CN114024753A - Data communication bidirectional ferry isolation device and method - Google Patents
Data communication bidirectional ferry isolation device and method Download PDFInfo
- Publication number
- CN114024753A CN114024753A CN202111316211.2A CN202111316211A CN114024753A CN 114024753 A CN114024753 A CN 114024753A CN 202111316211 A CN202111316211 A CN 202111316211A CN 114024753 A CN114024753 A CN 114024753A
- Authority
- CN
- China
- Prior art keywords
- data
- ferry
- processing unit
- unit
- network machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002457 bidirectional effect Effects 0.000 title claims abstract description 38
- 230000006854 communication Effects 0.000 title claims abstract description 35
- 238000004891 communication Methods 0.000 title claims abstract description 35
- 238000002955 isolation Methods 0.000 title claims abstract description 33
- 238000000034 method Methods 0.000 title claims description 19
- 238000012545 processing Methods 0.000 claims abstract description 137
- 230000005540 biological transmission Effects 0.000 claims abstract description 30
- 239000000126 substance Substances 0.000 claims description 3
- 230000003139 buffering effect Effects 0.000 claims 1
- 230000003993 interaction Effects 0.000 abstract description 6
- 238000005516 engineering process Methods 0.000 abstract description 4
- 238000013461 design Methods 0.000 abstract description 2
- 230000008569 process Effects 0.000 description 5
- 230000007175 bidirectional communication Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 3
- 239000000463 material Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 241001362551 Samba Species 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000002035 prolonged effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the utility model provides a data communication bidirectional ferry isolating device, which comprises: the device comprises a first processing unit, a second processing unit and a ferry unit; the ferry unit comprises a single-pole double-throw switch, a CPU and a memory module; one or more ferry units are arranged and used for bidirectional transmission of data packets; the single-pole double-throw switch is used for switching on the transmission path between the first processing unit and the ferrying unit or switching on the transmission path between the second processing unit and the ferrying unit; when the first processing unit is communicated with the ferry unit, the first processing unit is used for data interaction between the first network machine and the ferry unit; when the second processing unit is communicated with the ferry unit, the second processing unit is used for data interaction between the second network machine and the ferry unit. The utility model designs and realizes a multi-channel bidirectional ferrying technology, which can realize bidirectional isolation and exchange of network system data of different security domains on the premise of ensuring that physical channels of different security domains are relatively independent.
Description
Technical Field
The utility model relates to the field of information security interaction, in particular to a data communication bidirectional ferry isolating device and method.
Background
The bidirectional isolation product mainly aims to block the network connection across the network, terminate the TCP/IP protocol and realize the landing of application data in different security domains.
When two-way isolation technology is used for data exchange between two networks, for example, when files between an A network (external network) and a B network (internal network) are synchronized, an application service similar to FTP can be started at the external end machine with two-way isolation, and a certain file server in the A network or an FTP client of a certain terminal user in an operation domain can upload the files to the FTP server of the external end machine with two-way isolation. After receiving the file, the FTP server carries out security check, and then uses a private encapsulation protocol to segment, mark and encapsulate the data file, and then interacts the data file to an internal terminal file system through an isolation component. And starting a program similar to an FTP application client at the internal terminal, and uploading the file of the file system to an FTP server designated by the B network. Of course, the file synchronization may be in various modes such as FTP, SAMBA, SFTP, and the like. Besides supporting file synchronization, the method also supports a synchronization mode of data such as databases, audio and video streams, mails and the like. The synchronous mode also includes an active mode (bidirectional isolation internal and external terminal active acquisition) or a passive mode (internal and external terminal user active push).
The structure adopted by the bidirectional isolation technology at present is a 2+1 structure, and comprises an outer net machine, an inner net machine and a bidirectional ferry isolation device, wherein the structure diagram is shown in fig. 2. Because the technology of bidirectional isolation often has competition of bandwidth, communication delay, concurrent access amount and the like in the practical application process, many manufacturers often adopt an internal and external network machine to directly connect the bidirectional ferry isolating device with the FPGA card for pursuing higher indexes when realizing the bidirectional isolating component. The bidirectional ferry isolating device is usually realized by adopting an FPGA card and an optical fiber/coaxial cable/network cable. This method is contrary to the ferrying principle, and although the tcp/ip protocol is stripped from the communication protocol layer, the extranet machine and the intranet machine are always in an online connection state. Once the FPGA board card has bug or the program of the FPGA board card is broken, the network of two different security domains is directly caused to form a direct path, and the security of the FPGA board card is greatly reduced.
Disclosure of Invention
In order to solve the problems, the utility model provides a data communication bidirectional ferry isolation device and a data communication bidirectional ferry isolation method.
In a first aspect of the present invention, there is provided a data communication bidirectional ferry isolation device, comprising: the device comprises a first processing unit, a second processing unit and a ferry unit; wherein the content of the first and second substances,
the ferrying unit comprises a single-pole double-throw switch, a CPU and a memory module; one or more ferry units are arranged and used for bidirectional transmission of data packets; the single-pole double-throw switch is used for connecting a transmission path of the first processing unit and the ferrying unit or connecting a transmission path of the second processing unit and the ferrying unit;
when the first processing unit is communicated with the ferry unit, the first processing unit is used for receiving data sent by the first network machine, analyzing and splitting the data into data packets and sending the data packets to the ferry unit; meanwhile, receiving a data packet sent by the ferry unit, analyzing and recombining the data packet into data and sending the data to the first network machine;
when the second processing unit is communicated with the ferry unit, the second processing unit is used for receiving data sent by a second network machine, analyzing and splitting the data into data packets and sending the data packets to the ferry unit; meanwhile, the data packet sent by the ferry unit is received, analyzed and recombined into data, and sent to the second network machine.
Furthermore, the ferry unit CPU is used for controlling the movement of the single-pole double-throw switch, establishing a communication link and monitoring the transmission state of data.
Furthermore, a memory module in the ferry unit is used for caching data.
Furthermore, a plurality of ferry units simultaneously transmit data in parallel.
Further, the first processing unit or the second processing unit includes: CPU, memory module; the CPU of the first processing unit or the second processing unit is configured to establish a bi-directional data communication link via a communication protocol.
Furthermore, the CPU of the first processing unit or the CPU of the second processing unit is further configured to parse and split the data into data packets, or parse and reassemble the data packets into data.
Furthermore, the first processing unit or the second processing unit is respectively plugged in the first network machine or the second network machine in a PCIe card mode.
In a second aspect of the present invention, a data ferry method based on a data communication bidirectional ferry isolation device is provided, where the above bidirectional ferry isolation device is adopted, and includes:
the first processing unit receives data of the first network machine, and the first processing unit analyzes and splits the data into a plurality of first data packets; the second processing unit receives data of the second network machine, and the second processing unit analyzes and splits the data into a plurality of second data packets;
the ferrying unit is communicated with the first processing unit and receives the first data packet A; the ferrying unit disconnects the first processing unit and connects the second processing unit, transmits the first data packet A and receives the second data packet A; the ferrying unit disconnects the second processing unit and connects the first processing unit, transmits the second data packet A and receives the first data packet B; one or more ferry units repeatedly transmit the data packets until all the first data packets and all the second data packets are transmitted;
the second processing unit analyzes and recombines the first data packets and transmits the first data packets to the second network machine; similarly, the first processing unit analyzes, recombines and transmits the second data packets to the first network machine, and bidirectional ferry isolation transmission of data communication is achieved.
Furthermore, before data transmission, the size of the analysis split data packet needs to be set by the CPUs of the first processing unit and the second processing unit according to the size of the memory of the ferry unit.
Further, when no data is transmitted in one direction or two directions, the CPU of the ferry unit controls the single-pole double-throw switch to switch between the first network machine and the second network machine in a time regular polling mode.
The utility model provides a ferry component capable of being physically connected and disconnected as required, so that the data of different security domains can be ensured to form communication links at any time and can be physically disconnected, and the real-time, effective and standard protocol-based communication links between the different security domains cannot be established from a physical layer.
It should be understood that the statements herein reciting aspects are not intended to limit the critical or essential features of any embodiment of the utility model, nor are they intended to limit the scope of the utility model. Other features of the present invention will become apparent from the following description.
Drawings
The above and other features, advantages and aspects of various embodiments of the present invention will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, like or similar reference characters designate like or similar elements, and wherein:
FIG. 1 shows a schematic connection diagram of a bi-directional ferry isolation device of an embodiment of the present invention;
fig. 2 shows a connection diagram of a conventional bidirectional ferry isolation device.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
In the following, referring to fig. 1, a first aspect of the present embodiment is described, which provides a data communication bidirectional ferry isolation device, including: the device comprises a first processing unit, a second processing unit and a ferry unit; wherein the content of the first and second substances,
the ferrying unit comprises a single-pole double-throw switch, a CPU and a memory module; one or more ferry units are arranged and used for bidirectional transmission of data packets; the single-pole double-throw switch is used for connecting a transmission path of the first processing unit and the ferrying unit or connecting a transmission path of the second processing unit and the ferrying unit;
when the first processing unit is communicated with the ferry unit, the first processing unit is used for receiving data sent by the first network machine, analyzing and splitting the data into data packets and sending the data packets to the ferry unit; meanwhile, receiving a data packet sent by the ferry unit, analyzing and recombining the data packet into data and sending the data to the first network machine;
when the second processing unit is communicated with the ferry unit, the second processing unit is used for receiving data sent by a second network machine, analyzing and splitting the data into data packets and sending the data packets to the ferry unit; meanwhile, the data packet sent by the ferry unit is received, analyzed and recombined into data, and sent to the second network machine.
In the above embodiments, the ferry unit CPU is configured to control the movement of the single-pole double-throw switch, establish a communication link, and monitor the transmission state of data.
In the above embodiments, the memory module in the ferry unit is used for caching the data packet.
In the above embodiment, a plurality of ferry units simultaneously perform data transmission in parallel. A plurality of ferry units can be arranged in the isolating device of the bidirectional ferry to realize multi-channel transmission. The number of ferry units, the data throughput speed and the switching speed are decisive for the data bandwidth of the whole system.
In the above embodiment, the first processing unit or the second processing unit each includes: CPU, memory module; the CPU of the first processing unit or the second processing unit is configured to establish a bi-directional data communication link via a communication protocol. The first processing unit and the second processing unit of the device are only distinguished by the setting person of the data transmission function equipment, the working modes and logics of the first processing unit and the second processing unit are completely consistent, and in order to better describe the working process of the data ferry device, the process description is carried out according to the sequence from the first processing unit to the second processing unit. The first processing unit and the second processing unit may also be set as an intranet processing unit and an extranet processing unit according to intranet and extranet data transmission.
In the above embodiment, the CPU of the first processing unit or the second processing unit is further configured to parse and split the data into the data packets, or parse and reassemble the data packets into the data.
In the above embodiment, the first processing unit or the second processing unit is respectively plugged in the first network machine or the second network machine in the form of a PCIe card. The connection of the devices can be exchanged according to the requirements of system hardware, and other forms of connection are adopted.
In a second aspect of the present invention, a data ferry method for a data communication bidirectional ferry isolation device is provided, where the above bidirectional ferry isolation device is adopted, and the method includes:
the first processing unit receives data of the first network machine, and the first processing unit analyzes and splits the data into a plurality of first data packets; the second processing unit receives data of the second network machine, and the second processing unit analyzes and splits the data into a plurality of second data packets;
the ferrying unit is communicated with the first processing unit and receives the first data packet A; the ferrying unit disconnects the first processing unit and connects the second processing unit, transmits the first data packet A and receives the second data packet A; the ferrying unit disconnects the second processing unit and connects the first processing unit, transmits the second data packet A and receives the first data packet B; one or more ferry units simultaneously and repeatedly transmit the data packets until all the first data packets and all the second data packets are transmitted;
the second processing unit analyzes and recombines the first data packets and transmits the first data packets to the second network machine; similarly, the first processing unit analyzes, recombines and transmits the second data packets to the first network machine, and bidirectional ferry isolation transmission of data communication is achieved.
In the above embodiment, before data transmission, the CPUs of the first processing unit and the second processing unit need to set the size of the analysis split data packet according to the size of the memory of the ferry unit.
In the above embodiment, when there is no data transmission in one or both directions, the ferry unit CPU controls the single-pole double-throw switch to switch between the first network machine and the second network machine in a time-regular polling manner. The design avoids the problem that the ferry unit never responds when a processing unit at one end has data transmission.
The specific data ferrying method of the bidirectional ferry isolating device comprises the following steps:
the first data packet is formed: the first processing unit receives data of the first network machine, the first processing unit CPU analyzes the data according to a communication protocol to obtain the data, and splits the data into a plurality of first data packets to be cached in a memory module of the first processing unit, and the data which is not split is temporarily stored in the cache module;
the second data packet forms: the second processing unit receives data of the second network machine, the CPU of the second processing unit analyzes the data according to a communication protocol to obtain data, and splits the data into a plurality of second data packets to be cached in the memory module of the second processing unit, and the data which is not split is temporarily stored in the cache module;
data packet interaction: the ferry unit CPU controls the single-pole double-throw switch to be connected with the first processing unit and establishes a bidirectional communication link with the first processing unit through a communication protocol; the first processing unit transmits the first data packet A to a CPU of the ferry unit and caches the first data packet A in a memory module of the ferry unit, and after the first data packet A is transmitted, the CPU of the ferry unit controls the single-pole double-throw switch to disconnect the first processing unit and switch to connect with the second processing unit and establish a bidirectional communication link;
the ferrying unit transmits the first data packet A to a CPU of the second processing unit and stores the first data packet A in a memory module of the second processing unit; meanwhile, the second processing unit transmits the second data packet A to the ferry unit CPU and stores the second data packet A in the memory module of the ferry unit; after the ferry unit CPU detects that the first data packet A and the second data packet A are transmitted completely, the single-pole double-throw switch is controlled to disconnect the second processing unit, and the ferry unit CPU is switched to be connected with the first processing unit and establish a bidirectional communication link;
the ferrying unit transmits the second data packet A to a CPU of the first processing unit and stores the second data packet A in a memory module of the first processing unit; meanwhile, the first processing unit transmits the first data packet B to a ferry unit CPU and stores the first data packet B in a memory module of the ferry unit; after the ferry unit CPU detects that the second data packet A and the first data packet B are transmitted completely, the single-pole double-throw switch is controlled to disconnect the first processing unit, and the ferry unit CPU is switched to be connected with the second processing unit and establish a bidirectional communication link;
when the device contains a ferry unit: the ferrying unit continuously transmits a first data packet B in the memory module of the ferrying unit to the second processing unit according to the data packet interaction process, transmits a second data packet B of the second processing unit to the first processing unit, and repeatedly executes the data packet B until all data packets in the first processing unit and the second processing unit are completely transmitted, the CPU of the ferrying unit stops, and the data ferrying transmission is completed;
when the device contains a plurality of ferry units: the plurality of ferry units work simultaneously and transmit data packets according to the data packet interaction process; the multiple ferry units are physically isolated from each other, and are logically independent from each other; the first processing unit and the second processing unit can simultaneously transmit data packets with the plurality of ferry units;
the second processing unit analyzes and reconstructs the first data packets into data and transmits the data to the second network machine; similarly, the first processing unit analyzes and reconstructs the second data packets into data, and transmits the data to the first network machine, so that bidirectional ferry isolation transmission of data communication is realized.
On the physical layer between the ferry unit and the first and second processing units, only a connection mode which is not connected with the two parties or is connected with one party is existed at a certain moment, and the first and second network machines and the effectively physically extended data path thereof can not form a direct or indirect physical path no matter which connection mode is existed; when a plurality of ferry units work on one system at the same time, the first network machine, the second network machine and the effective and physically prolonged data path form a direct or indirect physical path due to the characteristics of physical isolation and mutual independence of the ferry units no matter whether the switching action and the switching time are synchronous or not; and respective logic programs exist among the plurality of ferry units during operation, and even if bugs exist in the ferry units or the ferry units are broken by viruses, direct or indirect physical paths are formed among the first network machine, the second network machine and the effective physically extended data paths thereof due to the single-pole double-throw switch. Therefore, the ferry unit can physically connect and disconnect the communication links as required, so that the communication links at any time formed by data of different security domains can be physically disconnected, and a real-time, effective and standard protocol-based communication link cannot be established between different security domains from a physical layer.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the utility model. Further, those skilled in the art should also appreciate that the embodiments described in the specification are exemplary embodiments and that the acts and modules illustrated are not necessarily required to practice the utility model.
In the description of the present application, the description of the terms "one embodiment," "some embodiments," etc. means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. A data communication bidirectional ferry isolating device is characterized by comprising: the device comprises a first processing unit, a second processing unit and a ferry unit; wherein the content of the first and second substances,
the ferry unit comprises a single-pole double-throw switch, a CPU and a memory module; one or more ferry units are arranged and used for bidirectional transmission of data packets; the single-pole double-throw switch is used for switching on a transmission path between the first processing unit and the ferrying unit or switching on a transmission path between the second processing unit and the ferrying unit;
when the first processing unit is communicated with the ferry unit, the first processing unit is used for receiving data sent by a first network machine, analyzing and splitting the data into data packets and sending the data packets to the ferry unit; meanwhile, receiving a data packet sent by the ferry unit, analyzing and recombining the data packet into data and sending the data to the first network machine;
when the second processing unit is connected with the ferry unit, the second processing unit is used for receiving data sent by a second network machine, analyzing and splitting the data into data packets and sending the data packets to the ferry unit; meanwhile, the data packet sent by the ferry unit is received, analyzed and recombined into data, and sent to the second network machine.
2. The bidirectional ferry isolation device of claim 1, wherein the ferry unit CPU is configured to control the movement of the single-pole double-throw switch, establish a communication link, and monitor a transmission state of data.
3. The bi-directional ferry isolation device of claim 1, wherein a memory module within the ferry unit is used for buffering of data packets.
4. The bi-directional ferry isolation device of claim 1, wherein a plurality of the ferry units are in parallel and simultaneously transmit data.
5. The bi-directional ferry isolation device of claim 1, wherein the first processing unit or the second processing unit each comprises: CPU, memory module; the CPU of the first processing unit or the second processing unit is used for establishing a bidirectional data communication link through a communication protocol.
6. The bi-directional ferry isolation device of claim 5, wherein the CPU of the first processing unit or the second processing unit is further configured to parse and split data into packets, or parse and reassemble the packets into the data.
7. The bi-directional ferry isolation device of claim 6, wherein the first processing unit or the second processing unit is plugged onto the first network machine or the second network machine, respectively, in the form of a PCIe card.
8. A data ferry method based on a data communication bidirectional ferry isolating device is characterized in that the bidirectional ferry isolating device according to any one of claims 1 to 7 is adopted, and the method comprises the following steps:
the first processing unit receives data of the first network machine, and the first processing unit analyzes and splits the data into a plurality of first data packets; the second processing unit receives data of the second network machine, and the second processing unit analyzes and splits the data into a plurality of second data packets;
the ferrying unit is communicated with the first processing unit and receives the first data packet A; the ferrying unit disconnects the first processing unit and connects the second processing unit, transmits the first data packet A and receives the second data packet A; the ferrying unit disconnects the second processing unit and connects the first processing unit, transmits the second data packet A and receives the first data packet B; one or more ferry units simultaneously and repeatedly transmit the data packets until all the first data packets and all the second data packets are transmitted;
the second processing unit analyzes and recombines the first data packets and transmits the first data packets to the second network machine; similarly, the first processing unit analyzes, recombines and transmits the second data packets to the first network machine, and bidirectional ferry isolation transmission of data communication is achieved.
9. The data ferry method of claim 8, wherein before data transmission, the CPU of the first processing unit and the CPU of the second processing unit need to set and parse the size of the data packet according to the memory size of the ferry unit.
10. The data ferry method of claim 8, wherein when there is no data transmission in one or both directions, the ferry unit CPU controls the single-pole double-throw switch to switch between the first network machine and the second network machine in a time-regular polling manner.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111316211.2A CN114024753A (en) | 2021-11-08 | 2021-11-08 | Data communication bidirectional ferry isolation device and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111316211.2A CN114024753A (en) | 2021-11-08 | 2021-11-08 | Data communication bidirectional ferry isolation device and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114024753A true CN114024753A (en) | 2022-02-08 |
Family
ID=80062666
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111316211.2A Pending CN114024753A (en) | 2021-11-08 | 2021-11-08 | Data communication bidirectional ferry isolation device and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114024753A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114979036A (en) * | 2022-05-31 | 2022-08-30 | 山东中网云安智能科技有限公司 | Dual-computer hot standby system of network gate based on heartbeat and isolation switching matrix |
| CN115086083A (en) * | 2022-08-19 | 2022-09-20 | 中孚信息股份有限公司 | FPGA-based network gate isolation switching system and method |
| CN116094828A (en) * | 2023-02-14 | 2023-05-09 | 深圳市利谱信息技术有限公司 | Dynamic protocol gateway system based on physical isolation |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014114232A1 (en) * | 2013-01-22 | 2014-07-31 | 横河电机株式会社 | Isolation protection system and method thereof for performing bidirectional data packet filtration inspection |
| CN205992914U (en) * | 2016-08-27 | 2017-03-01 | 山东万博科技股份有限公司 | A kind of data ferry device based on heterogeneous protocol passage |
| CN106998333A (en) * | 2017-05-24 | 2017-08-01 | 山东省计算中心(国家超级计算济南中心) | A kind of bilateral network security isolation system and method |
| CN110943913A (en) * | 2019-07-31 | 2020-03-31 | 广东互动电子网络媒体有限公司 | Industrial safety isolation gateway |
| CN112130638A (en) * | 2020-09-29 | 2020-12-25 | 上海轩田工业设备有限公司 | Internetwork information ferrying device based on two-dimensional code |
| CN113542240A (en) * | 2021-06-30 | 2021-10-22 | 中铁信安(北京)信息安全技术有限公司 | One-way transmission system and method for physical isolation data of mechanical NOT gate |
-
2021
- 2021-11-08 CN CN202111316211.2A patent/CN114024753A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014114232A1 (en) * | 2013-01-22 | 2014-07-31 | 横河电机株式会社 | Isolation protection system and method thereof for performing bidirectional data packet filtration inspection |
| CN205992914U (en) * | 2016-08-27 | 2017-03-01 | 山东万博科技股份有限公司 | A kind of data ferry device based on heterogeneous protocol passage |
| CN106998333A (en) * | 2017-05-24 | 2017-08-01 | 山东省计算中心(国家超级计算济南中心) | A kind of bilateral network security isolation system and method |
| CN110943913A (en) * | 2019-07-31 | 2020-03-31 | 广东互动电子网络媒体有限公司 | Industrial safety isolation gateway |
| CN112130638A (en) * | 2020-09-29 | 2020-12-25 | 上海轩田工业设备有限公司 | Internetwork information ferrying device based on two-dimensional code |
| CN113542240A (en) * | 2021-06-30 | 2021-10-22 | 中铁信安(北京)信息安全技术有限公司 | One-way transmission system and method for physical isolation data of mechanical NOT gate |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114979036A (en) * | 2022-05-31 | 2022-08-30 | 山东中网云安智能科技有限公司 | Dual-computer hot standby system of network gate based on heartbeat and isolation switching matrix |
| CN114979036B (en) * | 2022-05-31 | 2024-05-10 | 山东中网云安智能科技有限公司 | Dual-machine hot standby system of network gate based on heartbeat and isolation exchange matrix |
| CN115086083A (en) * | 2022-08-19 | 2022-09-20 | 中孚信息股份有限公司 | FPGA-based network gate isolation switching system and method |
| CN116094828A (en) * | 2023-02-14 | 2023-05-09 | 深圳市利谱信息技术有限公司 | Dynamic protocol gateway system based on physical isolation |
| CN116094828B (en) * | 2023-02-14 | 2023-11-17 | 深圳市利谱信息技术有限公司 | Dynamic protocol gateway system based on physical isolation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114024753A (en) | Data communication bidirectional ferry isolation device and method | |
| CN102880475B (en) | Based on the real-time event disposal system of cloud computing and method in computer software | |
| US5931913A (en) | Methods, system and computer program products for establishing a session between a host and a terminal using a reduced protocol | |
| US20030237016A1 (en) | System and apparatus for accelerating content delivery throughout networks | |
| CN101729543B (en) | Method for improving performance of mobile SSL VPN by utilizing remote Socks5 technology | |
| CN108965123A (en) | A kind of link switch-over method and network communicating system | |
| CN110868278B (en) | Method for dual-computer redundancy of communication front-end processor of rail transit comprehensive monitoring system | |
| CN105450779B (en) | The method of one household appliance connection multiserver | |
| CN101860491B (en) | Aggregation type link bidirectional forwarding detection method and device thereof | |
| WO2023216424A1 (en) | Data link service processing system and method for networked encrypted transmission | |
| CN106612233A (en) | Multi-channel network switching method and system | |
| CN104486146A (en) | Communication method for testing console and testing equipment | |
| CN216210993U (en) | Data communication bidirectional ferry isolating device | |
| CN100531067C (en) | System and method for realizing multiple link point-to-point silent interception by port image | |
| CN101277225A (en) | Method for analyzing network quality as well as network quality analysis terminal-initiating equipment | |
| CN105490970B (en) | A kind of method, apparatus and system of link Fast Convergent | |
| CN117956225A (en) | Asynchronous communication method, device and medium for remote operation and maintenance system of intelligent set top box | |
| CN104536853B (en) | Device for guaranteeing continuous availability of resources of dual-controller storage equipment | |
| CN107046647B (en) | A kind of control method of multispectral remote sensing image real-time decompression device | |
| CN105159929A (en) | Memory database communication method and system | |
| CN104468213B (en) | A kind of switch remote management system and method | |
| CN107193767A (en) | A kind of double controller storage system caches the data transmission system of mirror image | |
| CN107770100B (en) | Test, launch and control redundancy network architecture and redundancy method | |
| CN208597089U (en) | A kind of network tunnel automatic switching control equipment based on network quality | |
| CN116471342A (en) | Multi-protocol access system and method for multi-Internet of things equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |