CN116582424A - Switch configuration method and device, storage medium and electronic equipment - Google Patents

Switch configuration method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN116582424A
CN116582424A CN202310848474.0A CN202310848474A CN116582424A CN 116582424 A CN116582424 A CN 116582424A CN 202310848474 A CN202310848474 A CN 202310848474A CN 116582424 A CN116582424 A CN 116582424A
Authority
CN
China
Prior art keywords
drainage switch
network configuration
resource pool
remote control
control component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310848474.0A
Other languages
Chinese (zh)
Other versions
CN116582424B (en
Inventor
张太成
杜永锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Datacloudsec Information Technology Co ltd
Original Assignee
Beijing Datacloudsec Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Datacloudsec Information Technology Co ltd filed Critical Beijing Datacloudsec Information Technology Co ltd
Priority to CN202310848474.0A priority Critical patent/CN116582424B/en
Publication of CN116582424A publication Critical patent/CN116582424A/en
Application granted granted Critical
Publication of CN116582424B publication Critical patent/CN116582424B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0876Aspects of the degree of configuration automation
    • H04L41/0886Fully automatic configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0889Techniques to speed-up the configuration process
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/25Routing or path finding in a switch fabric
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

The invention discloses a switch configuration method, a switch configuration device, a storage medium and electronic equipment. The method comprises the following steps: storing user account information of a drainage switch into a safe resource pool, wherein the drainage switch is respectively connected with the safe resource pool and a core switch, and is used for guiding service messages for providing safe service into the safe resource pool; synchronously storing network configuration information of a target interface into a secure resource pool and a drainage switch, wherein the network configuration information is used for indicating the target interface of the core switch connected with the drainage switch and network configuration parameters corresponding to the target interface; logging in a drainage switch based on user account information and a preset remote control component, and executing network configuration operation on the drainage switch based on the remote control component and the target interface. The invention solves the technical problems of low efficiency, easy error and higher maintenance cost caused by manually carrying out network configuration on the drainage switch in the related technology.

Description

Switch configuration method and device, storage medium and electronic equipment
Technical Field
The present invention relates to the field of computer networks, and in particular, to a method and apparatus for configuring a switch, a storage medium, and an electronic device.
Background
In the current cloud security solution, the security resource pool is a general solution, and the security resource pool is a collection of physical or virtual security function components, and is deployed independent of the cloud platform service resource pool of the user, so that service traffic does not pass through the security resource pool under normal conditions, and the user needs to manually configure a PBR (Policy Based Routing, policy routing) policy on a core switch to introduce traffic into the security resource pool for protection.
The network operation and maintenance of the safe resource pool is used as an important link in the drainage process, and the network configuration of the current resource pool mainly depends on operation and maintenance personnel to log in a switch connected with the safe resource pool for manual configuration or modification. This approach is not only inefficient, but also prone to error and high maintenance costs.
Disclosure of Invention
The embodiment of the invention provides a switch configuration method, a device, a storage medium and electronic equipment, which at least solve the technical problems of low efficiency, easy error and higher maintenance cost caused by manually configuring a network of a drainage switch in the related technology.
According to an aspect of an embodiment of the present invention, there is provided a switch configuration method, including: storing user account information of a drainage switch into a secure resource pool, wherein the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user with management authority of the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool; synchronously storing network configuration information of a connection interface into the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the drainage switch connected with the core switch and network configuration parameters corresponding to the target interface; logging in the drainage switch based on the user account information and a preset remote control component, and determining the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch; and performing network configuration operation on the drainage switch based on the remote control component and the target interface.
According to another aspect of the embodiment of the present invention, there is also provided a switch configuration apparatus, including: the first storage unit is used for storing user account information of a drainage switch into a secure resource pool, the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user who has authority to manage the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool; the second storage unit is used for synchronously storing the network configuration information of the connection interface to the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the core switch connected by the drainage switch and network configuration parameters corresponding to the target interface; a login unit, configured to login to the drainage switch based on the user account information and a preset remote control component, and determine the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch; and the configuration unit is used for executing network configuration operation on the drainage switch based on the remote control component and the target interface.
According to still another aspect of the embodiments of the present invention, there is also provided an electronic device including a memory in which a computer program is stored, and a processor configured to execute the switch configuration method described above by the computer program.
According to yet another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium having a computer program stored therein, wherein the computer program is configured to perform the above switch configuration method when run.
In the embodiment of the invention, the method of storing the account information of the drainage switch and the network configuration information of the target interface into the secure resource pool, logging in the drainage switch based on the user account information and the preset remote control component, and executing network configuration operation on the drainage switch based on the remote control component and the target interface is adopted. And further, the technical problems of low efficiency, easy error and higher maintenance cost caused by manually carrying out network configuration on the drainage switch in the related technology are solved.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. In the drawings:
FIG. 1 is a schematic illustration of an application environment of an alternative switch configuration method in accordance with an embodiment of the present application;
FIG. 2 is a schematic diagram of an application environment of another alternative switch configuration method in accordance with an embodiment of the application;
FIG. 3 is a schematic illustration of an application environment of yet another alternative switch configuration method in accordance with an embodiment of the application;
FIG. 4 is a flow diagram of an alternative switch configuration method according to an embodiment of the application;
fig. 5 is a flow diagram of another alternative switch configuration method in accordance with an embodiment of the present application;
fig. 6 is a flow diagram of yet another alternative switch configuration method in accordance with an embodiment of the present application;
fig. 7 is a schematic diagram of an alternative switch configuration device in accordance with an embodiment of the application;
fig. 8 is a schematic structural view of an alternative electronic device according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
According to an aspect of the embodiment of the present invention, a switch configuration method is provided, optionally, as an alternative implementation manner, the switch configuration method may be applied, but not limited to, in an application environment as shown in fig. 1. The application environment comprises the following steps: the system comprises a terminal device 102 which performs man-machine interaction with a user, a network 110, a server 112 and a drainage switch 120 connected with the server 112. The terminal device 102 has a network configuration application running therein. The terminal device 102 includes a man-machine interaction screen 108, a processor 106 and a memory 104. The man-machine interaction screen 108 is used for displaying network configuration parameters of the drainage switch; the processor 106 is configured to obtain user account information of the drainage switch and network configuration information of the connection interface. The memory 104 is configured to store user account information of the above-mentioned flow switch and network configuration information of the connection interface.
In addition, the server 112 includes a database 114, a processing engine 116, and a secure resource pool 118, where the database 114 is used to store the user account information of the above-mentioned drainage switch, and network configuration information of the connection interface. The processing engine 116 is configured to store user account information of a drainage switch to a secure resource pool, where the drainage switch is connected to the secure resource pool and a core switch, the user account information includes account information of a user who has authority to manage the drainage switch, and the drainage switch is configured to drain a service packet output by the core switch and used to provide a security service into the secure resource pool; synchronously storing network configuration information of a connection interface into the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the drainage switch connected with the core switch and network configuration parameters corresponding to the target interface; logging in the drainage switch based on the user account information and a preset remote control component, and determining the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch; and performing network configuration operation on the drainage switch based on the remote control component and the target interface. The secure resource pool 118 is here a collection of resources in the server 112 that provide secure services.
In one or more embodiments, the switch configuration method of the present application described above may be applied in the application environment shown in fig. 2. As shown in fig. 2, a human-machine interaction may be performed between a user 202 and a user device 204. The user device 204 includes a memory 206 and a processor 208. The user equipment 204 in this embodiment may, but is not limited to, perform network configuration operations on the drainage switch based on the remote control component and the target interface with reference to performing the operations performed by the terminal equipment 102.
Optionally, the terminal device 102 and the user device 204 include, but are not limited to, a mobile phone, a set top box, a television, a tablet computer, a notebook computer, a PC, a vehicle electronic device, a wearable device, and the like, and the network 110 may include, but is not limited to, a wireless network or a wired network. Wherein the wireless network comprises: WIFI and other networks that enable wireless communications. The wired network may include, but is not limited to: wide area network, metropolitan area network, local area network. The server 112 may include, but is not limited to, any hardware device that can perform calculations. The server 112 may be a single server, a server cluster including a plurality of servers, or a cloud server. The above is merely an example, and is not limited in any way in the present embodiment.
The protection type security services in the security resource pool basically adopt a policy routing mode, and generally require that user traffic flow be led from the switch to a virtual route or other gateway device in the resource pool through the policy routing or other modes. As shown in fig. 3. In the deployment process of the cloud security resource pool, unified drainage configuration is required to be carried out on the core switch, all traffic is led to the drainage switch of the security resource pool, then all network configuration required by security service is operated on the drainage switch, the service requiring security service is drained into the resource pool, and the service requiring security service is returned to the core switch without default routing. The influence on the user service can be reduced to the greatest extent. However, when the network configuration is performed on the drainage switch, the security resource pool operation and maintenance personnel are required to have enough knowledge of the switch and also have enough knowledge of the drainage principle and service details. Therefore, the network configuration has higher cost, the manual configuration is complex, errors easily occur in the configuration process, and the network configuration efficiency is lower.
In order to solve the above technical problem, as an alternative implementation manner, as shown in fig. 4, an embodiment of the present invention provides a switch configuration method, including the following steps:
S402, user account information of a drainage switch is stored in a secure resource pool, the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user who has authority to manage the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool.
Specifically, in the embodiment of the application, the user account information of the drainage switch is stored through the secure resource pool, and the drainage switch can be remotely logged in the secure resource pool to perform network configuration. The user account information here includes an account and a password of an administrator of the drainage switch, or an account and a password of a user having ordinary configuration authority of the drainage switch.
S404, synchronously storing the network configuration information of the connection interface into the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating the drainage switch to connect with a target interface of the core switch and network configuration parameters corresponding to the target interface.
In the embodiment of the application, the network configuration information of the connection interface is respectively stored in the safety resource pool and the drainage switch, after the network configuration information is changed in the safety resource pool, the changed network configuration information is compared with the network configuration information in the drainage switch, and when the network configuration information is inconsistent, the network configuration information in the drainage switch is updated remotely through the safety resource pool. As shown in fig. 3, the connection interface of the core switch and the drainage switch is G1, that is, the target interface, and the service providing the security service is drained to the security resource pool by configuring the network configuration parameter corresponding to G1.
S406, logging in the drainage switch based on the user account information and a preset remote control component, and determining the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set of network configuration of the drainage switch.
Here, the remote control component includes, but is not limited to, a component that is provided with a connection based on a paramiko component or the like, performs related operations, and encapsulates an instruction set of the network configuration of the drainage switch according to the component.
S408, performing network configuration operation on the drainage switch based on the remote control component and the target interface.
Specifically, logging in to a drainage switch through a remote control component according to account information in a secure resource pool, performing corresponding operation on network configuration corresponding to the target interface, for example, when adding an IP address (for example, IP 1) of a new security service, only inputting the IP1 into a dialog box needing a new service IP in the secure resource pool, and after the secure resource pool receives the IP1, calling a corresponding new service command based on the remote control component, and performing configuration operation of the new service IP on the drainage switch on the target interface.
In the embodiment of the invention, the method of storing the account information of the drainage switch and the network configuration information of the target interface into the secure resource pool, logging in the drainage switch based on the user account information and the preset remote control component, and executing network configuration operation on the drainage switch based on the remote control component and the target interface is adopted. And further, the technical problems of low efficiency, easy error and higher maintenance cost caused by manually carrying out network configuration on the drainage switch in the related technology are solved.
In one or more embodiments, the performing network configuration operations on the drainage switch based on the remote control component and the target interface includes:
acquiring network configuration parameters corresponding to the target interface from the drainage switch based on the remote control component;
and under the condition that the network configuration parameters of the secure resource pool are detected to be inconsistent with the network configuration parameters in the drainage switch, issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component.
Specifically, in the embodiment of the present application, after the network configuration parameters of the above-mentioned drainage switch are changed, for example, in the secure resource pool, the network configuration parameters corresponding to the target interface are obtained from the drainage switch through the remote control component, the network configuration parameters stored in the secure resource pool are compared with the network configuration parameters in the drainage switch, and if the two parameters are inconsistent, the network configuration parameters stored in the secure resource pool are issued to the drainage switch through the above-mentioned remote control component, so as to replace the network configuration parameters in the drainage switch. By the technical means, network configuration operation of the drainage switch can be realized without manually logging in the drainage switch, the efficiency of network configuration is obviously improved, and the problem of configuration errors caused by complicated configuration processes is solved.
In one or more embodiments, the obtaining, based on the remote control component, the network configuration parameter from the drainage switch includes:
acquiring network address information from an access control list of the drainage switch based on the remote control component; wherein the network address information includes a service IP address for providing a security service, an IP address of a virtual route located in the secure resource pool, and an IP address of a drainage switch;
The step of issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component under the condition that the network configuration parameters of the secure resource pool and the network configuration parameters in the drainage switch are detected to be inconsistent, comprises the following steps:
and under the condition that the network address information in the secure resource pool and the network address information in the drainage switch are detected to be inconsistent, the current network address information in the secure resource pool is issued to the drainage switch based on the remote control component.
Specifically, in the embodiment of the present application, the access control list of the drainage switch includes, but is not limited to, a service IP address for providing a security service, an IP address of a virtual route located in the security resource pool, and an IP address of the drainage switch, after the remote control component obtains each IP address from the access control list of the drainage switch, the remote control component compares each IP address with network address information in the security resource pool, and if it is determined that the IP addresses are inconsistent after the comparison, the remote control component issues current network address information in the security resource pool to the drainage switch. Or, the inconsistent IP addresses are independently issued to the drainage switch, and the IP addresses corresponding to the access control list of the drainage switch are updated.
In one or more embodiments, the obtaining, based on the remote control component, the network configuration parameter from the drainage switch further comprises:
acquiring a flow classification rule from the drainage switch based on the remote control component; the flow classification rule is used for classifying the message flow entering the drainage switch based on the target interface according to a preset rule and characteristics;
the step of issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component under the condition that the network configuration parameters of the secure resource pool and the network configuration parameters in the drainage switch are detected to be inconsistent, comprises the following steps:
and under the condition that the flow classification rule in the secure resource pool is detected to be inconsistent with the flow classification rule in the drainage switch, issuing the current flow classification in the secure resource pool to the drainage switch based on the remote control component.
In one or more embodiments, the flow classification rule includes: classifying the message flow based on at least one of a source address of the message flow, a destination address of the message flow, an IP protocol of the message flow and a port number of an application program corresponding to the message flow, to obtain at least one class of message flow.
In one or more embodiments, the obtaining, based on the remote control component, the network configuration parameter from the drainage switch further comprises:
obtaining flow behavior from the drainage switch based on the remote control component; the flow control action is used for taking a message flow entering the drainage switch based on the target interface, and comprises setting a next hop of the message entering the drainage switch as an IP address of the virtual route;
the step of issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component under the condition that the network configuration parameters of the secure resource pool and the network configuration parameters in the drainage switch are detected to be inconsistent, comprises the following steps:
in the event that a popularity in the secure resource pool is detected to be inconsistent with the popularity in the drainage switch, issuing a current popularity in the secure resource pool to the drainage switch based on the remote control component.
Specifically, in the embodiment of the application, the popularity comprises the flow control action on the data flow, and the flow control action comprises, but is not limited to, network configuration operation on the characteristics of flow supervision, flow shaping, nesting strategy, marking, queue scheduling, congestion avoidance and the like, so that not only can the effective control on the message data flow be realized, but also the reasonable distribution of network resources can be realized.
In one or more embodiments, the obtaining, based on the remote control component, the network configuration parameter from the drainage switch further comprises:
obtaining a flow strategy from the drainage switch based on the remote control component; wherein the flow policy is a rule that associates the flow classification rule with the popularity;
the method further comprises the steps of: inquiring whether the target interface applies the streaming strategy or not, and executing the configuration operation of the streaming strategy according to the inquiring result.
Specifically, in the embodiment of the present application, assuming that the defined flow classification rule has 3 sets of rules and the flow has 5 flow control actions, the flow policy may include any combination of the 3 sets of rules and the 5 flow control actions.
In one or more embodiments, the performing the configuration operation of the flow policy according to the query result includes:
issuing a target flow policy to the drainage switch based on the remote control component under the condition that the query result indicates that the target interface does not apply the flow policy, so that the target interface applies the flow policy;
judging whether the flow strategy is consistent with the target flow strategy or not under the condition that the query result indicates that the target interface has applied the flow strategy;
And in the case that the flow strategy is inconsistent with the target flow strategy, issuing the target flow strategy to the drainage switch based on the remote control component.
In one or more embodiments, before the performing a network configuration operation on the drainage switch based on the remote control component and the target interface, the method further comprises:
inputting network change parameters into the secure resource pool, and acquiring an instruction subset corresponding to the remote control component based on the network change parameters;
and executing network configuration operation on the drainage switch through the remote control component according to the instruction subset, so that the target interface correspondingly configures the network change parameters.
Specifically, in the embodiment of the present application, the network configuration may be directly performed on the drainage switch in the secure resource pool, for example, the IP address of the drainage switch needs to be changed, and only the changed IP address needs to be input into the IP address modification frame of the secure resource pool, the secure resource pool obtains the instruction subset corresponding to the remote control component according to the changed IP address, and configures the changed IP address corresponding to the target interface through the remote control component according to the instruction subset.
In one or more embodiments, the network configuration method of the switch further includes:
periodically detecting whether the network configuration information in the secure resource pool is consistent with the network configuration information in the drainage switch;
and if not, transmitting the changed network configuration parameters in the secure resource pool to the drainage switch based on the remote control component.
In the embodiment of the application, the network configuration information in the secure resource pool and the network configuration information in the drainage switch are periodically and automatically detected to be consistent, so that the drainage can be automatically and conveniently carried out
The network configuration information of the switch is checked in time, so that the normal operation of the drainage service is ensured.
In one or more embodiments, before the logging in the drainage switch based on the user account information and a preset remote control component, the method includes:
and encrypting the account information in the secure resource pool to obtain encrypted account information.
Specifically, in the embodiment of the application, in order to ensure the security of the account information in the drainage switch, the account information in the drainage switch is encrypted by a symmetric encryption or asymmetric encryption mode, or by a salt encryption mode or the like.
The logging in the drainage switch based on the user account information and a preset remote control component comprises the following steps:
and the remote control component decrypts the received encrypted account information, acquires the account information, and logs in the drainage switch according to the account information.
Based on the above embodiment, in an application embodiment, referring to fig. 3 and fig. 5, the method for configuring drainage of the switch further includes the following steps:
the secure resource pool records user account information of the drainage switch, and after the user account information is maintained by the resource pool, the resource pool can interact with the drainage switch through the paramiko.
The interface G1 for connecting the drainage switch and the core switch is recorded in a safety resource pool, and the protection type safety service flow of the safety resource pool is required to be configured on the port of the drainage switch G1.
The secure resource pool maintains the service IP that the user needs to secure. The security-protected traffic may be one or more segments or may be multiple independent discontinuous IPs.
Traffic IP, virtual routing IP, and changes to the traffic switch IP all require reconfiguration of the traffic. The resource pool configures the network information for drainage to the switch by periodically and automatically detecting or manually clicking a configuration button after being modified by an operation and maintenance personnel to enter a flow of configuring drainage information to the switch.
Such as: the user or the operation and maintenance personnel needs to add the protection service, the service IP can be realized only by adding the service IP in the resource pool, and the security resource pool can call the remote control assembly to automatically complete the configuration of the added service IP. The user or the operation and maintenance personnel do not need to perform multiple complex configurations on the switch.
Based on the above embodiment, in an application embodiment, referring to fig. 3 and fig. 6, the method for configuring drainage of the switch further includes the following steps:
the IP configured in the drainage ACL (Access Control List ) in the drainage switch is queried.
And comparing and monitoring the IP with the service IP maintained in the safety resource pool, and if the IP is inconsistent with the service IP maintained in the safety resource pool, issuing the service IP maintained in the safety resource pool to a drainage switch to complete configuration of the ACL.
Inquiring whether the drainage switch flow classification contains a corresponding ACL or not; if not, the flow class is configured or modified such that the flow class contains the corresponding ACL described above.
Query whether the switch popularity is configured with the resource pool (the next hop is a virtual routing IP address), and if not, configure or modify the flow behavior.
And inquiring whether the flow strategy of the switch contains corresponding popularity and flow classification, and modifying or configuring if no or corresponding relation is inconsistent with the upper-layer service.
And inquiring whether the flow strategy is applied to the switch interface G1 or whether the applied flow strategy is consistent with the expected one, and configuring and modifying if the applied flow strategy is not consistent with the expected one.
When the above operations are all completed, it is determined that the configuration task is completed.
The above processes are all completed in the resource pool, so that the configuration of operation and maintenance personnel or users on the switch can be intuitively seen, the error probability is reduced, and the configuration efficiency is improved.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present invention is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present invention. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present invention.
According to another aspect of the embodiment of the present invention, there is also provided a switch configuration apparatus for implementing the switch configuration method described above. As shown in fig. 7, the apparatus includes:
A first storage unit 702, configured to store user account information of a drainage switch to a secure resource pool, where the drainage switch is connected to the secure resource pool and a core switch, respectively, the user account information includes account information of a user having management authority of the drainage switch, and the drainage switch is configured to drain a service packet output by the core switch and used for providing a secure service into the secure resource pool;
a second storage unit 704, configured to store network configuration information of a connection interface to the secure resource pool and the drainage switch synchronously, where the network configuration information of the connection interface is used to instruct the drainage switch to connect to a target interface of the core switch and a network configuration parameter corresponding to the target interface;
a login unit 706, configured to login to the drainage switch based on the user account information and a preset remote control component, and determine the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch;
a configuration unit 708 for performing a network configuration operation on the drainage switch based on the remote control component and the target interface.
In the embodiment of the invention, the method of storing the account information of the drainage switch and the network configuration information of the target interface into the secure resource pool, logging in the drainage switch based on the user account information and the preset remote control component, and executing network configuration operation on the drainage switch based on the remote control component and the target interface is adopted. And further, the technical problems of low efficiency, easy error and higher maintenance cost caused by manually carrying out network configuration on the drainage switch in the related technology are solved.
In one or more embodiments, the configuration unit 708 includes:
the acquisition module is used for acquiring network configuration parameters corresponding to the target interface from the drainage switch based on the remote control component;
and the first issuing module is used for issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component under the condition that the network configuration parameters of the secure resource pool are detected to be inconsistent with the network configuration parameters in the drainage switch.
In one or more embodiments, the acquisition module includes:
a first obtaining subunit, configured to obtain, based on the remote control component, network address information from an access control list of the drainage switch; wherein the network address information includes a service IP address for providing a security service, an IP address of a virtual route located in the secure resource pool, and an IP address of a drainage switch;
the issuing module comprises:
and the first issuing subunit is used for issuing the current network address information in the secure resource pool to the drainage switch based on the remote control component under the condition that the network address information in the secure resource pool and the network address information in the drainage switch are detected to be inconsistent.
In one or more embodiments, the acquisition module further includes:
a second obtaining subunit, configured to obtain a flow classification rule from the drainage switch based on the remote control component; the flow classification rule is used for classifying the message flow entering the drainage switch based on the target interface according to a preset rule and characteristics;
above-mentioned issuing module still includes:
And the second issuing subunit issues the current flow classification in the secure resource pool to the drainage switch based on the remote control component under the condition that the flow classification rule in the secure resource pool and the flow classification rule in the drainage switch are detected to be inconsistent.
In one or more embodiments, the flow classification rule includes:
classifying the message flow based on at least one of a source address of the message flow, a destination address of the message flow, an IP protocol of the message flow and a port number of an application program corresponding to the message flow, to obtain at least one class of message flow.
In one or more embodiments, the acquisition module further includes:
a third acquisition subunit, configured to acquire a flow behavior from the drainage switch based on the remote control component; the flow control action is used for taking a message flow entering the drainage switch based on the target interface, and comprises setting a next hop of the message entering the drainage switch as an IP address of the virtual route;
the issuing module further comprises:
and a third issuing subunit, configured to issue, based on the remote control component, a current popularity in the secure resource pool to the drainage switch, if it is detected that the popularity in the secure resource pool is inconsistent with the popularity in the drainage switch.
In one or more embodiments, the acquisition module further includes:
a fourth obtaining subunit, configured to obtain a flow policy from the drainage switch based on the remote control component; wherein the flow policy is a rule that associates the flow classification rule with the popularity;
the switch configuration device further includes: and the query execution unit is used for querying whether the stream policy is applied to the target interface or not, and executing the configuration operation of the stream policy according to the query result.
In one or more embodiments, the query execution unit includes:
the second issuing module is used for issuing a target flow strategy to the drainage switch based on the remote control component under the condition that the query result indicates that the target interface does not apply the flow strategy, so that the target interface applies the flow strategy;
the judging module is used for judging whether the flow strategy is consistent with the target flow strategy or not under the condition that the query result indicates that the target interface has applied the flow strategy;
and the third issuing module is used for issuing the target flow strategy to the drainage switch based on the remote control component under the condition that the flow strategy is inconsistent with the target flow strategy.
In one or more embodiments, the switch configuration device further includes:
an input obtaining unit, configured to input a network change parameter to the secure resource pool, and obtain a subset of instructions corresponding to the remote control component based on the network change parameter;
and the configuration unit is used for executing network configuration operation on the drainage switch through the remote control component according to the instruction subset so as to enable the target interface to correspondingly configure the network change parameters.
In one or more embodiments, the switch configuration device further includes:
the monitoring unit is used for periodically monitoring whether the network configuration information of the target interface stored in the secure resource pool is changed or not;
and the issuing unit is used for issuing the changed network configuration parameters in the secure resource pool to the drainage switch based on the remote control component.
In one or more embodiments, the switch configuration device further includes:
the encryption unit is used for encrypting the account information in the secure resource pool to obtain encrypted account information;
the login unit 706 includes: and the decryption login unit is used for decrypting the encrypted account information and logging in the drainage switch based on the remote control assembly according to the decrypted account information.
According to still another aspect of the embodiment of the present application, there is further provided an electronic device for implementing the switch configuration method, where the electronic device may be a terminal device or a server shown in fig. 1, and the server may be a cloud server. The present embodiment is described taking the electronic device as a server as an example. As shown in fig. 8, the electronic device comprises a memory 802 and a processor 804, the memory 802 having stored therein a computer program, the processor 804 being arranged to perform the steps of any of the method embodiments described above by means of the computer program.
Alternatively, in this embodiment, the electronic device may be located in at least one network device of a plurality of network devices of the computer network.
Alternatively, in the present embodiment, the above-described processor may be configured to execute the following steps by a computer program:
s1, storing user account information of a drainage switch into a secure resource pool, wherein the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user with authority for managing the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool;
S2, synchronously storing network configuration information of a connection interface into the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the core switch connected by the drainage switch and network configuration parameters corresponding to the target interface;
s3, logging in the drainage switch based on the user account information and a preset remote control component, and determining the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch;
s4, executing network configuration operation on the drainage switch based on the remote control component and the target interface.
Alternatively, those of ordinary skill in the art will appreciate that the structure shown in FIG. 8 is merely illustrative. Fig. 8 is not limited to the structure of the electronic device described above. For example, the electronic device described above may also include more or fewer components (e.g., network interfaces, etc.) than shown in FIG. 8, or have a different configuration than shown in FIG. 8.
The memory 802 may be used to store software programs and modules, such as program instructions/modules corresponding to the switch configuration method and apparatus in the embodiment of the present application, and the processor 804 executes the software programs and modules stored in the memory 802, thereby performing various functional applications and data processing, that is, implementing the switch configuration method described above. Memory 802 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, memory 802 may further include memory remotely located relative to processor 804, which may be connected to the terminal via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof. The memory 802 may be used for storing, but is not limited to, user account information of the drainage switch, and network configuration information of the connection interface. As an example, as shown in fig. 8, the memory 802 may include, but is not limited to, the first storage unit 702, the second storage unit 704, the login unit 706, and the configuration unit 708 in the switch configuration device. In addition, other module units in the switch configuration device may be included, but are not limited to, and are not described in detail in this example.
Optionally, the transmission means 806 is used to receive or transmit data via a network. Specific examples of the network described above may include wired networks and wireless networks. In one example, the transmission means 806 includes a network adapter (Network Interface Controller, NIC) that can connect to other network devices and routers via a network cable to communicate with the internet or a local area network. In one example, the transmission device 806 is a Radio Frequency (RF) module for communicating wirelessly with the internet.
In addition, the electronic device further includes: a display 808 for displaying network configuration information of the drainage switch; and a connection bus 810 for connecting the respective module parts in the above-described electronic device.
In other embodiments, the terminal device or the server may be a node in a distributed system, where the distributed system may be a blockchain system, and the blockchain system may be a distributed system formed by connecting the plurality of nodes through a network communication. Among them, the nodes may form a Peer-To-Peer (P2P) network, and any type of computing device, such as a server, a terminal, etc., may become a node in the blockchain system by joining the Peer-To-Peer network.
In one or more embodiments, the present application also provides a computer program product or computer program comprising computer instructions stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the switch configuration method described above. Wherein the computer program is arranged to perform the steps of any of the method embodiments described above when run.
Alternatively, in the present embodiment, the above-described computer-readable storage medium may be configured to store a computer program for executing the steps of:
s1, storing user account information of a drainage switch into a secure resource pool, wherein the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user with authority for managing the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool;
S2, synchronously storing network configuration information of a connection interface into the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the core switch connected by the drainage switch and network configuration parameters corresponding to the target interface;
s3, logging in the drainage switch based on the user account information and a preset remote control component, and determining the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch;
s4, executing network configuration operation on the drainage switch based on the remote control component and the target interface.
Alternatively, in this embodiment, it will be understood by those skilled in the art that all or part of the steps in the methods of the above embodiments may be performed by a program for instructing a terminal device to execute the steps, where the program may be stored in a computer readable storage medium, and the storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic or optical disk, and the like.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
The integrated units in the above embodiments may be stored in the above-described computer-readable storage medium if implemented in the form of software functional units and sold or used as separate products. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing one or more computer devices (which may be personal computers, servers or network devices, etc.) to perform all or part of the steps of the method of the various embodiments of the present application.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In several embodiments provided by the present application, it should be understood that the disclosed client may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and are merely a logical functional division, and there may be other manners of dividing the apparatus in actual implementation, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.

Claims (14)

1. A method of configuring a switch, comprising:
storing user account information of a drainage switch into a secure resource pool, wherein the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user with management authority of the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool;
Synchronously storing network configuration information of a connection interface into the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the drainage switch connected with the core switch and network configuration parameters corresponding to the target interface;
logging in the drainage switch based on the user account information and a preset remote control component, and determining the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch;
and performing network configuration operation on the drainage switch based on the remote control component and the target interface.
2. The method of claim 1, wherein the performing a network configuration operation on the drainage switch based on the remote control component and the target interface comprises:
acquiring network configuration parameters corresponding to the target interface from the drainage switch based on the remote control component;
and under the condition that the network configuration parameters of the secure resource pool are detected to be inconsistent with the network configuration parameters in the drainage switch, issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component.
3. The method of claim 2, wherein the obtaining the network configuration parameters from the drainage switch based on the remote control component comprises:
acquiring network address information from an access control list of the drainage switch based on the remote control component; wherein the network address information includes a service IP address for providing a security service, an IP address of a virtual route located in the secure resource pool, and an IP address of a drainage switch;
the step of issuing the current network configuration parameters in the secure resource pool to the drainage switch based on the remote control component under the condition that the network configuration parameters of the secure resource pool and the network configuration parameters in the drainage switch are detected to be inconsistent, comprises the following steps:
and under the condition that the network address information in the secure resource pool and the network address information in the drainage switch are detected to be inconsistent, the current network address information in the secure resource pool is issued to the drainage switch based on the remote control component.
4. The method of claim 3, wherein the obtaining the network configuration parameters from the drainage switch based on the remote control component further comprises:
Acquiring a flow classification rule from the drainage switch based on the remote control component; the flow classification rule is used for classifying the message flow entering the drainage switch based on the target interface according to a preset rule and characteristics;
the method includes the steps that when the fact that the network configuration parameters of the safe resource pool are inconsistent with the network configuration parameters in the drainage switch is detected, the current network configuration parameters in the safe resource pool are issued to the drainage switch based on the remote control component, and the method further includes the steps of:
and under the condition that the flow classification rule in the secure resource pool is detected to be inconsistent with the flow classification rule in the drainage switch, issuing the current flow classification in the secure resource pool to the drainage switch based on the remote control component.
5. The method of claim 4, wherein the flow classification rule comprises:
classifying the message flow based on at least one of a source address of the message flow, a destination address of the message flow, an IP protocol of the message flow and a port number of an application program corresponding to the message flow, to obtain at least one class of message flow.
6. The method of claim 4, wherein the obtaining the network configuration parameters from the drainage switch based on the remote control component further comprises:
Obtaining flow behavior from the drainage switch based on the remote control component; the flow control action is used for taking a message flow entering the drainage switch based on the target interface, and comprises setting a next hop of the message entering the drainage switch as an IP address of the virtual route;
the method includes the steps that when the fact that the network configuration parameters of the safe resource pool are inconsistent with the network configuration parameters in the drainage switch is detected, the current network configuration parameters in the safe resource pool are issued to the drainage switch based on the remote control component, and the method further includes the steps of:
in the event that a popularity in the secure resource pool is detected to be inconsistent with the popularity in the drainage switch, issuing a current popularity in the secure resource pool to the drainage switch based on the remote control component.
7. The method of claim 6, wherein the obtaining the network configuration parameters from the drainage switch based on the remote control component further comprises:
obtaining a flow strategy from the drainage switch based on the remote control component; wherein the flow policy is a rule that associates the flow classification rule with the popularity;
The method further comprises the steps of: inquiring whether the target interface applies the streaming strategy or not, and executing the configuration operation of the streaming strategy according to the inquiring result.
8. The method of claim 7, wherein the performing a configuration operation of a flow policy according to the query result comprises:
issuing a target flow policy to the drainage switch based on the remote control component under the condition that the query result indicates that the target interface does not apply the flow policy, so that the target interface applies the target flow policy;
judging whether the flow strategy is consistent with the target flow strategy or not under the condition that the query result indicates that the target interface has applied the flow strategy;
and in the case that the flow strategy is inconsistent with the target flow strategy, issuing the target flow strategy to the drainage switch based on the remote control component.
9. The method of claim 1, wherein prior to performing a network configuration operation on the drainage switch based on the remote control component and the target interface, further comprising:
inputting network change parameters into the secure resource pool, and acquiring an instruction subset corresponding to the remote control component based on the network change parameters;
And executing network configuration operation on the drainage switch through the remote control component according to the instruction subset, so that the target interface correspondingly configures the network change parameters.
10. The method according to claim 1, wherein the method further comprises:
periodically detecting whether the network configuration information in the secure resource pool is consistent with the network configuration information in the drainage switch;
and if not, transmitting the changed network configuration parameters in the secure resource pool to the drainage switch based on the remote control component.
11. The method of claim 1, wherein prior to logging into the drainage switch based on the user account information and a preset remote control component, comprising:
encrypting the user account information in the secure resource pool to obtain encrypted account information;
the logging in the drainage switch based on the user account information and a preset remote control component comprises the following steps:
decrypting the encrypted account information, and logging in the drainage switch based on the remote control component according to the decrypted user account information.
12. A switch configuration device, comprising:
the first storage unit is used for storing user account information of a drainage switch to a secure resource pool, the drainage switch is respectively connected with the secure resource pool and a core switch, the user account information comprises account information of a user with management authority of the drainage switch, and the drainage switch is used for guiding a service message which is output by the core switch and is used for providing secure service into the secure resource pool;
the second storage unit is used for synchronously storing the network configuration information of the connection interface to the secure resource pool and the drainage switch, wherein the network configuration information of the connection interface is used for indicating a target interface of the core switch connected by the drainage switch and network configuration parameters corresponding to the target interface;
a login unit, configured to login to the drainage switch based on the user account information and a preset remote control component, and determine the target interface according to the network configuration information; the remote control assembly comprises an assembly obtained by packaging an instruction set for carrying out network configuration on the drainage switch;
And the configuration unit is used for executing network configuration operation on the drainage switch based on the remote control component and the target interface.
13. A computer readable storage medium, characterized in that the computer readable storage medium comprises a stored program, wherein the program when run performs the method of any one of claims 1 to 11.
14. An electronic device comprising a memory and a processor, characterized in that the memory has stored therein a computer program, the processor being arranged to execute the method according to any of the claims 1 to 11 by means of the computer program.
CN202310848474.0A 2023-07-12 2023-07-12 Switch configuration method and device, storage medium and electronic equipment Active CN116582424B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310848474.0A CN116582424B (en) 2023-07-12 2023-07-12 Switch configuration method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310848474.0A CN116582424B (en) 2023-07-12 2023-07-12 Switch configuration method and device, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN116582424A true CN116582424A (en) 2023-08-11
CN116582424B CN116582424B (en) 2023-09-05

Family

ID=87536261

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310848474.0A Active CN116582424B (en) 2023-07-12 2023-07-12 Switch configuration method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN116582424B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547437A (en) * 2018-11-23 2019-03-29 北京奇安信科技有限公司 A kind of drainage processing method and processing device in secure resources pond
US20200264593A1 (en) * 2017-12-21 2020-08-20 Parker-Hannifin Corporation Fieldbus controller interface including configuration, monitoring and controlling functionalities
CN112272166A (en) * 2020-09-30 2021-01-26 新华三信息安全技术有限公司 Traffic processing method, device, equipment and machine readable storage medium
CN114629853A (en) * 2022-02-28 2022-06-14 天翼安全科技有限公司 Traffic classification control method based on security service chain analysis in security resource pool
CN115484208A (en) * 2022-09-16 2022-12-16 杭州安恒信息技术股份有限公司 Distributed drainage system and method based on cloud security resource pool

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200264593A1 (en) * 2017-12-21 2020-08-20 Parker-Hannifin Corporation Fieldbus controller interface including configuration, monitoring and controlling functionalities
CN109547437A (en) * 2018-11-23 2019-03-29 北京奇安信科技有限公司 A kind of drainage processing method and processing device in secure resources pond
CN112272166A (en) * 2020-09-30 2021-01-26 新华三信息安全技术有限公司 Traffic processing method, device, equipment and machine readable storage medium
CN114629853A (en) * 2022-02-28 2022-06-14 天翼安全科技有限公司 Traffic classification control method based on security service chain analysis in security resource pool
CN115484208A (en) * 2022-09-16 2022-12-16 杭州安恒信息技术股份有限公司 Distributed drainage system and method based on cloud security resource pool

Also Published As

Publication number Publication date
CN116582424B (en) 2023-09-05

Similar Documents

Publication Publication Date Title
US11218376B2 (en) Algorithmic problem identification and resolution in fabric networks by software defined operations, administration, and maintenance
US10999189B2 (en) Route optimization using real time traffic feedback
US11671331B2 (en) Systems and methods for contextual network assurance based on change audits
Bhat et al. Edge computing and its convergence with blockchain in 5G and beyond: Security, challenges, and opportunities
EP2880829B1 (en) Adaptive infrastructure for distributed virtual switch
Arzo et al. A theoretical discussion and survey of network automation for IoT: Challenges and opportunity
US11509532B2 (en) Switch triggered traffic tracking
US11399283B2 (en) Tenant service set identifiers (SSIDs)
US20200162517A1 (en) Method and apparatus to have entitlement follow the end device in network
CN105683918B (en) Centralized networking configuration in distributed systems
CN112956158B (en) Structural data plane monitoring
US20160294663A1 (en) Extensible analytics and recommendation engine for network traffic data
Alam et al. IoT virtualization: A survey of software definition & function virtualization techniques for internet of things
Kiani A survey on management frameworks and open challenges in IoT
US11121923B2 (en) Automatic provisioning of network components
Gilani et al. SDN-based multi-level framework for smart home services
WO2015120352A1 (en) Universal key performance indicator for the internet of things
CN116582424B (en) Switch configuration method and device, storage medium and electronic equipment
Geetanjali et al. IoTexpert: Interconnection, interoperability and integration of IoT platforms
Yassein et al. Combining software-defined networking with Internet of Things: Survey on security and performance aspects
CN108933707B (en) Safety monitoring system and method for industrial network
Fernández et al. Application of multi-pronged monitoring and intent-based networking to verticals in self-organising networks
CN112787947B (en) Network service processing method, system and gateway equipment
KR102385707B1 (en) SDN network system by a host abstraction and implemented method therefor
Lazaridis et al. On the potential of sdn enabled network deployment in tactical environments

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant