CN202261807U - Network security wireless router - Google Patents
Network security wireless router Download PDFInfo
- Publication number
- CN202261807U CN202261807U CN201120365463XU CN201120365463U CN202261807U CN 202261807 U CN202261807 U CN 202261807U CN 201120365463X U CN201120365463X U CN 201120365463XU CN 201120365463 U CN201120365463 U CN 201120365463U CN 202261807 U CN202261807 U CN 202261807U
- Authority
- CN
- China
- Prior art keywords
- module
- processing unit
- processing module
- user
- access interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The utility model discloses a network security wireless router comprising a central processing unit, a storage, an RF module, a wired user access interface, an internet access interface and a DC-DC module, wherein the storage, the RF module, the wired user access interface and the internet access interface are respectively connected with the central processing unit; the DC-DC module is respectively connected with the central processing unit and the storage; a data processing unit is arranged in the central processing unit for separating an external user side from an internal user side access path; and the data processing unit is respectively connected with the RF module, the wired user access interface and the internet access interface. The network security wireless router has the advantages of effectively switching off the path that the external staff accesses the intranet through a router, effectively guaranteeing the security for the intranet, and improving the practical value of the router on the premise of guaranteeing normal access network.
Description
Technical field
The utility model relates to a kind of router, specifically, relates to a kind of network security wireless router.
Background technology
Along with interfirm cooperation exchange frequent, many businesspersons all can carry notebook computer and visit to enterprise so that better cooperation communication and work exchange, this just relates to the needs that the client uses enterprise network.For satisfying the business demand and this enterprise information security between enterprise, enterprise network management at this moment just need reach two requirements, and the one, the client is access internet and the company of use PRN device easily; The 2nd, for guaranteeing the information security of enterprise, the client can not the visited company Intranet.
But; Traditional wireless or wiring logging-on function mode is if reach the purpose of not allowing the guest access corporate intranet; Need realize the promptly time-consuming operating efficiency that influences again through the firewall rule of complicacy to each client IP through each visiting guest is provided with IP separately.Also have or not circuit many SSID function to be arranged at present, let wireless terminal network with different security authentication and cipher mode by utensil, but the router product that wireless client and corporate intranet are isolated.
The utility model content
The purpose of the utility model is to provide a kind of network security wireless router; Utilize router interior structure control user's access path; Solve the safety problem that is difficult to guarantee local area network (LAN) when the guest utilizes the Intranet access internet; When guaranteeing guest's normal access the Internet, avoid the guest to get into enterprises lan, guarantee that it is perfectly safe.
To achieve these goals, the technical scheme of the utility model employing is following:
The network security wireless router; Comprise central processing unit; The memory that is connected with central processing unit respectively, RF module, wire user access interface and the Internet access interface; The DC-DC module that is connected with central processing unit, memory respectively, said central processing unit inside are provided with the data processing unit that is used for isolating exterior user side and internal user end access path, and this data processing unit is connected with RF module, wire user access interface and the Internet access interface respectively.
Specifically; Said data processing unit comprises accessing wirelessly control module, internal wireless user processing module, external wireless user processing module; Inner wire user processing module; This accessing wirelessly control module is connected on the RF module through being arranged at the outside wireless modular converter of data processing unit; Be connected on the Internet access interface through internal wireless user processing module, external wireless user processing module respectively, or/and be connected on the wire user access interface through internal wireless user processing module, inner wire user processing module respectively.
Say that further said memory comprises RAM memory and ROM memory.
Say that further said wire user access interface is the LAN ethernet port, the Internet access interface is the WAN ethernet port.Wherein, Be provided with lan switch module between LAN ethernet port and the inner wire user processing module, be provided with WAN module between WAN ethernet port and inner wire user processing module, internal wireless user processing module, the external wireless user processing module.
Say further again; Use and the irrelevant associated external USB device of corporate secret for the ease of the guest; Also be provided with the USB module that is used to connect external USB equipment in the said central processing unit, this USB module is connected with inner wire user processing module, internal wireless user processing module, external wireless user processing module respectively.Said external USB equipment such as printer, scanning machine etc.
The design principle of the utility model: through improvement to router; In conjunction with the WPA2-PSK cipher mode, the access path of external user and the access path of internal user are kept apart fully, after the type of judges; The control external user can only pass through its corresponding access path access internet; Or use external USB equipment such as printer, and can not visit the local area network (LAN) of enterprises, thereby avoid the network security problem that causes secret to reveal because of the guest access enterprises lan.
The utility model has not only been isolated the path of external wireless user capture the Internet; Guarantee the fail safe of enterprises lan, meanwhile, also kept the basic function of router; Be the regular situation that the enterprises personnel visit local area network (LAN) or the Internet: inner wire user termination is gone into wireless router when connecing; Through lan switch module connection request is sent to inner wire user processing module, access internal local area network (LAN) and external USB equipment, even through the WAN module access internet.
In the utility model, the branch of so-called outside and inside for user side, is meant enterprises personnel and visiting guest's branch; For network, be meant the local area network (LAN) of enterprises and the branch of the Internet.The non-personnel of our company that so-called guest's network SSID is meant accessed enterprise, interchange used SSID when utilizing our company access to netwoks the Internet, and owner's network SSID is meant SSID used when the internal staff of our company utilizes our company's access to netwoks internal lan or the Internet.
Compared with prior art, the utlity model has following beneficial effect:
1. the utility model is controlled the path of guest access network effectively, and the safety problem of internal lan when having solved the guest access network is the big technological innovation of one on the network security technology, for a new way has been opened up in the development of industry.
2. the utility model has been realized the normal access of guest to the Internet when guaranteeing enterprise network security, and to the normal use of outside USB device, thus carrying out smoothly of having guaranteed that the guest exchanges with enterprise.
3. the utility model adopts a router to realize the function of two routers; The perfection that is a tractor serves several purposes embodies, and is not merely enterprise and has practiced thrift cost, has also avoided for the guest IP, gateway supervisor being set specially; Simplify the flow process of accesses network greatly, improved operating efficiency.
The utility model is mainly used in the local area network (LAN) of enterprises, has very high practical and popularizing value.
Description of drawings
Fig. 1 is the system block diagram of the utility model-embodiment.
Fig. 2 is the schematic flow sheet of the utility model-embodiment.
Embodiment
Below in conjunction with accompanying drawing and embodiment the utility model is described further.
Like Fig. 1, shown in Figure 2, the network security wireless router mainly is made up of three access path, and concrete condition is following:
One. inner wire user is visited local area network (LAN), external USB equipment or the Internet
The main hardware equipment of access path comprises: lan switch module, inner wire user processing module, USB module and WAN module.User access path: inner wire user end sends connection request through the LAN ethernet port to lan switch module; Lan switch module transfers to inner wire user processing module with connection request; According to the request target MAC (Media Access Control) address, connect with external USB equipment, perhaps connect with internal lan; Perhaps go to WAN module, connect through WAN ethernet port and the Internet.
Two. internal wireless user capture local area network (LAN), external USB equipment or the Internet
The main hardware equipment of access path comprises: RF module, wireless modular converter, accessing wirelessly control module, internal wireless user processing module, USB module and WAN module.User access path: the internal wireless user side sends to wireless modular converter through the RF module with connection request; Wireless modular converter converts wireless signal to network signal; Transfer to the accessing wirelessly control module then, the accessing wirelessly control module transfers to internal wireless user processing module with request, according to the request target MAC (Media Access Control) address; Connect with external USB equipment; Perhaps go to WAN module, connect through WAN ethernet port and the Internet then, perhaps go to inner wire user processing module and internal lan and connect.
Above-mentioned two kinds of situation are the owner's network access path described in the utility model.
Three. external wireless user capture the Internet or external USB equipment
The main hardware equipment of access path comprises: RF module, wireless modular converter, accessing wirelessly control module, external wireless user processing module, USB module and WAN module.User access path: the external wireless user side sends to wireless modular converter through the RF module with connection request; Wireless modular converter converts wireless signal to network signal; Transfer to the accessing wirelessly control module then, the accessing wirelessly control module will ask to be sent to WAN module through external wireless user processing module, again according to the request target MAC (Media Access Control) address; Connect with the Internet, perhaps connect with external USB equipment.
This kind situation is the guest's network access path described in the utility model.
In above-mentioned three kinds of situation, except the hardware device of access path, also need guarantee other equipment of router operate as normal, main promising system provides the DC-DC module of power supply, and RAM memory and ROM memory that data storage function is provided.Wherein, the DC-DC module connects RF module, RAM memory, ROM memory respectively, and the central processing unit of being made up of data processing unit, wireless modular converter, USB module, lan switch module and WAN module; Said data processing unit is made up of accessing wirelessly control module, internal wireless user processing module, inner wire user processing module and external wireless user processing module; Its function is: under the situation that guarantees the network normal access; Realize the isolation of different user end access path in the utility model, reach the purpose of restriction guest access internal lan.
The concrete course of work of the utility model is following:
At first start the DC-DC module, make whole router in running order.After user side sends connection request; Router at first judge this request be through network connection transmission or through wireless network transmissions; If transmit through network connection; Then connection request is sent to lan switch module through the LAN ethernet port, and then is transferred to inner wire user processing module.If the target MAC (Media Access Control) address of this connection request is the Internet, then connection request is sent to WAN module, connect through WAN ethernet port and the Internet, realize visit to the Internet; Otherwise, then directly and internal lan or external USB equipment connect.
If connection request by wireless network transmissions, then is sent to wireless modular converter through the RF module with connection request, wireless modular converter converts wireless signal to network signal, sends to the accessing wirelessly control module.MAC Address and the MAC Address of guest's network SSID that the accessing wirelessly control module will be sent the user side of connection request compare; If identical, judge that then the user side that sends connection request is the external wireless user side, at this moment; The accessing wirelessly control module is sent to WAN module through external wireless user processing module with connection request; WAN module judges whether this purpose of connecting MAC Address is internal lan, if then abandon data; Otherwise, then connect with the Internet or external USB equipment.If it is inequality to send the MAC Address of MAC Address and guest's network SSID of user side of connection request; Judge that then the user side that sends connection request is the internal wireless user side; At this moment; The accessing wirelessly control module is sent to internal wireless user processing module with connection request, and according to the target MAC (Media Access Control) address of connection request, connects with internal lan, external USB equipment or the Internet.
According to the foregoing description, just can realize the utility model well.The foregoing description is merely the optimum embodiment of the utility model, and the protection range of the utility model includes but not limited to the foregoing description.
Claims (3)
1. network security wireless router; Comprise central processing unit; The memory that is connected with central processing unit respectively, RF module, wire user access interface and the Internet access interface; The DC-DC module that is connected with central processing unit, memory respectively; It is characterized in that said central processing unit inside is provided with the data processing unit that is used for isolating exterior user side and internal user end access path, this data processing unit is connected with RF module, wire user access interface and the Internet access interface respectively;
Said data processing unit comprises accessing wirelessly control module, internal wireless user processing module, external wireless user processing module; Inner wire user processing module; This accessing wirelessly control module is connected on the RF module through being arranged at the outside wireless modular converter of data processing unit; Be connected on the Internet access interface through internal wireless user processing module, external wireless user processing module respectively, or/and be connected on the wire user access interface through internal wireless user processing module, inner wire user processing module respectively;
Said memory comprises RAM memory and ROM storage module;
Said wire user access interface is the LAN ethernet port, and the Internet access interface is the WAN ethernet port.
2. network security wireless router according to claim 1; It is characterized in that; Be provided with lan switch module between said LAN ethernet port and the inner wire user processing module, be provided with WAN module between WAN ethernet port and inner wire user processing module, internal wireless user processing module, the external wireless user processing module.
3. according to the arbitrary described network security wireless router of claim 1-2; It is characterized in that; Also be provided with the USB module that is used to connect external USB equipment in the said central processing unit, this USB module is connected with inner wire user processing module, internal wireless user processing module, external wireless user processing module respectively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201120365463XU CN202261807U (en) | 2011-09-28 | 2011-09-28 | Network security wireless router |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201120365463XU CN202261807U (en) | 2011-09-28 | 2011-09-28 | Network security wireless router |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN202261807U true CN202261807U (en) | 2012-05-30 |
Family
ID=46122981
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201120365463XU Expired - Fee Related CN202261807U (en) | 2011-09-28 | 2011-09-28 | Network security wireless router |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN202261807U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103607372A (en) * | 2013-08-19 | 2014-02-26 | 深信服网络科技(深圳)有限公司 | Authentication method and device for network access |
-
2011
- 2011-09-28 CN CN201120365463XU patent/CN202261807U/en not_active Expired - Fee Related
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103607372A (en) * | 2013-08-19 | 2014-02-26 | 深信服网络科技(深圳)有限公司 | Authentication method and device for network access |
| CN103607372B (en) * | 2013-08-19 | 2016-12-28 | 深信服网络科技(深圳)有限公司 | The authentication method of network insertion and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102006684B (en) | Wireless router with guest network function and implementation method thereof | |
| CN110971515A (en) | Intelligent Internet of things gateway and Internet of things system based on same | |
| CN102833605A (en) | Network television system with routing function | |
| CN101854732A (en) | Method for accessing wired Ethernet through WiFi wireless network | |
| CN209201095U (en) | A kind of accessing wirelessly access device | |
| CN202617367U (en) | Wireless transmission module | |
| CN202285423U (en) | Intelligent set top box | |
| CN108681287A (en) | Intelligent lifter system and its control method | |
| CN106375204A (en) | Intelligent gateway system and operation method thereof | |
| CN106533934B (en) | A kind of borde gateway suitable for interconnecting manufacture network entirely | |
| CN102833137A (en) | Digital home system based on intelligent gateway | |
| CN201854437U (en) | Wireless router with client network function | |
| CN202261807U (en) | Network security wireless router | |
| CN109150704A (en) | A kind of gateway for Internet of Things Network Communication | |
| CN104065689A (en) | Broadband wireless access sharing and advertising method | |
| CN107770060A (en) | A kind of things-internet gateway system based on wire and wireless integration technology | |
| CN206894676U (en) | A kind of things-internet gateway realized 6LowPAN and mutually changed with multi-protocols | |
| CN105139501A (en) | Intelligent door opening method based on wireless communication network | |
| CN209543334U (en) | A kind of medical device data communication system | |
| CN202600790U (en) | Staff management device based on wireless fidelity (Wi-Fi) technology and intelligent terminal thereof | |
| CN201414136Y (en) | Intelligent double-network framework household network system | |
| CN202513948U (en) | Master-slave mode protocol conversion gateway from Ethernet to ProfiBus decentralized periphery (PROFIBUS-DP) | |
| CN203166971U (en) | Networking-behavior management router for instant communication | |
| CN105491690A (en) | Embedded wireless intelligent home gateway based on ARM9 | |
| CN202663420U (en) | Remote network management system based on ZigBee communication protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120530 Termination date: 20130928 |