CN113285955A - Server, and method and device for scanning intranet equipment of router - Google Patents
Server, and method and device for scanning intranet equipment of router Download PDFInfo
- Publication number
- CN113285955A CN113285955A CN202110621846.7A CN202110621846A CN113285955A CN 113285955 A CN113285955 A CN 113285955A CN 202110621846 A CN202110621846 A CN 202110621846A CN 113285955 A CN113285955 A CN 113285955A
- Authority
- CN
- China
- Prior art keywords
- router
- scanning
- intranet
- instruction
- scanned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The server, and the method and the device for safely scanning the intranet equipment of the router comprise the following steps: responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the router adds virtual network routes related to all currently available scanning engines at a virtual network server according to the intranet segment of the router, and starts flow forwarding; and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned. According to the invention, the safety scanning of the intranet equipment of the router on the cloud server is realized, and the efficient, large-scale and batched safety scanning can be carried out.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a server, and a method and a device for safely scanning intranet equipment of a router.
Background
The security scanning, namely scanning the security state of the network and/or the system, is helpful for discovering security holes in time and preventing hacker attacks or other illegal attacks.
The intranet security scanning requires that the scanning engine can directly communicate with the intranet equipment, and generally, the scanning engine also needs to be deployed in the intranet.
Because the internal network environment is complex and changeable, the cost for deploying the scanning engine in the internal network is high, and the method is not suitable for large-scale and batch operation.
In general, it is difficult to implement secure scan of the intranet device of the router at the cloud end because it is difficult for the cloud server to actively communicate with the intranet device.
Thus, security scanning of networks and/or systems is typically performed by locally deployed security scanning software (e.g., vulnerability scanners, etc.).
When all hosts of the intranet are intended to be safely scanned, safety scanning software needs to be installed on the hosts one by one, and the hosts are respectively safely scanned, so that the operation is complex and the efficiency is low.
Disclosure of Invention
The technical problem solved by the invention is as follows: how to carry out efficient, large-scale and batch security scanning on a large amount of intranet equipment.
In order to solve the above technical problem, an embodiment of the present invention provides a method for securely scanning an intranet device of a router, including:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
Optionally, the method further includes: the scan engine scheduling service and the router control service are installed on the server in advance.
Optionally, part or all of the server and each scan engine are located in the cloud with respect to the router.
Optionally, the configuring of the range of the intranet device to be scanned is specifically to configure the range of the intranet device to be scanned through a Web UI.
Optionally, the intranet device to be scanned includes a mobile phone, a desktop computer and/or a notebook computer.
Optionally, the scan engine scheduling service and the router control service are deployed on the same server.
Optionally, the scan engine scheduling service and the router control service are also deployed on the same server as one or more scan engines.
Optionally, some or all of the one or more routers do not have public network IP.
Optionally, some or all of the one or more routers are located behind the NAT device.
In order to solve the above technical problem, an embodiment of the present invention further provides an apparatus for securely scanning an intranet device of a router, including:
a processor adapted to load and execute instructions of a software program;
a memory adapted to store a software program comprising instructions for performing the steps of:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
Optionally, the processor is further adapted to process software programs regarding the scan engine scheduling service and the router control service;
a memory further adapted to store software programs relating to a scan engine scheduling service and a router control service.
In order to solve the above technical problem, an embodiment of the present invention further provides a server, where the server includes the apparatus for securely scanning an intranet device of a router as described above.
Compared with the prior art, the technical scheme of the invention has the following beneficial effects:
the cloud end and the router intranet are communicated through the VPN, the intranet can be safely scanned at the cloud end, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first class instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
Furthermore, the scan engine scheduling service, the router control service and one or more scan engines are deployed on the same server, which is convenient for reducing network delay and further improving the efficiency of security scanning.
Further, the router does not need to have a public network IP, and can be located behind the NAT device.
Drawings
Fig. 1 is a schematic diagram of a network topology for securely scanning an intranet device of a router according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for securely scanning an intranet device of a router according to an embodiment of the present invention.
Detailed Description
As can be seen from the analysis in the background section, the intranet security scanning requires the scan engine to be able to directly communicate with the intranet device, and generally the scan engine also needs to be deployed in the intranet.
Because the internal network environment is complex and changeable, the cost for deploying the scanning engine in the internal network is high, and the method is not suitable for large-scale and batch operation.
According to the method, the cloud end and the router intranet are communicated through the VPN, the intranet can be safely scanned at the cloud end, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first class instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
In order that those skilled in the art will better understand and realize the present invention, the following detailed description is given by way of specific embodiments with reference to the accompanying drawings.
Example one
As shown in fig. 1, the basic concept of the present invention is that a user configures a place where intranet scanning needs to be started through a Web UI, and a router which can be remotely managed is placed in the place. When a user starts intranet scanning, the scanning engine scheduling service searches a currently available scanning engine, if the scanning engine is available, the scanning engine scheduling service issues a VPN (virtual private network) connection instruction to the router through the router control service, then a route is added to a VPN service end according to the intranet segment of the router, and meanwhile flow forwarding is started on the router. At this time, the scanning engine can directly communicate with the intranet equipment through the VPN, and then intranet scanning can be started.
As described below, an embodiment of the present invention provides a method for securely scanning an intranet device of a router.
In some embodiments, the method for securely scanning the intranet device of the router is applicable to a VPN.
In other embodiments, the method for securely scanning the intranet device of the router may also be applied to other virtual networks, such as SD-WAN.
Referring to a flow chart of a method for securely scanning an intranet device of a router shown in fig. 2, the following detailed description is made through specific steps:
s201, a scan engine scheduling service and a router control service are installed in advance on a server.
In some embodiments, some or all of the server and the respective scan engines are located in the cloud with respect to the router.
S202, responding to the received first type of instruction, configuring the range of the intranet equipment to be scanned.
The first type of instruction is an instruction about indicating the range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server.
In some embodiments, the configuring the range of the intranet device to be scanned is specifically to configure the range of the intranet device to be scanned through a Web UI.
The intranet equipment to be scanned comprises a mobile phone, a desktop computer and/or a notebook computer.
In some embodiments, some or all of the one or more routers are not equipped with public network IP.
In some embodiments, some or all of the one or more routers are located behind the NAT device.
That is, the router need not have a public network IP, and can be located behind a NAT device.
S203, in response to the received second type of instruction, searching currently available scanning engines through the scanning engine scheduling service.
And the second type of instruction is an instruction about instructing to start intranet scanning.
In some embodiments, the scan engine scheduling service and the router control service are deployed on the same server.
Further, the scan engine scheduling service and the router control service are deployed on the same server as one or more scan engines. Thereby facilitating to reduce network delay and further improving the efficiency of security scanning.
And S204, the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively.
Wherein the third type of instruction is an instruction for instructing a router to add a virtual network route.
And S205, after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at the virtual network service end according to the intranet segment of the router.
And S206, after the third class of instructions are received by the router, the router also starts traffic forwarding on the router.
And S207, each currently available scanning engine is directly communicated with each intranet device to be scanned respectively, and each intranet device to be scanned is safely scanned.
The above description of the technical solution shows that: in this embodiment, the cloud and the router intranet are opened through the VPN, so that the intranet can be safely scanned at the cloud, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first type of instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
Example two
As described below, an embodiment of the present invention provides an apparatus for securely scanning an intranet device of a router.
Refer to fig. 1, which is a schematic diagram of a network topology for securely scanning an intranet device of a router.
The device for safely scanning the intranet equipment of the router comprises: a processor adapted to load and execute instructions of a software program;
a memory adapted to store a software program comprising instructions for performing the steps of:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service (i.e., a router management service in fig. 1) installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
In some embodiments, the processor is further adapted to process software programs for a scan engine scheduling service and a router control service; a memory further adapted to store software programs relating to a scan engine scheduling service and a router control service.
The above description of the technical solution shows that: in this embodiment, the cloud and the router intranet are opened through the VPN, so that the intranet can be safely scanned at the cloud, and specifically, the range of the intranet equipment to be scanned is configured in response to the received first type of instruction; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
EXAMPLE III
As described below, embodiments of the present invention provide a server.
The difference from the prior art is that the user equipment comprises the device for safely scanning the intranet equipment of the router, as provided in the embodiment of the invention. Therefore, the server can get through the cloud and the router intranet through the VPN, can safely scan the intranet in the cloud, and particularly, responds to the received first class of instructions to configure the range of the intranet equipment to be scanned; the intranet equipment to be scanned is intranet equipment of one or more routers; in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; after the third class of instructions are received by the router, the router adds VPN routes related to all currently available scanning engines at a VPN server according to the intranet segment of the router; after the third class of instructions are received by the router, the router also starts flow forwarding on the router; each current available scanning engine carries out direct communication with each intranet equipment of treating the scanning respectively, carries out the security scan to each intranet equipment of treating the scanning to realized carrying out the security scan to the intranet equipment of router on the high in the clouds server, can carry out efficient, extensive, the security scan of batchization.
Those skilled in the art will understand that, in the methods of the embodiments, all or part of the steps can be performed by hardware associated with program instructions, and the program can be stored in a computer-readable storage medium, which can include: ROM, RAM, magnetic or optical disks, and the like.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (13)
1. A method for securely scanning an intranet device of a router is characterized by comprising the following steps:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
2. The method according to claim 1, wherein the virtual network is a VPN or an SD-WAN.
3. The method for securely scanning an intranet device of a router according to claim 1, further comprising: the scan engine scheduling service and the router control service are installed on the server in advance.
4. The method of claim 1, wherein some or all of the server and each of the scan engines are located in a cloud with respect to the router.
5. The method according to claim 1, wherein the configuring of the range of the intranet device to be scanned is, specifically, configuring the range of the intranet device to be scanned through a Web UI.
6. The method according to claim 1, wherein the intranet device to be scanned comprises a mobile phone, a desktop computer and/or a laptop computer.
7. The method of claim 1, wherein the scan engine scheduling service and the router control service are deployed on a same server.
8. The method of claim 7, wherein the scan engine scheduling service, the router control service, and the one or more scan engines are deployed on a same server.
9. The method according to claim 1, wherein some or all of the one or more routers do not have public network IP.
10. The method according to claim 1, wherein some or all of the one or more routers are located behind a NAT device.
11. An apparatus for securely scanning an intranet device of a router, comprising:
a processor adapted to load and execute instructions of a software program;
a memory adapted to store a software program comprising instructions for performing the steps of:
responding to the received first type of instruction, and configuring the range of the intranet equipment to be scanned; the first type of instruction is an instruction about indicating a range of an intranet device to be scanned, the intranet device to be scanned is an intranet device of one or more routers, and the routers can be remotely controlled by a router control service installed on a server;
in response to receiving the second type of instruction, searching for a currently available scan engine by a scan engine scheduling service; the second type of instruction is an instruction about instructing to start intranet scanning;
the scanning engine scheduling service responds to each searched currently available scanning engine and sends a third class of instructions to the router through the router control service respectively; the third type of instruction is an instruction about instructing a router to add a virtual network route;
after the third type of instruction is received by the router, the router adds virtual network routes related to all currently available scanning engines at a virtual network service end according to the intranet segment of the router;
after the third class of instructions are received by the router, the router also starts flow forwarding on the router;
and each currently available scanning engine is in direct communication with each intranet device to be scanned respectively, and performs security scanning on each intranet device to be scanned.
12. The apparatus for securely scanning an intranet device of a router according to claim 11,
a processor further adapted to process software programs for a scan engine scheduling service and a router control service;
a memory further adapted to store software programs relating to a scan engine scheduling service and a router control service.
13. A server, characterized in that it comprises an apparatus for securely scanning an intranet device of a router according to any one of claims 11 to 12.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110621846.7A CN113285955B (en) | 2021-06-03 | 2021-06-03 | Server, and method and device for scanning intranet equipment of router |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110621846.7A CN113285955B (en) | 2021-06-03 | 2021-06-03 | Server, and method and device for scanning intranet equipment of router |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113285955A true CN113285955A (en) | 2021-08-20 |
CN113285955B CN113285955B (en) | 2022-10-11 |
Family
ID=77283326
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110621846.7A Active CN113285955B (en) | 2021-06-03 | 2021-06-03 | Server, and method and device for scanning intranet equipment of router |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113285955B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103825891A (en) * | 2014-02-19 | 2014-05-28 | 曙光云计算技术有限公司 | Security flaw scanning system under cloud network environment |
US8892766B1 (en) * | 2012-06-28 | 2014-11-18 | Trend Micro Incorporated | Application-based network traffic redirection for cloud security service |
WO2018007917A1 (en) * | 2016-07-08 | 2018-01-11 | Encriptor Ltd | Network scanning system |
CN108171058A (en) * | 2017-12-26 | 2018-06-15 | 中国联合网络通信集团有限公司 | Multi engine virus scan system and multi engine virus scan method based on Serverless frames |
CN110311912A (en) * | 2019-07-01 | 2019-10-08 | 深信服科技股份有限公司 | Cloud server, Intranet scanning client, system and Intranet remote scanning method |
CN112583875A (en) * | 2019-09-30 | 2021-03-30 | 浙江宇视科技有限公司 | Asset scanning method and device |
-
2021
- 2021-06-03 CN CN202110621846.7A patent/CN113285955B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8892766B1 (en) * | 2012-06-28 | 2014-11-18 | Trend Micro Incorporated | Application-based network traffic redirection for cloud security service |
CN103825891A (en) * | 2014-02-19 | 2014-05-28 | 曙光云计算技术有限公司 | Security flaw scanning system under cloud network environment |
WO2018007917A1 (en) * | 2016-07-08 | 2018-01-11 | Encriptor Ltd | Network scanning system |
CN108171058A (en) * | 2017-12-26 | 2018-06-15 | 中国联合网络通信集团有限公司 | Multi engine virus scan system and multi engine virus scan method based on Serverless frames |
CN110311912A (en) * | 2019-07-01 | 2019-10-08 | 深信服科技股份有限公司 | Cloud server, Intranet scanning client, system and Intranet remote scanning method |
CN112583875A (en) * | 2019-09-30 | 2021-03-30 | 浙江宇视科技有限公司 | Asset scanning method and device |
Non-Patent Citations (2)
Title |
---|
王 琼等: "基于内网扫描和内网检测的非法外联监控方案", 《技术广角》 * |
王琼等: "基于内网扫描和内网检测的非法外联监控方案", 《信息通信技术》 * |
Also Published As
Publication number | Publication date |
---|---|
CN113285955B (en) | 2022-10-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2798768B1 (en) | System and method for cloud based scanning for computer vulnerabilities in a network environment | |
US20210273977A1 (en) | Control access to domains, servers, and content | |
CN109474936B (en) | Internet of things communication method and system applied among multiple lora gateways | |
WO2019090153A1 (en) | Cloud-based multi-function firewall and zero trust private virtual network | |
US11700276B1 (en) | Controlled deployment of blended honeypot services | |
US10798061B2 (en) | Automated learning of externally defined network assets by a network security device | |
RU2460132C1 (en) | System and method of controlling access to corporate network resources for personal computers | |
US20200396259A1 (en) | Cyber-Security in Heterogeneous Networks | |
US20160294864A1 (en) | Managing rogue devices through a network backhaul | |
CN111711556B (en) | Routing method, device, system, equipment and storage medium of virtual private network | |
US10931527B2 (en) | Autonomous configuration system for a service infrastructure | |
CN104967572A (en) | Network access method, apparatus and equipment | |
CN113285955B (en) | Server, and method and device for scanning intranet equipment of router | |
CN110336793B (en) | Intranet access method and related device | |
CN103249114B (en) | Group's Intranet strange land cut-in method and system | |
CN112087322B (en) | Method, device and equipment for configuring basic information of network element and readable storage medium | |
CN110324826B (en) | Intranet access method and related device | |
WO2021093510A1 (en) | Method and system for processing network service, and gateway device | |
EP2564552B1 (en) | Network management in a communications network | |
CN112866031B (en) | Route configuration method, device, equipment and computer readable storage medium | |
CN115150175B (en) | Edge data drainage trapping method for independent network attack of power system | |
US20190028506A1 (en) | Network security user interface for domain query volume time series with custom signal modifications | |
US11888869B2 (en) | System and method for securing network users in an enterprise network through cybersecurity controls | |
CN115174603B (en) | NAS service system, implementation method, electronic equipment and storage medium | |
CN110611637B (en) | Online network threat detection method and system based on VPN flow traction |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |