CN112929345A - Data transmission method, management server and industrial control firewall - Google Patents
Data transmission method, management server and industrial control firewall Download PDFInfo
- Publication number
- CN112929345A CN112929345A CN202110093540.9A CN202110093540A CN112929345A CN 112929345 A CN112929345 A CN 112929345A CN 202110093540 A CN202110093540 A CN 202110093540A CN 112929345 A CN112929345 A CN 112929345A
- Authority
- CN
- China
- Prior art keywords
- industrial control
- address
- control firewall
- firewall
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 55
- 230000005540 biological transmission Effects 0.000 title claims abstract description 37
- 238000004590 computer program Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 9
- 238000013507 mapping Methods 0.000 claims description 5
- 230000000977 initiatory effect Effects 0.000 claims description 2
- 238000007726 management method Methods 0.000 description 49
- 238000010586 diagram Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data transmission method, which is applied to a management server and comprises the following steps: allocating loopback addresses to the industrial control firewalls respectively; acquiring a loop address of a target industrial control firewall, and generating a data packet to be sent according to data to be sent and the loop address of the target industrial control firewall; and sending the data packet to be sent to the target industrial control firewall. According to the method and the system, data transmission between the management server and the industrial control firewall is realized by configuring the loop address for the industrial control firewall, the management IP of the industrial control firewall does not need to be configured, the industrial control firewall can be managed, the on-site IP address can be saved, the IP address of the industrial control firewall is hidden, and an attacker cannot attack the industrial control firewall through the IP address.
Description
Technical Field
The invention relates to the technical field of industrial control, in particular to a data transmission method, a management server and an industrial control firewall.
Background
The industrial control site needs to deploy a plurality of safety devices, such as an industrial control firewall, the industrial control firewall needs to be connected in series in a network and deployed in a transparent mode, and meanwhile, the industrial control firewall needs to be managed by a unified safety management platform, so that an IP address needs to be allocated independently for deploying the industrial control firewall for managing the industrial control firewall, and the field network planning is influenced.
Disclosure of Invention
The embodiment of the invention provides a data transmission method, a management server and an industrial firewall, which are used for solving at least one of the technical problems.
In a first aspect, an embodiment of the present invention provides a data transmission method, which is applied to a management server, and the method includes:
allocating loopback addresses to the industrial control firewalls respectively;
acquiring a loop address of a target industrial control firewall, and generating a data packet to be sent according to data to be sent and the loop address of the target industrial control firewall;
and sending the data packet to be sent to the target industrial control firewall.
In a second aspect, an embodiment of the present invention provides a data transmission method, which is applied to an industrial control firewall, and the method includes:
parsing a data packet received from a management server to obtain a MAC address and an IP address;
and when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address, redirecting the data packet to the IP protocol stack of the current industrial control firewall for application layer processing.
In a third aspect, an embodiment of the present invention provides a management server, including:
the loopback address configuration program module is used for respectively allocating loopback addresses to the industrial control firewalls;
the data packet to be sent generates a program module, which is used for acquiring a loop address of a target industrial control firewall and generating a data packet to be sent according to data to be sent and the loop address of the target industrial control firewall;
and the data packet sending program module is used for sending the data packet to be sent to the target industrial control firewall.
In a fourth aspect, an embodiment of the present invention provides an industrial firewall, including:
a data parsing program module for parsing the data packet received from the management server to obtain an MAC address and an IP address;
and the redirection program module is used for redirecting the data packet to the IP protocol stack of the current industrial control firewall for application layer processing when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address.
In a fifth aspect, an embodiment of the present invention provides a storage medium, where one or more programs including execution instructions are stored, and the execution instructions can be read and executed by an electronic device (including but not limited to a computer, a server, or a network device, etc.) to perform any data transmission of the present invention.
In a sixth aspect, an electronic device is provided, which includes: the system comprises at least one processor and a memory communicatively connected with the at least one processor, wherein the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor to enable the at least one processor to perform any of the data transmission of the invention.
In a seventh aspect, an embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program stored on a storage medium, and the computer program includes program instructions, which when executed by a computer, cause the computer to execute any one of the above data transmission.
The embodiment of the invention has the beneficial effects that: data transmission between the management server and the industrial control firewall is realized by configuring a loop address for the industrial control firewall, a management IP of the industrial control firewall is not required to be configured, the industrial control firewall can be managed, on-site IP addresses can be saved, the IP address of the industrial control firewall is hidden, and an attacker cannot attack the industrial control firewall through the IP address.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a flow chart of an embodiment of a data transmission method of the present invention;
FIG. 2 is a flow chart of another embodiment of a data transmission method of the present invention;
FIG. 3 is a flow chart of another embodiment of a data transmission method of the present invention;
FIG. 4 is a functional block diagram of one embodiment of a management server of the present invention;
FIG. 5 is a schematic block diagram of an embodiment of an industrial firewall according to the invention;
FIG. 6 is a schematic block diagram of an embodiment of an industrial control management system of the present invention;
fig. 7 is a schematic structural diagram of an embodiment of an electronic device according to the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
As shown in fig. 1, an embodiment of the present invention provides a data transmission method applied to a management server, where the method includes:
and S110, distributing loop addresses to the industrial control firewalls respectively. Illustratively, a plurality of MAC addresses of the industrial control firewalls are obtained; assigning a respective plurality of loopback addresses to the plurality of MAC addresses; and establishing a mapping relation between the plurality of MAC addresses and the plurality of loopback addresses.
S120, a loop address of the target industrial control firewall is obtained, and a data packet to be sent is generated according to data to be sent and the loop address of the target industrial control firewall.
And S130, sending the data packet to be sent to the target industrial control firewall.
In this embodiment, data transmission between the management server and the industrial control firewall is realized by configuring a loopback address for the industrial control firewall, so that not only is a management IP of the industrial control firewall not required to be configured, but also the industrial control firewall can be managed, a field IP address can be saved, the IP address of the industrial control firewall is hidden, and an attacker cannot attack the industrial control firewall through the IP address.
As shown in fig. 2, which is a flowchart of another embodiment of the data transmission method of the present invention, the obtaining a loopback address of a target industrial control firewall includes:
s121, obtaining an MAC address of a target industrial control firewall;
and S122, inquiring the mapping relation according to the MAC address of the target industrial control firewall to determine the loopback address of the target industrial control firewall.
In the embodiment, the management of the plurality of industrial control firewalls is managed through the mapping relation between the MAC addresses of the plurality of industrial control firewalls and the plurality of loopback addresses which is established in advance, and the corresponding loopback addresses can be determined according to the MAC addresses of the target industrial control firewalls in application.
In some embodiments, the data transmission method of the present invention further includes: after a loopback address of a target industrial control firewall is obtained, initiating TCP connection according to the loopback address of the target industrial control firewall; sending the data packet to be sent to the target industrial control firewall comprises the following steps: and sending the data packet to be sent to the target industrial control firewall through the TCP connection.
Fig. 3 is a flowchart illustrating another embodiment of a data transmission method applied to an industrial firewall, the method including:
s210, analyzing the data packet received from the management server to obtain an MAC address and an IP address;
and S220, when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address, redirecting the data packet to the IP protocol stack of the current industrial control firewall for application layer processing.
In this embodiment, data transmission between the management server and the industrial control firewall is realized by configuring a loopback address for the industrial control firewall, so that not only is a management IP of the industrial control firewall not required to be configured, but also the industrial control firewall can be managed, a field IP address can be saved, the IP address of the industrial control firewall is hidden, and an attacker cannot attack the industrial control firewall through the IP address.
In some embodiments, the data transmission method of the present invention further includes: when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address, storing the obtained IP address; and sending the data packet obtained after the application layer processing back to the management server according to the obtained IP address.
Fig. 4 is a schematic block diagram of an embodiment of the management server 400 of the present invention, which includes:
a loopback address configuration program module 410, configured to allocate loopback addresses to the multiple industrial control firewalls respectively;
a data packet generation program module 420, configured to obtain a loop address of a target industrial control firewall, and generate a data packet to be sent according to data to be sent and the loop address of the target industrial control firewall;
a data packet sending program module 430, configured to send the data packet to be sent to the target industrial control firewall.
The management server in this embodiment realizes data transmission between the management server and the industrial control firewall by configuring a loopback address for the industrial control firewall, and not only does not need to configure a management IP of the industrial control firewall, but also can manage the industrial control firewall, and can save an on-site IP address and hide the IP address of the industrial control firewall, so that an attacker cannot attack the industrial control firewall through the IP address.
Fig. 5 is a schematic block diagram of an industrial firewall 500 according to an embodiment of the present invention, where the industrial firewall includes:
a data parser module 510 for parsing the data packet received from the management server to obtain a MAC address and an IP address;
a redirection program module 520, configured to redirect the data packet to an IP protocol stack of the current industrial firewall for application layer processing when the obtained MAC address is the MAC address of the current industrial firewall and the obtained IP address is a loopback address.
In some embodiments, an industrial control management system is further provided, including the management server and the plurality of industrial control firewalls in the foregoing embodiments of the present invention.
Fig. 6 is a schematic block diagram of an embodiment of the industrial control management system according to the present invention, which includes a security management platform (e.g., a management server) and an industrial firewall. The security management platform and the industrial firewall respectively comprise an application layer program and a kernel program. When the security management platform needs to transmit data to the industrial firewall, an application layer program of the security management platform sends the data to be transmitted to a kernel program of the security management platform, so that the kernel packages the MAC address to obtain a data packet to be sent and sends the data packet to the kernel program of the industrial firewall; and the kernel program of the industrial firewall analyzes the received data packet and identifies the loopback IP address, and then the data is uploaded to the application layer program of the industrial firewall.
Aiming at the special requirements of an industrial control scene, the invention provides a method which can not only not configure the management IP of an industrial control firewall, but also manage the industrial control firewall. The method can save the IP address of the site, and can hide the IP address of the industrial control firewall, so that an attacker cannot attack the industrial control firewall through the IP address. The method needs to modify the protocol stacks of the client and the server to achieve the effect of managing the industrial control firewall without the IP.
The specific description is as follows:
1. the whole system is divided into a client and a server, wherein the client is a firewall system, and the server is a security management platform and used for carrying out configuration management on the firewall.
2. The firewall system of the server client provides a WEB management page externally, which is the same as the traditional firewall. When a security management platform of a client server manages a firewall, a program of an application layer does not need to be changed, and TCP connection is initiated according to a common mode.
3. The firewall and the security management platform modify the kernel and modify the kernel network protocol stack, so that data can be transmitted to the client by the server without using an IP address.
4. The firewall and the security management platform adopt the loopback address as the IP address of communication, and the kernel is modified to make the kernel recognize 127.0.16.0/24 network segment IP address as non-loopback address. The kernel can send this IP address out through the portal.
5. In the process, the security management platform can manage a plurality of firewalls, and each firewall is identified through a loopback IP address.
6. The method has the advantage that the effect can be achieved through the modified kernel program and the standard application program without modifying the application layer program.
7. The safety management platform processing method comprises the following steps:
a) firstly, storing a corresponding table of an IP address and an MAC address in a security management platform, wherein the MAC address of each firewall corresponds to different loopback addresses.
b) When the safety management platform initiates TCP connection, the designated IP address is a firewall address, but the address format is a loop address format, and because a kernel protocol stack is modified and the IP of 127.0.16.0/24 network segments is identified as a non-loop address, the safety management platform sends out a data packet of the IP address and encapsulates the MAC address corresponding to the inner edge of an IP/MAC table.
c) And the firewall modifies the kernel, and when the IP address of the network card is not configured, if a data packet with the destination MAC as the local machine and the destination IP address as the loopback address is received, the data packet is redirected to the local IP protocol stack, the loopback IP address is stored at the same time, and data needs to be sent through the IP address subsequently. The packet is then processed by the application layer program.
d) After the firewall application layer program processes the application layer data packet, the data packet is sent back according to the original channel, the destination IP address is the address of the safety management platform, the destination MAC address is the destination MAC address of the safety management platform, the source address is the IP address stored in advance, and then the data packet is sent out.
e) And the safety management platform receives the returned data packet, and the destination IP address and the destination MAC address are local addresses, so the data packet can be directly sent to an application layer program. Such that a complete data packet transmission is completed.
It should be noted that for simplicity of explanation, the foregoing method embodiments are described as a series of acts or combination of acts, but those skilled in the art will appreciate that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention. In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In some embodiments, the present invention provides a non-volatile computer readable storage medium, in which one or more programs including executable instructions are stored, and the executable instructions can be read and executed by an electronic device (including but not limited to a computer, a server, or a network device, etc.) to perform any of the above data transmission methods of the present invention.
In some embodiments, the present invention further provides a computer program product comprising a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a computer, cause the computer to perform any of the data transmission methods described above.
In some embodiments, an embodiment of the present invention further provides an electronic device, which includes: the apparatus includes at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a data transfer method.
In some embodiments, the present invention further provides a storage medium having a computer program stored thereon, wherein the computer program is configured to implement a data transmission method when executed by a processor.
Fig. 7 is a schematic diagram of a hardware structure of an electronic device executing a data transmission method according to another embodiment of the present application, and as shown in fig. 7, the electronic device includes:
one or more processors 710 and a memory 720, one processor 710 being illustrated in fig. 7.
The apparatus for performing the data transmission method may further include: an input device 730 and an output device 740.
The processor 710, the memory 720, the input device 730, and the output device 740 may be connected by a bus or other means, such as the bus connection in fig. 7.
The memory 720, which is a non-volatile computer-readable storage medium, may be used for storing non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions/modules corresponding to the data transmission method in the embodiments of the present application. The processor 710 executes various functional applications of the server and data processing by executing nonvolatile software programs, instructions and modules stored in the memory 720, that is, implements the data transmission method of the above-described method embodiment.
The memory 720 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the data transmission apparatus, and the like. Further, the memory 720 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, memory 720 optionally includes memory located remotely from processor 710, which may be connected to a data transmission device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 730 may receive input numeric or character information and generate signals related to user settings and function control of the data transmission device. The output device 740 may include a display device such as a display screen.
The one or more modules are stored in the memory 720 and, when executed by the one or more processors 710, perform the data transmission method of any of the method embodiments described above.
The product can execute the method provided by the embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the methods provided in the embodiments of the present application.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a general hardware platform, and certainly can also be implemented by hardware. Based on such understanding, the above technical solutions substantially or contributing to the related art may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.
Claims (10)
1. A data transmission method is applied to a management server, and comprises the following steps:
allocating loopback addresses to the industrial control firewalls respectively;
acquiring a loop address of a target industrial control firewall, and generating a data packet to be sent according to data to be sent and the loop address of the target industrial control firewall;
and sending the data packet to be sent to the target industrial control firewall.
2. The method of claim 1, wherein the assigning the loopback addresses to the plurality of industrial firewalls respectively comprises:
acquiring a plurality of MAC addresses of the industrial control firewalls;
assigning a respective plurality of loopback addresses to the plurality of MAC addresses;
and establishing a mapping relation between the plurality of MAC addresses and the plurality of loopback addresses.
3. The method of claim 2, wherein the obtaining the loopback address of the target industrial control firewall comprises:
acquiring an MAC address of a target industrial control firewall;
and inquiring the mapping relation according to the MAC address of the target industrial control firewall to determine the loopback address of the target industrial control firewall.
4. The method of claim 3, further comprising:
after a loopback address of a target industrial control firewall is obtained, initiating TCP connection according to the loopback address of the target industrial control firewall;
sending the data packet to be sent to the target industrial control firewall comprises the following steps: and sending the data packet to be sent to the target industrial control firewall through the TCP connection.
5. A data transmission method is applied to an industrial control firewall, and comprises the following steps:
parsing a data packet received from a management server to obtain a MAC address and an IP address;
and when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address, redirecting the data packet to the IP protocol stack of the current industrial control firewall for application layer processing.
6. The method of claim 5, further comprising:
when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address, storing the obtained IP address;
and sending the data packet obtained after the application layer processing back to the management server according to the obtained IP address.
7. A management server, comprising:
the loopback address configuration program module is used for respectively allocating loopback addresses to the industrial control firewalls;
the data packet to be sent generates a program module, which is used for acquiring a loop address of a target industrial control firewall and generating a data packet to be sent according to data to be sent and the loop address of the target industrial control firewall;
and the data packet sending program module is used for sending the data packet to be sent to the target industrial control firewall.
8. An industrial control firewall, comprising:
a data parsing program module for parsing the data packet received from the management server to obtain an MAC address and an IP address;
and the redirection program module is used for redirecting the data packet to the IP protocol stack of the current industrial control firewall for application layer processing when the obtained MAC address is the MAC address of the current industrial control firewall and the obtained IP address is a loopback address.
9. An electronic device, comprising: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the steps of the method of any one of claims 1-6.
10. A storage medium on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110093540.9A CN112929345A (en) | 2021-01-22 | 2021-01-22 | Data transmission method, management server and industrial control firewall |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110093540.9A CN112929345A (en) | 2021-01-22 | 2021-01-22 | Data transmission method, management server and industrial control firewall |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112929345A true CN112929345A (en) | 2021-06-08 |
Family
ID=76165741
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110093540.9A Pending CN112929345A (en) | 2021-01-22 | 2021-01-22 | Data transmission method, management server and industrial control firewall |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112929345A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113810361A (en) * | 2021-07-15 | 2021-12-17 | 赛姆科技(广东)有限公司 | Rapid deployment management method of IP-free firewall |
| CN115174219A (en) * | 2022-07-06 | 2022-10-11 | 哈尔滨工业大学(威海) | Management system capable of adapting to multiple industrial firewalls |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1505323A (en) * | 2002-12-02 | 2004-06-16 | 深圳市中兴通讯股份有限公司 | Network administration method for no-IP address device |
| CN104618143A (en) * | 2014-12-31 | 2015-05-13 | 北京和利时系统工程有限公司 | Method and device for managing industrial firewall |
| US20200389427A1 (en) * | 2019-06-07 | 2020-12-10 | Cisco Technology, Inc. | Loopback address configuration |
-
2021
- 2021-01-22 CN CN202110093540.9A patent/CN112929345A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1505323A (en) * | 2002-12-02 | 2004-06-16 | 深圳市中兴通讯股份有限公司 | Network administration method for no-IP address device |
| CN104618143A (en) * | 2014-12-31 | 2015-05-13 | 北京和利时系统工程有限公司 | Method and device for managing industrial firewall |
| US20200389427A1 (en) * | 2019-06-07 | 2020-12-10 | Cisco Technology, Inc. | Loopback address configuration |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113810361A (en) * | 2021-07-15 | 2021-12-17 | 赛姆科技(广东)有限公司 | Rapid deployment management method of IP-free firewall |
| CN115174219A (en) * | 2022-07-06 | 2022-10-11 | 哈尔滨工业大学(威海) | Management system capable of adapting to multiple industrial firewalls |
| CN115174219B (en) * | 2022-07-06 | 2024-04-19 | 哈尔滨工业大学(威海) | Management system capable of adapting to various industrial firewalls |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10802906B2 (en) | Monitoring method and apparatus of server, and storage medium | |
| US11563669B2 (en) | Method for implementing network virtualization and related apparatus and communications system | |
| CN111460460B (en) | Task access method, device, proxy server and machine-readable storage medium | |
| JP6707153B2 (en) | Secure configuration of cloud computing nodes | |
| CN110784361A (en) | Virtualized cloud honey network deployment method, device, system and computer-readable storage medium | |
| US10382258B2 (en) | Viral system discovery and installation for distributed networks | |
| CN112929345A (en) | Data transmission method, management server and industrial control firewall | |
| CN113625589B (en) | Equipment control method and device, electronic equipment and storage medium | |
| US10862804B2 (en) | Redirecting data packets between overlay network and underlay network | |
| US10673692B2 (en) | Method, apparatus, and system for acquiring configuration file | |
| JP6448012B2 (en) | Method, apparatus, and system for displaying virtual machine names | |
| CN104780229A (en) | Method of setting cloud server IP address through cloud terminal, system and cloud system | |
| CN101945053B (en) | Method and device for transmitting message | |
| WO2024114022A1 (en) | Session control method and system, and smf network element | |
| CN113268254A (en) | Cluster system installation method and device, electronic equipment and storage medium | |
| CN102685115A (en) | Resource access method, resource management device and system | |
| CN110636149B (en) | Remote access method, device, router and storage medium | |
| CN103532852A (en) | Routing scheduling method, routing scheduling device and network equipment | |
| CN115022165B (en) | BGP stream specification effective interface optimization method, device, equipment and storage medium | |
| US10728312B2 (en) | Data center network containers | |
| US10791088B1 (en) | Methods for disaggregating subscribers via DHCP address translation and devices thereof | |
| CN101931615A (en) | Network equipment downloading files by equipment identification codes and method thereof | |
| CN113055191A (en) | Forwarding method and device, and forwarding plane of broadband remote access server | |
| CN115334035B (en) | Message forwarding method and device, electronic equipment and storage medium | |
| JP6181591B2 (en) | Address payout method, address payout system, address payout server device, and address payout program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210608 |