It sets.
The embodiment of the present disclosure provides a kind of inspection method, can be applied to electronic equipment, which can be used for It executes and closes rule inspection task.As shown in Figure 1, inspection method includes step S1-S3, it is particularly applicable to personal computer On the electronic equipments such as (personal computer, be abbreviated as PC), virtual machine or server, conjunction rule are carried out to the network equipment It checks.
Step S1: identifying at least one inspection task, and the task that checks includes tested type and tested rule, is tested rule Including parameter of regularity.
In one embodiment, whether inspection task closes rule mainly for detection of equipment under test, that is, detects the rule of equipment under test Lattice, configuration use etc. whether to meet regulation.For an inspection task, the equipment under test for needing to detect in the inspection task can It including multiple equipment, that is, needs to check multiple equipment, with the specification of the multiple equipment of determination, configuration, uses etc. and to be It is no to meet regulation.In practical applications, distinct device causes its actual disposition also can not phase according to the difference of actual use situation Together, the configuring condition of equipment under test specifically can be rationally arranged as needed.For example, the VLAN ID value of equipment under test A be 1,20, The VLAN ID value of 30, equipment under test B are 1,100,150.
It may each comprise at least one it should also be noted that, checking the conjunction rule of each of multiple equipment under tests equipment Inspection task.
In one embodiment, rule are closed and checks specifically may include checking whether the device configuration of equipment under test meets company's rule Fixed, corporate policy is depending on the information security of specific company difference.It closes rule and checks that included particular content can be one Inspection task, is also possible to two even more inspection tasks, above-mentioned inspection task can be to the specification check of equipment or The loop inspection of person's interface or equipment access configuration inspection etc., the present embodiment only schematically illustrates, and is not limited thereto, It rationally determines according to the actual situation.
In one embodiment, it checks that task includes 2 parts, specifically can be tested type and tested rule.Certainly, exist In other embodiments, inspection task can also include other contents in addition to above-mentioned included content, such as equipment under test list Information, inspection level information, violation level information etc..
Specifically, tested type may include interface level inspect-type, facility level inspect-type and the inspection of link rank Look at least one of type.
Different tested types correspond to different equipment under tests.For interface level inspect-type, corresponding be tested is set Equipment belonging to the standby interface for including for interface level inspect-type in all equipment under tests.For facility level inspect-type, Its corresponding equipment under test is the equipment that facility level inspect-type includes in all equipment under tests.Class is checked for link rank Type, corresponding equipment under test are the equipment that link rank inspect-type includes in all equipment under tests.
Such as: the interface that interface level inspect-type includes is Fast Ethernet mouth, then includes fast in all equipment under tests The equipment of fast Ethernet interface is then corresponding equipment under test.Its device type can be interchanger, router or On wireless device.
Facility level inspect-type includes list of devices, includes device identification in the list of devices, then corresponding quilt Measurement equipment is then the equipment in the list of devices.Its device type can be interchanger, router, safety equipment, nothing Line equipment, firewall or load-balancing device.
Link rank inspect-type includes the equipment of certain link and composition link, then corresponding equipment under test It is the equipment for forming the link.In one example, link rank inspect-type includes link 1,2, and the equipment of composition link 1 is to set Standby A and equipment B, the equipment of composition link 2 are equipment B and equipment C, then equipment under test is equipment A, B, C.
Parameter of regularity in tested rule can rationally be determined according to the actual conditions that rule check are closed.Rule inspection task is closed to be based on Tested rule goes to check conjunction rule/violation situation of the configuration rule of equipment.
For example, check task be check interface VLAN configuration comprising tested type be interface level inspect-type, Tested rule is " port trunk permit vlan$ { VLAN-ID } ", and parameter of regularity is " VLAN-ID ".When implementing, Can be based on tested rule " port trunk permit vlan$ { VLAN-ID } " go to check in equipment under test about Whether the configuration rule of VLAN-ID closes rule.
In another example check task be check equipment ACL configuration comprising tested type be facility level inspection class Type is tested rule are as follows:
" acl number$ { ACL-number } name financeAcl
rule 0 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.0.100 0 time-range work
5 deny ip destination 192.168.0.100 0 " of rule, parameter of regularity are " ACL-number ".
It, can be based on tested rule when implementing are as follows:
" acl number$ { ACL-number } name financeAcl
rule 0 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.0.100 0 time-range work
5 deny ip destination 192.168.0.100 0 " of rule goes to check in equipment under test about ACL- Whether the configuration rule of number closes rule.
Above, the embodiment of the present application is mentioned, and inspection task can also include its in addition to above-mentioned included content Its content, such as equipment under test list information, inspection level information, violation level information.It in specific application, can be in conjunction with inspection The content that the task of looking into includes, it is determined which rule in which equipment checked.
In one embodiment, violation level information may include a variety of different violation ranks, such as alert, is important, notifying, Secondary and urgent etc., the present embodiment only schematically illustrates, and is not limited thereto.Check level information, be used for it is determined that The violation level information of inspection.
When implementing, violation level information can be in conjunction with the inspection level information in inspection task it is determined which is checked The rule of rank.Such as the violation rank of rule a is warning, the violation rank of regular b is important;If the inspection of task is arranged Rank be it is important, then rule a will not be checked;If checking that rank is set as all, rule a, rule b can be checked.
Equipment under test list information may include the mark of equipment under test for characterizing the specific equipment that equipment under test is included Know, it is subsequent if any equipment variations, such as increase equipment or sweep equipment, with synchronous vacations and quilt can be updated in conjunction rule inspection task The mark of measurement equipment.The mark of equipment under test can be the implementor name of technical staff's preset configuration, be also possible to device model, also It can be device type, equipment Serial Number, the present embodiment is not particularly limited, as long as can be identified for that equipment.
For example, including equipment A and equipment B in device list information, inspection task is then correspondingly needed to equipment A and equipment The two equipment of B carry out closing rule inspection.
In one example, equipment under test is identified as device model, then with the equipment of all models in inspection system.Example Such as, include interchanger H in device list information, then check that task needs to carry out conjunction rule to the equipment that device model is interchanger H It checks.In other examples, equipment under test is identified as device type, then with the equipment of all the type in inspection system. For example, including interchanger in device list information, then check that task needs to carry out conjunction rule to the equipment that device type is interchanger It checks.
In another embodiment, check that task can also include task identification and execution time.Task identification can be Task names distinguishing different task types, such as check the VLAN configuration of interface or check the ACL configuration of equipment. Executing the time may include that periodic task executes time and disposable task execution time, determine that closing rule checks according to the time is executed It is periodical execution or Exactly-once.It certainly, in other embodiments, can also include other information, such as task is retouched It states.
In the present embodiment, step S2 can recognize that the parameter of regularity in tested rule.Specifically, can identify tested The first predetermined symbol in rule, when recognizing first predetermined symbol, then it is assumed that be located at the after the first predetermined symbol Character in two predetermined symbols is parameter of regularity.Wherein, the first predetermined symbol can be, #, %, at least one of Or any combination.Second predetermined symbol can be at least one of { }, [], " ", ' '.First predetermined symbol, the second default symbol Number only make example, this programme is not particularly limited.
In one example, the first predetermined symbol is $, and the second predetermined symbol is { }.In other examples, the first default symbol Number be #, the second predetermined symbol be [].In other examples, the first predetermined symbol is #, and the second predetermined symbol is " ".
Such as: the first predetermined symbol is $, and the second predetermined symbol is { }, it is assumed that
Tested rule are as follows: acl number$ { ACL-number } name financeAcl, then parameter of regularity is ACL- number;
Tested rule are as follows: port trunk permit vlan$ { VLAN-ID }, then parameter of regularity is VLAN-ID.
Step S2: receiving the extraction instruction for carrying the extracting rule of parameter of regularity, and the extracting rule according to parameter of regularity, Extract the parameter value for the parameter of regularity being arranged on the tested corresponding equipment under test of type.
In actual scene networking, for same parameter of regularity, the parameter value of the configuration of distinct device may be different, if adopting The mode for going to check all equipment with the existing content according to a kind of fixed tested rule then needs tested according to every The facilities of equipment Regulation modify the content for being tested rule one by one, then test the rule being arranged on the equipment under test, Cost of labor is too high.To avoid such situation, inventors have found that it is directed to the rule of a certain type, on different devices, rule Then format is actually the same or roughly the same, and only specific parameter of regularity value is different.It therefore, can be according to the similar of rule schemata Place is arranged general tested rule schemata, and specific parameter of regularity value is replaced with a general dynamic parameter, with The tested rule general to equipment under test.
Therefore, the embodiment of the present application finds the something in common for the rule being arranged in each equipment, is arranged according to the something in common General tested rule, and general parameter of regularity is set in tested rule, which is dynamic parameter.When rule is joined When number is identified to, it can be used to extract the specific parameter value being arranged on equipment under test.Then the rule of tested rule is joined Number is substituted for the parameter value of extraction, it can obtains the tested rule for the equipment under test.By foregoing description, can pass through One general tested rule gets the corresponding tested rule of each equipment under test in all equipment under tests, save the artificial, time and Hardware cost.
In one embodiment, extracting the extracting rule that instruction carries can be regular expression.It is mentioned by regular expression The parameter value of above-mentioned parameter of regularity is taken, the complex control of character string can be reached with open-and-shut mode, so that parameter of regularity The extracting mode of parameter value is more flexible, logicality and functionality are stronger.For example, parameter of regularity is VLAN ID, VLAN is extracted The regular expression of ID value can be vlan [1-9] [0-9] { 0,3 }.In another example parameter of regularity is acl number, extract The regular expression of acl number value can be aclnumber [0-9] { 4 } name financeAcl and (obtain entitled The ACL Number of financeAcl).
Step S3: the parameter of regularity in tested rule is replaced with to the parameter value of parameter of regularity, generates each equipment under test pair The tested rule answered.By with inspection task be adapted tested rule carry out close rule check, improve inspection flexibility and Convenience.
In one embodiment, each equipment under test parameter value is substituted into the tested rule in inspection task, is replaced by gauge Parameter of regularity in then generates the corresponding tested rule of each equipment under test, to carry out in the next steps to every equipment under test Rule are closed to check.
For example, check task be check interface VLAN configuration comprising tested type be interface level inspect-type, Tested rule setting is " port trunk permit vlan$ { VLAN-ID } ", and the parameter of regularity in tested rule is " VLAN-ID ";In the configuration file of equipment under test VLAN ID value include 1,20,30, therefore, extract with inspection task pair The parameter value answered is 1,20 and 30.Above-mentioned parameter value is substituted into tested rule, the tested rule of generation is as follows:
If the above-mentioned VLAN ID value in the configuration file of device manufacturer is merged together, correspondingly Rule content For port trunk permit vlan 1 20 30;
If the above-mentioned VLAN ID value in the device configuration file of device manufacturer is dismantled, correspondingly Rule content is
port trunk permit vlan 1
port trunk permit vlan 20
port trunk permit vlan 30。
Step S4: be directed to each equipment under test, judge the equipment Regulation being arranged on equipment under test whether with equipment under test pair The tested rule match answered.
Above-mentioned inspection method obtains each actual parameter value of equipment under test according to the extracting rule of parameter of regularity, and will be upper It states parameter value and is substituted into tested rule and generate the corresponding tested rule of each equipment under test, realize the reality according to equipment under test Configuration dynamic adjusts the regular scope of examination, goes artificially to adjust Rule content without the difference according to equipment, realizes dynamic and closes rule It checks, improves and close the flexibility that rule check.
In one embodiment, as shown in Fig. 2, step S2 specifically may include step S21-S22.
Step S21: the first configuration information of the tested corresponding equipment under test of type is obtained.
In one embodiment, the first configuration information may include whole configuration informations of equipment, can also only include and this The relevant configuration information of inspection task is advised in secondary conjunction, can be rationally arranged as needed in practical applications.First configuration information is by setting Standby manufacturer provides.
Step S22: according to the extracting rule of parameter of regularity, it is corresponding tested that tested type is extracted in the first configuration information The parameter value for the parameter of regularity being arranged in equipment.The configuration for the equipment under test that different vendor provides is different, therefore matches from distinct device The parameter value of the parameter of regularity extracted in setting is also different, so that the subsequent rule scope of examination of closing is according to the actual disposition of distinct device Situation is adjusted.
Above-mentioned inspection method determines the parameter value of parameter of regularity by the first configuration information of equipment under test, so that closing rule Check that the configuration with equipment under test is adapted, flexibility is higher.
In one embodiment, as shown in figure 3, step S4 specifically may include step S41-S42.
Step S41: according to parameter of regularity, equipment rule corresponding with parameter of regularity are searched in the configuration rule of equipment under test Then.
Specifically, as shown in figure 4, step S41 includes step S411-S412.
Step S411: according to parameter of regularity, determination is corresponding with parameter of regularity to start mark and end of identification.
Specifically, different parameter of regularity correspond to it is different start mark and end of identification, start mark and end of identification It also needs to match with the configuration content of the configuration file in equipment under test.
For example, the scope of examination is to check the VLAN configuration of interface in the inspection task of interface level type, it is tested rule For " port trunk permit vlan$ { VLAN-ID } ", parameter of regularity is " VLAN-ID ".
If configuration content corresponding with parameter of regularity is using interface as starting in equipment under test, # as terminating, Then corresponding with " VLAN-ID " to start to be identified as " interface* ", end of identification is " # ".
If configuration content corresponding with parameter of regularity is using interface ethernet as starting in equipment under test,! As end, then corresponding with " VLAN-ID " to start to be identified as " interface ethernet* ", end of identification is "!".
In another example the scope of examination is to check the ACL configuration of equipment, parameter of regularity in the inspection task of facility level type For " ACL-number ", using acl number as starting, # makees configuration content corresponding with parameter of regularity in equipment under test To terminate, then corresponding with " ACL-number " to start to be identified as " acl number* ", end of identification is " # ".
In another example the scope of examination is to check local user's configuration of equipment, then in the inspection task of facility level type The mark that starts corresponding with this can be " local-user* ", and end of identification can be " # ".
Step S412: extracting in the configuration rule of equipment under test and starts mark and end of identification is corresponding matches It sets, will configure as equipment Regulation corresponding with parameter of regularity in the configuration rule of equipment under test.
Specifically, the configuration rule of equipment under test can be is obtained by the second configuration information of equipment under test, and second matches Confidence breath may include the Backup Data of the newest running configuration of equipment under test, that is, pass through the standby of the newest running configuration of equipment under test Part data obtain the configuration rule of equipment under test, and the Backup Data of above-mentioned newest running configuration can be provided according to device manufacturer.When So, in other embodiments, the equipment under test can also be directly acquired on equipment under test by being directly connected to equipment under test Configuration rule, only schematically illustrate in the present embodiment, be not limited thereto.Above-mentioned second configuration information can match with first Confidence manner of breathing is same, can also be different, rationally setting as needed in practical application.
Such as in the inspection task of interface level type, the scope of examination is to check the VLAN configuration of interface, is set tested Extracted in standby configuration rule with start mark and end of identification it is corresponding configure may is that
#
interface NULL0
#
Interface Vlan-interface1
ip address 172.22.5.87 255.255.255.0
#
interface FortyGigE1/0/53
Port link-mode bridge
Port link-type trunk
port trunk permit vlan 1 1988
#
interface FortyGigE1/0/54
Port link-mode bridge
Port link-type trunk
port trunk permit vlan 1 1988
#
In another example the scope of examination is to check role's configuration of interface in the inspection task of interface level type, carrying out When role's configuration inspection of interface, extracted in the configuration rule of equipment under test with start mark and end of identification it is corresponding Configuration may is that
Step S42: judge that whether corresponding with equipment under test the occurrence for the equipment Regulation being arranged on equipment under test is tested Occurrence in rule is completely the same.
In one embodiment, by the occurrence in the occurrence for the equipment Regulation being arranged on equipment under test and tested rule into Row compares, if the two exactly matches, rule are closed in the configuration of equipment;If the two mismatches, the configuration of equipment is in violation of rules and regulations.
For example, such as checking whether be configured with vlan 10 in equipment.Assuming that extracts from equipment is configured to
“vlan 1
vlan 10
vlan 55
Vlan 60 ",
Vlan 10 has been checked, that is, has thought to close and advises and stop, not having needed to be further continued for checking whether vlan 55 closes rule.
It should be noted that in other embodiments, the equipment Regulation being arranged on judging the equipment under test whether with In the step of equipment under test corresponding tested rule match, it is also possible to be configured to each in equipment under test one by one Compare.
Above-mentioned inspection method by start mark and end of identification first find in the configuration rule of equipment under test with rule The corresponding equipment Regulation of parameter, is matched again later, effectively reduces match time, is improved and is closed the inspection effect that rule check Rate.
In one embodiment, as shown in figure 5, further including before step S1 identifies the step of at least one checks task Step S5-S6.
Step S5: the regular repository of conjunction and business demand for closing that rule check are obtained.
In one embodiment, it closes and advises regular repository and can be pre-generated and store, specifically may include close rule to check All inspection tasks, can be constantly updated and perfect according to the actual conditions that rule check are closed in actual application, It is checked with guaranteeing that the regular repository of conjunction can satisfy all conjunction rule.Certainly, in other embodiments, close and advise regular repository It is also possible to directly generate before closing rule and checking, rationally setting as needed.
In one embodiment, the device configuration of different vendor also can not be identical, and therefore, different vendor advises inspection to the conjunction of equipment Looking into requirement also can be different, and business demand is determined according to the conjunction rule inspection requirements of manufacturer, can specifically be mentioned by device manufacturer For.
Step S6: inspection task is generated according to the regular repository of conjunction and business demand.
In one embodiment, corresponding to closing and advise and find in regular repository with the business demand according to business demand Rule inspection task is closed, is checked to carry out different conjunction rule to each equipment.
Closing regular repository includes a variety of different types of inspection tasks, and business demand specifically can be according to client's reality It needs to be determined that.Inspection task include interface VLAN configuration, equipment ACL configuration, equipment local user configuration, equipment it is pre- Set starting Syslog functional verification etc.;Business demand is that the VLAN of interface is configured, then checks that the VLAN that task is interface is configured.
It should be noted that above-mentioned steps S5 and S6 are only to generate a specific example for closing the inspection task that rule check, It only schematically illustrates, is not limited thereto.In other embodiments, it is also possible to directly acquire the inspection times for closing that rule check Business is not necessarily to step S5 and S6 at this time.
On the basis of above-mentioned inspection method, after step s4, further includes: after the completion of task to be checked, generate and close rule The inspection result of inspection can easily show whether the configuration of equipment closes rule by inspection result, close rule to understand in time It checks situation, provides foundation for the configuration adjustment of follow-up equipment.
In one embodiment, it is generated after checking out and closes the inspection result that rule check, which above-mentioned inspection result may include Which irregularity a little close advises, and irregularity is particularly shown the interface name or device name, configuration that content may include irregularity Situation and inspection rule.For example, the VLAN ID value that the port of equipment A should include is 1,20 and 30 3 ID value, it is therein A Port detecting to VLANID there was only 1 and 20, then the configuration of the port a be unsatisfactory for close rule check rule, inspection result be do not conform to Rule;The present embodiment only schematically illustrates, and is not limited thereto.
It can also include that control display device show above-mentioned inspection after the step of generating the inspection result for closing rule inspection As a result, checking inspection result with more intuitive.
For example, executing order dis acl all, the inspection result of echo is as follows:
dis acl all
3000, named-none-, 0 rule of Advanced ACL,
ACL ' s step is 5
3001, named-none-, 0 rule of Advanced ACL,
ACL ' s step is 5
Above-mentioned execution order " dis acl all " is to look at all ACL configurations of equipment, according to echo message, in equipment Be configured with ACL 3000 the two ACL of ACL 3001, and at present under the two ACL all without configuration rule.
It is described in detail below with a specific example, such as checks the VLAN configuration of interface.
Rule inspection task of closing is obtained first, and it includes tested rule which, which advises in inspection task, is tested rule comprising dynamic Parameter of regularity, the tested Rule content of configuration are " port trunk permit vlan$ { VLAN-ID } ".Later, it identifies Parameter of regularity " VLAN-ID ", and the parameter in equipment under test is extracted, it is real such as to extract equipment to be checked by regular expression The VLAN ID of border configuration, extracting method in extracting method as shown in fig. 6, can embody extracting rule vlan [1-9] [0- 9] { 0,3 }.Then, when executing conjunction rule inspection task, according to the parameter extraction Rule Extraction of configuration from each equipment to be checked Parameter value is substituted into the parameter of regularity for being tested rule, the corresponding Rule content of composition equipment under test using the parameter value of extraction.Often For a equipment according to actual configuring condition, the parameter value of extraction is different, therefore the Rule content formed is different, to realize dynamic Conjunction advise check.Order and extracting method composition are the extraction orders executed in equipment in Fig. 6, wherein are taken in extracting method Extracting rule with parameter of regularity, order, which is played the role of executing, extracts order, to get order line echo, is then echoing Extracting rule in content according to configuration extracts the parameter value of equipment under test.
For example, equipment under test includes two equipment A, equipment B equipment, extracted from equipment A when checking task execution VLAN ID value is 1,20,30, and the VLAN ID value extracted on equipment B is 1,100,150.According to scheme Design, this two The tested rule of a equipment as shown in Table 1 and Table 2, can support both schemes simultaneously.When executing conjunction rule inspection task, according to The design scheme of system selects the tested rule in above table to carry out closing rule inspection to the interface under equipment A and equipment B respectively. Specifically, can according in following table 1 it is tested rule in equipment A about port trunk permit vlan 1 20 30 Configuration rule matched, judge whether the configuration rule in equipment A closes rule.The present embodiment can also be according in following table 1 Tested regular equipment B in matched about the configuration rule of port trunk permit vlan 1 100 150, judge Whether the configuration rule in equipment B closes rule.
Table 1
It should be noted that the parameter of regularity in the present embodiment can extract multiple numerical value according to equipment under test actual disposition, Such as 1,20,30.
It is described in detail below with another specific example, such as checks the ACL configuration of equipment.
Some configuration names can be fixed in certain application scenarios, network to realize certain specific transactions.Such as creation one The advanced ACL of a specific names, and formulate following rule: Finance Department at work between access financial database server, forbid Other departments at any time, Finance Department access the server on one's own time.Assuming that the IP network section of Finance Department is 192.168.2.0/24, financial database server ip network segment is 192.168.0.100/24.
Inspection task, configuration rule content are obtained first are as follows:
Acl number$ { ACL-number } name financeAcl
rule 0 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.0.100 0 time-range work
rule 5 deny ip destination 192.168.0.100 0;
Dynamic parameter of regularity " ACL-number " is identified later, and extracts the parameter of the parameter in equipment under test Value, extracting method, which can be, extracts financial ACL Number, extracting method by fixed ACL name combination regular expression As shown in fig. 7, extracting rule acl number [0-9] { 4 } name finaceAcl can be embodied in extracting method.Then, The parameter value that parameter of regularity in tested rule is replaced with to parameter of regularity, generates the corresponding tested rule of each equipment under test, into And it is executed according to tested rule and closes rule inspection.For example, equipment under test includes two equipment A, equipment B equipment, inspection task is executed When the ACL Number that is extracted from equipment A be 3000, the ACL Number extracted on equipment B is 3010, is advised according to closing The design of inspection system, the tested rule of the two equipment is as shown in table 2.When executing inspection task, mentioned according to equipment A and equipment B The ACL Number taken is different, to construct different tested rules, realizes dynamic close and advises inspection.Specifically, can be according to According in following table 2 it is tested rule in equipment A about the configuration rule of 3000 name financeAcl of acl number into Row matching, judges whether the configuration rule in equipment A closes rule.The present embodiment can also be set according to the tested rule in following table 2 Configuration rule in standby B about 3010 name financeAcl of acl number is matched, and judges the configuration in equipment B Whether rule closes rule.
Table 2
Tested rule in inspection task in above-mentioned inspection method includes parameter of regularity, tested by extracting instruction extraction The parameter value for the parameter of regularity being arranged on the corresponding equipment under test of type, (herein according to regular expression extracting parameter value) will The parameter value got is substituted into tested rule and generates the corresponding tested rule of each equipment under test, then to each equipment under test It carries out conjunction rule to check, realizes and rule is tested according to equipment actual disposition dynamic adjustment, save artificial, time and hardware cost.
A kind of check device is additionally provided in the present embodiment, and the device is for realizing above-described embodiment and preferred implementation side Formula, the descriptions that have already been made will not be repeated.As used below, the software of predetermined function may be implemented in term " module " And/or the combination of hardware.Although device described in following embodiment is preferably realized with software, hardware or soft The realization of the combination of part and hardware is also that may and be contemplated.
Correspondingly, referring to FIG. 8, the embodiment of the present disclosure provides a kind of check device, comprising: first processing module 1, second Processing module 2, third processing module 3 and fourth processing module 4.
First processing module 1, at least one checks task for identification, the inspection task include tested type and by Then, the tested rule includes parameter of regularity to gauge;Detailed content is with reference to described in step S1.
Second processing module 2, for receiving the extraction instruction for carrying the extracting rule of the parameter of regularity, and according to described The extracting rule of parameter of regularity extracts the parameter for the parameter of regularity being arranged on the corresponding equipment under test of the tested type Value;Detailed content is with reference to described in step S2.
Third processing module 3, for the parameter of regularity in the tested rule to be replaced with the parameter of regularity Parameter value generates the corresponding tested rule of each equipment under test;Detailed content is with reference to described in step S3.
Fourth processing module 4 judges that the equipment Regulation being arranged on the equipment under test is for being directed to each equipment under test No tested rule match corresponding with the equipment under test;Detailed content is with reference to described in step S4.
In one embodiment, the tested type includes interface level inspect-type, facility level inspect-type and chain At least one of road rank inspect-type;Then the corresponding equipment under test of the tested type includes interface level inspect-type packet The equipment that the equipment and link rank inspect-type that equipment belonging to the interface included, facility level inspect-type include include.
Optionally, the fourth processing module includes: the first processing submodule, is used for according to the parameter of regularity, in institute It states and searches equipment Regulation corresponding with the parameter of regularity in the configuration rule of equipment under test, detailed content refers to step S41 institute It states;Whether the occurrence of the first judging submodule, the equipment Regulation for judging to be arranged on the equipment under test is tested with described Occurrence in the corresponding tested rule of equipment is completely the same, and detailed content is with reference to described in step S42.
Optionally, the first processing submodule includes: first processing units, for determining according to the parameter of regularity Corresponding with the parameter of regularity to start mark and end of identification, detailed content is with reference to described in step S411;Second processing list Member starts mark and the corresponding configuration of end of identification with described for extracting in the configuration rule of the equipment under test, By the configuration as equipment Regulation corresponding with the parameter of regularity in the configuration rule of the equipment under test, detailed content ginseng It examines described in step S412.
Optionally, further includes: first obtains module, needs for obtaining the regular repository of conjunction for closing rule inspection and business It asks, detailed content is with reference to described in step S5;5th processing module, for according to the regular repository of the conjunction and the business need Inspection task is sought survival into, detailed content is with reference to described in step S6.
Optionally, the Second processing module includes: the first acquisition submodule, corresponding for obtaining the tested type First configuration information of equipment under test, detailed content is with reference to described in step S21;Second processing submodule, for according to the rule The then extracting rule of parameter extracts the institute being arranged on the corresponding equipment under test of the tested type in first configuration information The parameter value of parameter of regularity is stated, detailed content is with reference to described in step S22.
The further function description of above-mentioned modules is identical as above method embodiment, and details are not described herein.
The embodiment of the present disclosure additionally provides a kind of electronic equipment, as shown in Figure 9, comprising: processor 101 and memory 102; Wherein, processor 101 can be connected with memory 102 by bus or other modes, to be connected as by bus in Fig. 9 Example.
Processor 101 can be central processing unit (Central Processing Unit, CPU).Processor 101 may be used also Think other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit, ASIC), field programmable gate array (Field- Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic, The combination of the chips such as discrete hardware components or above-mentioned all kinds of chips.
Memory 102 is used as a kind of non-transient computer readable storage medium, can be used for storing non-transient software program, non- Transient computer executable program and module, such as the corresponding program instruction of the inspection method in the embodiment of the present disclosure/module (example Such as, first processing module 1 shown in Fig. 8, Second processing module 2, third processing module 3 and fourth processing module 4).Processor 101 non-transient software program, instruction and the module by operation storage in the memory 102, thereby executing each of processor Kind functional application and data processing, i.e. inspection method in realization above method embodiment.
Memory 102 may include storing program area and storage data area, wherein storing program area can store operation system Application program required for system, at least one function;It storage data area can the data etc. that are created of storage processor 101.In addition, Memory 102 may include high-speed random access memory, can also include non-transient memory, and a for example, at least disk is deposited Memory device, flush memory device or other non-transient solid-state memories.In some embodiments, it includes opposite that memory 102 is optional In the remotely located memory of processor 101, these remote memories can pass through network connection to processor 101.Above-mentioned net The example of network includes but is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
One or more of modules are stored in the memory 102, when being executed by the processor 101, are held Inspection method in row embodiment as shown in Figures 1 to 5.
Above-mentioned server detail can correspond in embodiment referring to FIG. 1 to 5 corresponding associated description and Effect is understood that details are not described herein again.
The embodiment of the present disclosure additionally provides a kind of computer readable storage medium, the computer-readable recording medium storage There is computer instruction, the computer instruction is used to that the computer to be made to execute any of the above-described inspection method.This field Technical staff be appreciated that realize above-described embodiment method in all or part of the process, be can by computer program come Relevant hardware is instructed to complete, the program can be stored in a computer-readable storage medium, which is executing When, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic disk, CD, read-only storage note Recall body (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), flash Device (Flash Memory), hard disk (Hard Disk Drive, abbreviation: HDD) or solid state hard disk (Solid-State Drive, SSD) etc.;The storage medium can also include the combination of the memory of mentioned kind.
Although being described in conjunction with the accompanying embodiment of the disclosure, those skilled in the art can not depart from the disclosure Spirit and scope in the case where various modifications and variations can be made, such modifications and variations are each fallen within by appended claims institute Within the scope of restriction.

Claims (14)

1. a kind of inspection method characterized by comprising
Identify that at least one inspection task, the inspection task include tested type and tested rule, the tested rule packet Include parameter of regularity;
The extraction instruction for carrying the extracting rule of the parameter of regularity, and the extracting rule according to the parameter of regularity are received, is mentioned Take the parameter value for the parameter of regularity being arranged on the corresponding equipment under test of the tested type;
The parameter value that the parameter of regularity in the tested rule is replaced with to the parameter of regularity, generates each equipment under test pair The tested rule answered;
For each equipment under test, judge whether the equipment Regulation being arranged on the equipment under test is corresponding with the equipment under test Tested rule match.
2. inspection method according to claim 1, which is characterized in that the tested type includes that interface level checks class At least one of type, facility level inspect-type and link rank inspect-type;Then
The corresponding equipment under test of the tested type includes equipment, device level belonging to interface that interface level inspect-type includes The equipment that the equipment and link rank inspect-type that other inspect-type includes include.
3. inspection method according to claim 1, which is characterized in that judge the equipment Regulation being arranged on the equipment under test Whether tested rule match corresponding with the equipment under test, comprising:
According to the parameter of regularity, equipment rule corresponding with the parameter of regularity are searched in the configuration rule of the equipment under test Then;
Judge the occurrence for the equipment Regulation being arranged on the equipment under test tested rule whether corresponding with the equipment under test In occurrence it is completely the same.
4. inspection method according to claim 3, which is characterized in that it is described according to the parameter of regularity, described tested Equipment Regulation corresponding with the parameter of regularity is searched in the configuration rule of equipment, comprising:
According to the parameter of regularity, determination is corresponding with the parameter of regularity to start mark and end of identification;
It is extracted in the configuration rule of the equipment under test and starts mark and the corresponding configuration of end of identification with described, by institute Configuration is stated as equipment Regulation corresponding with the parameter of regularity in the configuration rule of the equipment under test.
5. inspection method according to claim 1, which is characterized in that the step of at least one checks task in the identification Before, further includes:
Obtain the regular repository of conjunction and business demand for closing that rule check;
Inspection task is generated according to the regular repository of the conjunction and the business demand.
6. inspection method according to claim 1, which is characterized in that according to the extracting rule of the parameter of regularity, extract The parameter value for the parameter of regularity being arranged on the corresponding equipment under test of the tested type, comprising:
Obtain the first configuration information of the corresponding equipment under test of the tested type;
According to the extracting rule of the parameter of regularity, it is corresponding tested that the tested type is extracted in first configuration information The parameter value for the parameter of regularity being arranged in equipment.
7. a kind of check device characterized by comprising
First processing module, at least one checks that task, the inspection task include being tested type and by gauge for identification Then, the tested rule includes parameter of regularity;
Second processing module, for receiving the extraction instruction for carrying the extracting rule of the parameter of regularity, and according to the rule The extracting rule of parameter extracts the parameter value for the parameter of regularity being arranged on the corresponding equipment under test of the tested type;
Third processing module, for the parameter of regularity in the tested rule to be replaced with to the parameter of the parameter of regularity Value, generates the corresponding tested rule of each equipment under test;
Fourth processing module, for be directed to each equipment under test, judge the equipment Regulation being arranged on the equipment under test whether with The corresponding tested rule match of the equipment under test.
8. check device according to claim 7, which is characterized in that the tested type includes that interface level checks class At least one of type, facility level inspect-type and link rank inspect-type;Then
The corresponding equipment under test of the tested type includes equipment, device level belonging to interface that interface level inspect-type includes The equipment that the equipment and link rank inspect-type that other inspect-type includes include.
9. check device according to claim 7, which is characterized in that the fourth processing module includes:
First processing submodule, for according to the parameter of regularity, searched in the configuration rule of the equipment under test with it is described The corresponding equipment Regulation of parameter of regularity;
Whether the occurrence of the first judging submodule, the equipment Regulation for judging to be arranged on the equipment under test is tested with described Occurrence in the corresponding tested rule of equipment is completely the same.
10. check device according to claim 9, which is characterized in that described first, which handles submodule, includes:
First processing units, for according to the parameter of regularity, determination is corresponding with the parameter of regularity to be started to identify and tie Beam identification;
The second processing unit starts mark and end of identification with described for extracting in the configuration rule of the equipment under test Corresponding configuration advises the configuration as equipment corresponding with the parameter of regularity in the configuration rule of the equipment under test Then.
11. check device according to claim 7, which is characterized in that further include:
First obtains module, closes the regular repository of conjunction and business demand that rule check for obtaining;
5th processing module, for generating inspection task according to the regular repository of the conjunction and the business demand.
12. check device according to claim 7, which is characterized in that the Second processing module includes:
First acquisition submodule, for obtaining the first configuration information of the corresponding equipment under test of the tested type;
Second processing submodule extracts institute in first configuration information for the extracting rule according to the parameter of regularity State the parameter value for the parameter of regularity being arranged on the corresponding equipment under test of tested type.
13. a kind of electronic equipment characterized by comprising
Memory and processor communicate with each other connection, are stored in the memory between the memory and the processor Computer instruction, the processor is by executing the computer instruction, thereby executing as claimed in any one of claims 1 to 6 Inspection method.
14. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer to refer to It enables, the computer instruction is for making the computer thereby executing inspection method as claimed in any one of claims 1 to 6.
CN201910391693.4A 2019-05-10 2019-05-10 Checking method, checking device, electronic equipment and readable storage medium Active CN110278123B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910391693.4A CN110278123B (en) 2019-05-10 2019-05-10 Checking method, checking device, electronic equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910391693.4A CN110278123B (en) 2019-05-10 2019-05-10 Checking method, checking device, electronic equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN110278123A true CN110278123A (en) 2019-09-24
CN110278123B CN110278123B (en) 2021-04-06

Family

ID=67959281

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910391693.4A Active CN110278123B (en) 2019-05-10 2019-05-10 Checking method, checking device, electronic equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN110278123B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113645525A (en) * 2021-08-09 2021-11-12 中国工商银行股份有限公司 Method, device, equipment and storage medium for checking running state of optical fiber switch
CN114500312A (en) * 2021-12-29 2022-05-13 中国电信股份有限公司 Communication line checking method, device, electronic equipment and system

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060036525A1 (en) * 2004-08-13 2006-02-16 The Bank Of New York Regulation compliance monitoring, reporting and documentation support system
US20080209991A1 (en) * 2006-08-15 2008-09-04 Tsang-Ming Chang Fuel tank device capable of detecting consistency
CN101415012A (en) * 2008-11-06 2009-04-22 杭州华三通信技术有限公司 Method and system for defending address analysis protocol message aggression
US20090228722A1 (en) * 2008-03-05 2009-09-10 Inscape Data Corporation Adjustable-voltage power-over-ethernet (PoE) switch
CN101888311A (en) * 2009-05-11 2010-11-17 中联绿盟信息技术(北京)有限公司 Equipment, method and system for preventing network contents from being tampered
CN104009869A (en) * 2014-05-15 2014-08-27 华南理工大学 Power secondary system information security level protection online compliance detection method
CN104135737A (en) * 2014-05-20 2014-11-05 浙江明讯网络技术有限公司 Method of obtaining network element configuration data of LTE (Long Term Evolution) network base station
CN204244262U (en) * 2014-11-14 2015-04-01 国网重庆市电力公司江津供电分公司 Based on the consistency test device of IEC 61850 configuration file of NI CRIO platform
CN104506351A (en) * 2014-12-18 2015-04-08 北京随方信息技术有限公司 Method and system for performing online full-automatic configuration of compliance safety audit
CN104618268A (en) * 2014-12-30 2015-05-13 北京奇虎科技有限公司 Network admission control method, authentication server and terminal
CN105678188A (en) * 2016-01-07 2016-06-15 杨龙频 Anti-leakage protocol identification method and device for database
CN105827872A (en) * 2016-06-07 2016-08-03 维沃移动通信有限公司 Control method of mobile terminal and mobile terminal
CN107360271A (en) * 2017-08-22 2017-11-17 顺丰科技有限公司 Network equipment information obtains and IP address automatic division method, system and equipment
CN107908485A (en) * 2017-10-26 2018-04-13 中国平安人寿保险股份有限公司 Interface parameters transmission method, device, equipment and computer-readable recording medium
CN108200034A (en) * 2017-12-27 2018-06-22 新华三信息安全技术有限公司 A kind of method and device for identifying domain name
CN108322452A (en) * 2018-01-15 2018-07-24 深圳市联软科技股份有限公司 Network closes rule detection method, device, equipment and medium
CN109710508A (en) * 2018-08-20 2019-05-03 平安普惠企业管理有限公司 Test method, test device, test equipment and computer readable storage medium

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060036525A1 (en) * 2004-08-13 2006-02-16 The Bank Of New York Regulation compliance monitoring, reporting and documentation support system
US20080209991A1 (en) * 2006-08-15 2008-09-04 Tsang-Ming Chang Fuel tank device capable of detecting consistency
US20090228722A1 (en) * 2008-03-05 2009-09-10 Inscape Data Corporation Adjustable-voltage power-over-ethernet (PoE) switch
CN101415012A (en) * 2008-11-06 2009-04-22 杭州华三通信技术有限公司 Method and system for defending address analysis protocol message aggression
CN101888311A (en) * 2009-05-11 2010-11-17 中联绿盟信息技术(北京)有限公司 Equipment, method and system for preventing network contents from being tampered
CN104009869A (en) * 2014-05-15 2014-08-27 华南理工大学 Power secondary system information security level protection online compliance detection method
CN104135737A (en) * 2014-05-20 2014-11-05 浙江明讯网络技术有限公司 Method of obtaining network element configuration data of LTE (Long Term Evolution) network base station
CN204244262U (en) * 2014-11-14 2015-04-01 国网重庆市电力公司江津供电分公司 Based on the consistency test device of IEC 61850 configuration file of NI CRIO platform
CN104506351A (en) * 2014-12-18 2015-04-08 北京随方信息技术有限公司 Method and system for performing online full-automatic configuration of compliance safety audit
CN104618268A (en) * 2014-12-30 2015-05-13 北京奇虎科技有限公司 Network admission control method, authentication server and terminal
CN105678188A (en) * 2016-01-07 2016-06-15 杨龙频 Anti-leakage protocol identification method and device for database
CN105827872A (en) * 2016-06-07 2016-08-03 维沃移动通信有限公司 Control method of mobile terminal and mobile terminal
CN107360271A (en) * 2017-08-22 2017-11-17 顺丰科技有限公司 Network equipment information obtains and IP address automatic division method, system and equipment
CN107908485A (en) * 2017-10-26 2018-04-13 中国平安人寿保险股份有限公司 Interface parameters transmission method, device, equipment and computer-readable recording medium
CN108200034A (en) * 2017-12-27 2018-06-22 新华三信息安全技术有限公司 A kind of method and device for identifying domain name
CN108322452A (en) * 2018-01-15 2018-07-24 深圳市联软科技股份有限公司 Network closes rule detection method, device, equipment and medium
CN109710508A (en) * 2018-08-20 2019-05-03 平安普惠企业管理有限公司 Test method, test device, test equipment and computer readable storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HIROAKI TANIZAKI: "Formalization and Consistency Checking of Changes of Software System Configurations Using Alloy", 《 2008 15TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE》 *
郑忠: "通过参数一致性检查处理CSFB失败问题", 《数字技术与应用》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113645525A (en) * 2021-08-09 2021-11-12 中国工商银行股份有限公司 Method, device, equipment and storage medium for checking running state of optical fiber switch
CN114500312A (en) * 2021-12-29 2022-05-13 中国电信股份有限公司 Communication line checking method, device, electronic equipment and system
CN114500312B (en) * 2021-12-29 2024-06-07 中国电信股份有限公司 Communication line verification method, device, electronic equipment and system

Also Published As

Publication number Publication date
CN110278123B (en) 2021-04-06

Similar Documents

Publication Publication Date Title
US20230403275A1 (en) System and method of filtering internet traffic via client fingerprint
US20210352098A1 (en) System for automatically discovering, enriching and remediating entities interacting in a computer network
US10116702B2 (en) Security policy unification across different security products
US9088617B2 (en) Method, a system, and a computer program product for managing access change assurance
CN109791633A (en) Use the static state and dynamic device profile prestige of machine learning based on cloud
US20120102543A1 (en) Audit Management System
US20150213268A1 (en) Remote enterprise security compliance reporting tool
CN104506351B (en) On-line Full configuration compliance method for auditing safely and system
US20230208869A1 (en) Generative artificial intelligence method and system configured to provide outputs for company compliance
CN110754065B (en) Network authentication between a logic level and a hardware level of a network
JP2009048611A (en) Method and apparatus for generating configuration rules for computing entities within computing environment using association rule mining
CN111034123B (en) System, method, and computer readable medium for performing network assurance checks
JP2021500658A (en) Computer implementation methods, systems, and computer program products that perform interactive workflows, as well as computer programs.
JP2006518080A (en) Network audit and policy assurance system
CN104640174B (en) Wireless network access point reminding method and device
CN106484590A (en) Data verification method and device
JP2023536832A (en) Providing and surfacing metrics for visualization
US11095518B2 (en) Determining violation of a network invariant
US20190342324A1 (en) Computer vulnerability assessment and remediation
US10282461B2 (en) Structure-based entity analysis
US20230267030A1 (en) Automated Application Programming Interface (API) Route Testing System
CN110278123A (en) Inspection method, device, electronic equipment and readable storage medium storing program for executing
US10192262B2 (en) System for periodically updating backings for resource requests
Tabrizi et al. Formal security analysis of smart embedded systems
CN106104546A (en) Multistage password and phishing protection are provided

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant