CN113285955A - Server, and method and device for scanning intranet equipment of router - Google Patents

Server, and method and device for scanning intranet equipment of router Download PDF

Info

Publication number
CN113285955A
CN113285955A CN202110621846.7A CN202110621846A CN113285955A CN 113285955 A CN113285955 A CN 113285955A CN 202110621846 A CN202110621846 A CN 202110621846A CN 113285955 A CN113285955 A CN 113285955A
Authority
CN
China
Prior art keywords
router
scanning
intranet
instruction
scanned
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110621846.7A
Other languages
Chinese (zh)
Other versions
CN113285955B (en
Inventor
周会龙
张祥通
陆中婷
郑佳谦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Wiwide Network Technology Co ltd
Original Assignee
Shanghai Wiwide Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Wiwide Network Technology Co ltd filed Critical Shanghai Wiwide Network Technology Co ltd
Priority to CN202110621846.7A priority Critical patent/CN113285955B/en
Publication of CN113285955A publication Critical patent/CN113285955A/en
Application granted granted Critical
Publication of CN113285955B publication Critical patent/CN113285955B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The server, and the method and the device for safely scanning the intranet equipment of the router comprise the following steps: responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the router adds virtual network routes related to all currently available scanning engines at a virtual network server according to the intranet segment of the router, and starts flow forwarding; and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned. According to the invention, the safety scanning of the intranet equipment of the router on the cloud server is realized, and the efficient, large-scale and batched safety scanning can be carried out.

Description

Server, and method and device for scanning intranet equipment of router
Technical Field
The invention relates to the technical field of network security, in particular to a server, and a method and a device for safely scanning intranet equipment of a router.
Background
The security scanning, namely scanning the security state of the network and/or the system, is helpful for discovering security holes in time and preventing hacker attacks or other illegal attacks.
The intranet security scanning requires that the scanning engine can directly communicate with the intranet equipment, and generally, the scanning engine also needs to be deployed in the intranet.
Because the internal network environment is complex and changeable, the cost for deploying the scanning engine in the internal network is high, and the method is not suitable for large-scale and batch operation.
In general, it is difficult to implement secure scan of the intranet device of the router at the cloud end because it is difficult for the cloud server to actively communicate with the intranet device.
Thus, security scanning of networks and/or systems is typically performed by locally deployed security scanning software (e.g., vulnerability scanners, etc.).
When all hosts of the intranet are intended to be safely scanned, safety scanning software needs to be installed on the hosts one by one, and the hosts are respectively safely scanned, so that the operation is complex and the efficiency is low.
Disclosure of Invention
The technical problem solved by the invention is as follows: how to carry out efficient, large-scale and batch security scanning on a large amount of intranet equipment.
In order to solve the above technical problem, an embodiment of the present invention provides a method for securely scanning an intranet device of a router, including:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
Optionally, the method further includes: the scan engine scheduling service and the router control service are installed on the server in advance.
Optionally, part or all of the server and each scan engine are located in the cloud with respect to the router.
Optionally, the configuring of the range of the intranet device to be scanned is specifically to configure the range of the intranet device to be scanned through a Web UI.
Optionally, the intranet device to be scanned includes a mobile phone, a desktop computer and/or a notebook computer.
Optionally, the scan engine scheduling service and the router control service are deployed on the same server.
Optionally, the scan engine scheduling service and the router control service are also deployed on the same server as one or more scan engines.
Optionally, some or all of the one or more routers do not have public network IP.
Optionally, some or all of the one or more routers are located behind the NAT device.
In order to solve the above technical problem, an embodiment of the present invention further provides an apparatus for securely scanning an intranet device of a router, including:
a processor adapted to load and execute instructions of a software program;
a memory adapted to store a software program comprising instructions for performing the steps of:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
Optionally, the processor is further adapted to process software programs regarding the scan engine scheduling service and the router control service;
a memory further adapted to store software programs relating to a scan engine scheduling service and a router control service.
In order to solve the above technical problem, an embodiment of the present invention further provides a server, where the server includes the apparatus for securely scanning an intranet device of a router as described above.
Compared with the prior art, the technical scheme of the invention has the following beneficial effects:
the cloud end and the router intranet are communicated through the VPN, the intranet can be safely scanned at the cloud end, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first class instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
Furthermore, the scan engine scheduling service, the router control service and one or more scan engines are deployed on the same server, which is convenient for reducing network delay and further improving the efficiency of security scanning.
Further, the router does not need to have a public network IP, and can be located behind the NAT device.
Drawings
Fig. 1 is a schematic diagram of a network topology for securely scanning an intranet device of a router according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for securely scanning an intranet device of a router according to an embodiment of the present invention.
Detailed Description
As can be seen from the analysis in the background section, the intranet security scanning requires the scan engine to be able to directly communicate with the intranet device, and generally the scan engine also needs to be deployed in the intranet.
Because the internal network environment is complex and changeable, the cost for deploying the scanning engine in the internal network is high, and the method is not suitable for large-scale and batch operation.
According to the method, the cloud end and the router intranet are communicated through the VPN, the intranet can be safely scanned at the cloud end, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first class instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
In order that those skilled in the art will better understand and realize the present invention, the following detailed description is given by way of specific embodiments with reference to the accompanying drawings.
Example one
As shown in fig. 1, the basic concept of the present invention is that a user configures a place where intranet scanning needs to be started through a Web UI, and a router which can be remotely managed is placed in the place. When a user starts intranet scanning, the scanning engine scheduling service searches a currently available scanning engine, if the scanning engine is available, the scanning engine scheduling service issues a VPN (virtual private network) connection instruction to the router through the router control service, then a route is added to a VPN service end according to the intranet segment of the router, and meanwhile flow forwarding is started on the router. At this time, the scanning engine can directly communicate with the intranet equipment through the VPN, and then intranet scanning can be started.
As described below, an embodiment of the present invention provides a method for securely scanning an intranet device of a router.
In some embodiments, the method for securely scanning the intranet device of the router is applicable to a VPN.
In other embodiments, the method for securely scanning the intranet device of the router may also be applied to other virtual networks, such as SD-WAN.
Referring to a flow chart of a method for securely scanning an intranet device of a router shown in fig. 2, the following detailed description is made through specific steps:
s201, a scan engine scheduling service and a router control service are installed in advance on a server.
In some embodiments, some or all of the server and the respective scan engines are located in the cloud with respect to the router.
S202, responding to the received first type of instruction, configuring the range of the intranet equipment to be scanned.
The first type of instruction is an instruction about indicating the range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server.
In some embodiments, the configuring the range of the intranet device to be scanned is specifically to configure the range of the intranet device to be scanned through a Web UI.
The intranet equipment to be scanned comprises a mobile phone, a desktop computer and/or a notebook computer.
In some embodiments, some or all of the one or more routers are not equipped with public network IP.
In some embodiments, some or all of the one or more routers are located behind the NAT device.
That is, the router need not have a public network IP, and can be located behind a NAT device.
S203, in response to the received second type of instruction, searching currently available scanning engines through the scanning engine scheduling service.
And the second type of instruction is an instruction about instructing to start intranet scanning.
In some embodiments, the scan engine scheduling service and the router control service are deployed on the same server.
Further, the scan engine scheduling service and the router control service are deployed on the same server as one or more scan engines. Thereby facilitating to reduce network delay and further improving the efficiency of security scanning.
And S204, the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively.
Wherein the third type of instruction is an instruction for instructing a router to add a virtual network route.
And S205, after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at the virtual network service end according to the intranet segment of the router.
And S206, after the third class of instructions are received by the router, the router also starts traffic forwarding on the router.
And S207, each currently available scanning engine is directly communicated with each intranet device to be scanned respectively, and each intranet device to be scanned is safely scanned.
The above description of the technical solution shows that: in this embodiment, the cloud and the router intranet are opened through the VPN, so that the intranet can be safely scanned at the cloud, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first type of instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
Example two
As described below, an embodiment of the present invention provides an apparatus for securely scanning an intranet device of a router.
Refer to fig. 1, which is a schematic diagram of a network topology for securely scanning an intranet device of a router.
The device for safely scanning the intranet equipment of the router comprises: a processor adapted to load and execute instructions of a software program;
a memory adapted to store a software program comprising instructions for performing the steps of:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service (i.e., a router management service in fig. 1) installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
In some embodiments, the processor is further adapted to process software programs for a scan engine scheduling service and a router control service; a memory further adapted to store software programs relating to a scan engine scheduling service and a router control service.
The above description of the technical solution shows that: in this embodiment, the cloud and the router intranet are opened through the VPN, so that the intranet can be safely scanned at the cloud, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first type of instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
EXAMPLE III
As described below, embodiments of the present invention provide a server.
The difference from the prior art is that the user equipment comprises the device for safely scanning the intranet equipment of the router, as provided in the embodiment of the invention. Therefore, the server can get through the cloud and the router intranet through the VPN, can safely scan the intranet in the cloud, and particularly, responds to the received first class of instructions to configure the range of the intranet equipment to be scanned; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
Those skilled in the art will understand that, in the methods of the embodiments, all or part of the steps can be performed by hardware associated with program instructions, and the program can be stored in a computer-readable storage medium, which can include: ROM, RAM, magnetic or optical disks, and the like.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.

Claims (13)

1. A method for securely scanning an intranet device of a router is characterized by comprising the following steps:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
2. The method according to claim 1, wherein the virtual network is a VPN or an SD-WAN.
3. The method for securely scanning an intranet device of a router according to claim 1, further comprising: the scan engine scheduling service and the router control service are installed on the server in advance.
4. The method of claim 1, wherein some or all of the server and each of the scan engines are located in a cloud with respect to the router.
5. The method according to claim 1, wherein the configuring of the range of the intranet device to be scanned is, specifically, configuring the range of the intranet device to be scanned through a Web UI.
6. The method according to claim 1, wherein the intranet device to be scanned comprises a mobile phone, a desktop computer and/or a laptop computer.
7. The method of claim 1, wherein the scan engine scheduling service and the router control service are deployed on a same server.
8. The method of claim 7, wherein the scan engine scheduling service, the router control service, and the one or more scan engines are deployed on a same server.
9. The method according to claim 1, wherein some or all of the one or more routers do not have public network IP.
10. The method according to claim 1, wherein some or all of the one or more routers are located behind a NAT device.
11. An apparatus for securely scanning an intranet device of a router, comprising:
a processor adapted to load and execute instructions of a software program;
a memory adapted to store a software program comprising instructions for performing the steps of:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
12. The apparatus for securely scanning an intranet device of a router according to claim 11,
a processor further adapted to process software programs for a scan engine scheduling service and a router control service;
a memory further adapted to store software programs relating to a scan engine scheduling service and a router control service.
13. A server, characterized in that it comprises an apparatus for securely scanning an intranet device of a router according to any one of claims 11 to 12.
CN202110621846.7A 2021-06-03 2021-06-03 Server, and method and device for scanning intranet equipment of router Active CN113285955B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110621846.7A CN113285955B (en) 2021-06-03 2021-06-03 Server, and method and device for scanning intranet equipment of router

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110621846.7A CN113285955B (en) 2021-06-03 2021-06-03 Server, and method and device for scanning intranet equipment of router

Publications (2)

Publication Number Publication Date
CN113285955A true CN113285955A (en) 2021-08-20
CN113285955B CN113285955B (en) 2022-10-11

Family

ID=77283326

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110621846.7A Active CN113285955B (en) 2021-06-03 2021-06-03 Server, and method and device for scanning intranet equipment of router

Country Status (1)

Country Link
CN (1) CN113285955B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103825891A (en) * 2014-02-19 2014-05-28 曙光云计算技术有限公司 Security flaw scanning system under cloud network environment
US8892766B1 (en) * 2012-06-28 2014-11-18 Trend Micro Incorporated Application-based network traffic redirection for cloud security service
WO2018007917A1 (en) * 2016-07-08 2018-01-11 Encriptor Ltd Network scanning system
CN108171058A (en) * 2017-12-26 2018-06-15 中国联合网络通信集团有限公司 Multi engine virus scan system and multi engine virus scan method based on Serverless frames
CN110311912A (en) * 2019-07-01 2019-10-08 深信服科技股份有限公司 Cloud server, Intranet scanning client, system and Intranet remote scanning method
CN112583875A (en) * 2019-09-30 2021-03-30 浙江宇视科技有限公司 Asset scanning method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8892766B1 (en) * 2012-06-28 2014-11-18 Trend Micro Incorporated Application-based network traffic redirection for cloud security service
CN103825891A (en) * 2014-02-19 2014-05-28 曙光云计算技术有限公司 Security flaw scanning system under cloud network environment
WO2018007917A1 (en) * 2016-07-08 2018-01-11 Encriptor Ltd Network scanning system
CN108171058A (en) * 2017-12-26 2018-06-15 中国联合网络通信集团有限公司 Multi engine virus scan system and multi engine virus scan method based on Serverless frames
CN110311912A (en) * 2019-07-01 2019-10-08 深信服科技股份有限公司 Cloud server, Intranet scanning client, system and Intranet remote scanning method
CN112583875A (en) * 2019-09-30 2021-03-30 浙江宇视科技有限公司 Asset scanning method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王 琼等: "基于内网扫描和内网检测的非法外联监控方案", 《技术广角》 *
王琼等: "基于内网扫描和内网检测的非法外联监控方案", 《信息通信技术》 *

Also Published As

Publication number Publication date
CN113285955B (en) 2022-10-11

Similar Documents

Publication Publication Date Title
EP2798768B1 (en) System and method for cloud based scanning for computer vulnerabilities in a network environment
US20210273977A1 (en) Control access to domains, servers, and content
CN109474936B (en) Internet of things communication method and system applied among multiple lora gateways
WO2019090153A1 (en) Cloud-based multi-function firewall and zero trust private virtual network
US11700276B1 (en) Controlled deployment of blended honeypot services
US10798061B2 (en) Automated learning of externally defined network assets by a network security device
RU2460132C1 (en) System and method of controlling access to corporate network resources for personal computers
US20200396259A1 (en) Cyber-Security in Heterogeneous Networks
US20160294864A1 (en) Managing rogue devices through a network backhaul
CN111711556B (en) Routing method, device, system, equipment and storage medium of virtual private network
US10931527B2 (en) Autonomous configuration system for a service infrastructure
CN104967572A (en) Network access method, apparatus and equipment
CN113285955B (en) Server, and method and device for scanning intranet equipment of router
CN110336793B (en) Intranet access method and related device
CN103249114B (en) Group's Intranet strange land cut-in method and system
CN112087322B (en) Method, device and equipment for configuring basic information of network element and readable storage medium
CN110324826B (en) Intranet access method and related device
WO2021093510A1 (en) Method and system for processing network service, and gateway device
EP2564552B1 (en) Network management in a communications network
CN112866031B (en) Route configuration method, device, equipment and computer readable storage medium
CN115150175B (en) Edge data drainage trapping method for independent network attack of power system
US20190028506A1 (en) Network security user interface for domain query volume time series with custom signal modifications
US11888869B2 (en) System and method for securing network users in an enterprise network through cybersecurity controls
CN115174603B (en) NAS service system, implementation method, electronic equipment and storage medium
CN110611637B (en) Online network threat detection method and system based on VPN flow traction

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant