CN202652258U - Network security device - Google Patents
Network security device Download PDFInfo
- Publication number
- CN202652258U CN202652258U CN 201220296992 CN201220296992U CN202652258U CN 202652258 U CN202652258 U CN 202652258U CN 201220296992 CN201220296992 CN 201220296992 CN 201220296992 U CN201220296992 U CN 201220296992U CN 202652258 U CN202652258 U CN 202652258U
- Authority
- CN
- China
- Prior art keywords
- bypass
- security device
- network security
- network
- controller
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The utility model discloses a network security device. The network security device comprises a mainboard controller, a network interface bypass, a bypass power supply, a bypass controller which is connected with the bypass power supply and the mainboard controller respectively, and a switch module which is disposed on the network interface bypass and is connected with the bypass controller. According to the network security device, a problem that data packet loss can easily happen to network security devices in the prior art is solved, and accordingly an effect of improving the security of the network security device is achieved.
Description
Technical field
The utility model relates to network communication field, in particular to a kind of Network Security Device.
Background technology
Network Security Device generally is to be applied between two or more network application layers, in order to reach the control effect, avoid occurring between the network system node failure, Network Security Device generally also is provided with network interface bypass (Bypass), when Network Security Device breaks down, rely on the network interface bypass automatically to recover original link of network, guarantee the normal operation of network.The network interface bypass increases time-delay relay at network interface card exactly, in case Network Security Device occurs unusually then starting the network interface bypass, so that the network equipment normally moves.
The effect of bypass has: main protection prevents that disparate networks serial connection gateway device from becoming Single Point of Faliure because of accident inefficacy (such as hardware fault, power failure, software deadlock etc.); or when carrying out upgrade maintenance, these gateway devices provide favourable help; avoided switching time delays and the network O﹠M difficult management of bringing because network is manual, become the indispensable solution of network high availability operational support.
What the realization bypass functionality mainly used is relay, the relay that connects two network interface bypasses has been shown in Fig. 1 to be illustrated as example, when control bypass work, switch in the relay will be jumped 1 the state that pushes, be about on the RJ45 interface of LAN1 Rx directly and the RJ45 Tx conducting of LAN2, and when controlling the bypass inoperative, switch will be conducting on 2, by with upper type, realized that Network Security Device is by communication between network interface bypass realization network.
At present, the general application principle of network interface bypass is: on hardware view, what the realization bypass functionality mainly used is relay.These relays mainly connect each network interface holding wire of two network interface bypasses, system by between the control relay mutually the connection of contact realize conducting between the network, particularly, in the situation of Network Security Device outage, network interface bypass open mode, after Network Security Device powers on, taken over the control operation of equipment by the BIOS system of Network Security Device, behind the BIOS system adapter equipment, bypass still is in open mode, then the OS system of Network Security Device starts, and after the OS system starts, generally can carry out universal input output (General Purpose Input Output, abbreviation GPIO) bypass procedure, with the closed conducting of bypass, can bypass just can play a role like this, realize that two or more networks are set up communication to be connected.
Can find out from the operation principle of above network interface bypass, in whole safety means start-up course, can cause hardly the disconnection of network, only take over the time in this short 2-3 second network is disconnected at the device just BIOS that powers on, even if disconnecting, the network of this 2-3 seconds in secure communication of network, has very large hidden danger, have the risk that loss of transmitted data occurs, the packet loss phenomenon occurs.And, in the prior art when network bypass is controlled, it generally is the disconnection meeting conducting of controlling bypass by GPIO and Watchdog dual mode, because this dual mode all is that the GPIO port is operated, then come the relay on the control hardware to do corresponding redirect by the GPIO port, specify, realize the redirect of relay by the displacement of the GPIO port being carried out high-low level, illustrate, if the GPIO port is set to high level, relay just jumps to position 1 accordingly so, if the GPIO port has been set to low level, then relay just jumps to position 2.Since after powering on, the self check of Network Security Device complete machine, and the function of GPIO port section all is in initialized state, during this period of time, bypass can't be implemented function, and this just so that there is very large hidden danger in secure communication of network, has the risk that loss of data occurs; Simultaneously, because watchdog part can not independently be controlled every pair of bypass, this just brings restriction in the use to the user, can not be arranged flexibly.
The problem of data packet loss occurs easily for Network Security Device in the correlation technique, not yet propose at present effective solution.
The utility model content
Main purpose of the present utility model is to provide a kind of Network Security Device, the problem of data packet loss occurs easily with Network Security Device in the solution prior art.
To achieve these goals, according to an aspect of the present utility model, provide a kind of Network Security Device, having comprised: the mainboard controller; The network interface bypass; Bypass supply; Bypass controller is connected respectively with the mainboard controller with bypass supply; And switch module, be arranged in the network interface bypass, and be connected with bypass controller.
Further, the supply power voltage of bypass controller is 3.3V.
Further, bypass controller comprises a plurality of GPIO ports.
Further, bypass controller comprises the first memory module, is used for the control program of storage network interface bypass.
Further, the mainboard controller comprises the second memory module, is used for the call function of storage control program.
Further, switch module is relay module, and the tip side of relay module is arranged in the network interface bypass, and the control end of relay module is connected with bypass controller.
By the utility model, adopt the Network Security Device that comprises following structure: the mainboard controller; The network interface bypass; Bypass supply; Bypass controller is connected respectively with the mainboard controller with bypass supply; And switch module, be arranged in the network interface bypass, and be connected with bypass controller, by the break-make that the bypass controller that is independent of the mainboard controller is controlled the network interface bypass is set in Network Security Device, the system that realized powers on and namely controls, need not initialization and wait for, solved that the problem of data packet loss appears in Network Security Device easily in the prior art, and then reached the effect that improves the fail safe of Network Security Device.
Description of drawings
The accompanying drawing that consists of the application's a part is used to provide further understanding of the present utility model, and illustrative examples of the present utility model and explanation thereof are used for explaining the utility model, do not consist of improper restriction of the present utility model.In the accompanying drawings:
Fig. 1 is the schematic diagram according to the relay of the Network Security Device of correlation technique;
Fig. 2 is the schematic diagram according to the Network Security Device of the utility model embodiment;
Fig. 3 is the connection diagram of Network Security Device in communication network according to the utility model embodiment; And
Fig. 4 is the schematic diagram according to the bypass mode of the Network Security Device of the utility model embodiment.
Embodiment
Need to prove that in the situation of not conflicting, embodiment and the feature among the embodiment among the application can make up mutually.Describe below with reference to the accompanying drawings and in conjunction with the embodiments the utility model in detail.
The utility model embodiment provides a kind of Network Security Device, below Network Security Device that the utility model embodiment is provided be specifically introduced.
Fig. 2 is the schematic diagram according to the Network Security Device of the utility model embodiment, and as shown in Figure 2, the Network Security Device of this embodiment comprises mainboard controller 10, bypass controller 20, bypass supply 30, network interface bypass 40 and switch module 41.
Particularly, in the Network Security Device in the utility model embodiment, bypass controller 20 is for being independent of the microprocessor of mainboard controller 10, bypass supply 30 is connected with bypass controller 20, be used for providing operating voltage to bypass controller 20, network interface bypass 40 is identical with the network interface bypass of Network Security Device in the prior art, and switch module 41 is arranged in the network interface bypass 40, and is connected with bypass controller.
The bypass controller that Network Security Device among the utility model embodiment is independent of the mainboard controller by setting is controlled the break-make of network interface bypass, the system that realized powers on and namely controls, need not initialization waits for, solved that the problem of data packet loss appears in Network Security Device easily in the prior art, and then reached the effect that improves the fail safe of Network Security Device.
Wherein, the output voltage of bypass supply is 3.3V, adopting 3V3_STBY voltage is the bypass controller power supply as the output voltage of bypass supply, realized at the Network Security Device powered on moment, the bypass controller chip just can begin to work alone, trigger the internal processes of bypass controller switch module is controlled, and then realization is to the control of network interface bypass.
Preferably, bypass controller among the utility model embodiment can comprise a plurality of GPIO ports, wherein, with the connection diagram of Network Security Device in communication network of microprocessor as shown in Figure 3, be set to have the microprocessor of a plurality of GPIO ports by bypass controller, solved the problem of mainboard GPIO port number deficiency in the legacy network safety means, because the increase of GPIO port number, just the control program of network interface bypass can be set as the various control pattern, different control models sends control command by different GPIO ports to switch module, to realize that Network Security Device carries out different mode control in different phase to communication network, illustrate, the control program of network interface bypass can be set as three kinds of patterns, as shown in Figure 4, three kinds of patterns are specially: start bypass mode (power on bypass), shutdown bypass mode (power off bypass) and the bypass mode that powers on (just on bypass), wherein, the start bypass mode can be used for the control Network Security Device in the normal power-up state operating state in lower time, the shutdown bypass mode can be used for the control Network Security Device in the off-position operating state in lower time, the bypass mode that powers on can be used for the control Network Security Device in the operating state of power up, like this, the user is when using Network Security Device, just can select as required different control models, reached the effect that improves the flexibility of Network Security Device, wherein, can also carry out by the watchdog in the controller the control of different bypass modes.
Further, all the EEPROM memory module can be set in bypass controller in the Network Security Device of the utility model embodiment and the mainboard controller, wherein, the EEPROM memory module of bypass controller can be used for storing the control program of network interface bypass, like this, in device power moment, bypass controller just can directly be controlled the conducting of network interface bypass by control program; The EEPROM memory module of mainboard controller can be used for the call function of storage control program.The SM bus/I2C bus of the standard specification of bypass controller by following PCI-E and the south bridge of mainboard controller communicate, when needs carry out parameter modification to control program, can directly from the memory module of mainboard controller, read corresponding call function, realize the modification to control program.
Further, switch module is relay module, and wherein, the sound tip side of relay module is arranged in the network interface bypass, and the control end of relay module is connected with bypass controller.Be set to relay module by switch module, realized the effect of low-cost control network interface bypass break-make.
As can be seen from the above description, the utility model has been realized following technique effect:
The Network Security Device of the utility model embodiment adopts the microprocessor that is independent of BIOS control to carry out the control of bypass function, simultaneously simpler for writing of application software, be equivalent to a command statement in the operating system, easier to understand and the realization compared with heavy code is saved a large amount of research and development of software and is dropped into.Be to guarantee that the link layer between two networks connects, the hardware platform equipment of the secure data exchange that can continue between physical network has reached 0 real byte packet loss.
The above is preferred embodiment of the present utility model only, is not limited to the utility model, and for a person skilled in the art, the utility model can have various modifications and variations.All within spirit of the present utility model and principle, any modification of doing, be equal to replacement, improvement etc., all should be included within the protection range of the present utility model.
Claims (6)
1. a Network Security Device is characterized in that, comprising:
The mainboard controller;
The network interface bypass;
Bypass supply;
Bypass controller is connected respectively with described mainboard controller with described bypass supply; And
Switch module is arranged in the described network interface bypass, and is connected with described bypass controller.
2. Network Security Device according to claim 1 is characterized in that, the supply power voltage of described bypass controller is 3.3V.
3. Network Security Device according to claim 1 is characterized in that, described bypass controller comprises a plurality of GPIO ports.
4. Network Security Device according to claim 1 is characterized in that, described bypass controller comprises the first memory module, is used for storing the control program of described network interface bypass.
5. Network Security Device according to claim 4 is characterized in that, described mainboard controller comprises the second memory module, is used for storing the call function of described control program.
6. Network Security Device according to claim 1 is characterized in that, described switch module is relay module, and the tip side of described relay module is arranged in the described network interface bypass, and the control end of described relay module is connected with described bypass controller.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201220296992 CN202652258U (en) | 2012-06-19 | 2012-06-19 | Network security device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201220296992 CN202652258U (en) | 2012-06-19 | 2012-06-19 | Network security device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN202652258U true CN202652258U (en) | 2013-01-02 |
Family
ID=47421283
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 201220296992 Expired - Fee Related CN202652258U (en) | 2012-06-19 | 2012-06-19 | Network security device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN202652258U (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104519027A (en) * | 2013-09-30 | 2015-04-15 | 宁夏先锋软件有限公司 | Safety equipment of computer network |
CN105100036A (en) * | 2014-05-08 | 2015-11-25 | 智邦科技股份有限公司 | Bypass circuit and network security device |
CN106708771A (en) * | 2015-11-17 | 2017-05-24 | 研祥智能科技股份有限公司 | Network bypass device and processing method thereof |
CN106878238A (en) * | 2015-12-14 | 2017-06-20 | 研祥智能科技股份有限公司 | Guide frame and network security component |
CN110708217A (en) * | 2019-10-23 | 2020-01-17 | 深圳市三旺通信股份有限公司 | Python language-based bypass switching time intelligent test system and method |
-
2012
- 2012-06-19 CN CN 201220296992 patent/CN202652258U/en not_active Expired - Fee Related
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104519027A (en) * | 2013-09-30 | 2015-04-15 | 宁夏先锋软件有限公司 | Safety equipment of computer network |
CN105100036A (en) * | 2014-05-08 | 2015-11-25 | 智邦科技股份有限公司 | Bypass circuit and network security device |
CN106708771A (en) * | 2015-11-17 | 2017-05-24 | 研祥智能科技股份有限公司 | Network bypass device and processing method thereof |
CN106708771B (en) * | 2015-11-17 | 2020-06-09 | 研祥智能科技股份有限公司 | Network bypass device and processing method thereof |
CN106878238A (en) * | 2015-12-14 | 2017-06-20 | 研祥智能科技股份有限公司 | Guide frame and network security component |
CN110708217A (en) * | 2019-10-23 | 2020-01-17 | 深圳市三旺通信股份有限公司 | Python language-based bypass switching time intelligent test system and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN202652258U (en) | Network security device | |
CN101271332B (en) | Compact integrated redundancy controller and control method thereof | |
CN101102177B (en) | An implementation method and device for switching master and slave controller | |
CN105379213A (en) | Dedicated control path architecture for stacked packet switches | |
CN101917337B (en) | Device and method for interconnecting router cluster middle plates | |
CN104753710B (en) | The active-standby switch system and method for double WAN mouthfuls of network equipments | |
KR20140082645A (en) | Pcie switch-based server system, switching method and device | |
CN101867468B (en) | Hot reboot processing method for power over Ethernet switch and power over Ethernet switch | |
CN103425506A (en) | Powering off method, starting up method and communication terminal | |
CN101087204A (en) | System and method for controlling boot-up process using preconfiguration of port hardware | |
CN102662803A (en) | Double-controlled double-active redundancy equipment | |
CN103352837A (en) | Stand-by pump automatically-starting control logic device with two pumps mutually serving as stand-by pumps | |
CN101853970A (en) | Method and device for charging through universal serial bus (USB) interface | |
CN113032187A (en) | High-speed dual-computer hot standby redundancy communication method | |
CN101114935A (en) | System upgrading method, upgrading system and monitoring entity | |
CN109783413A (en) | Master control borad and control method based on VPX standard | |
CN202042898U (en) | Program controlled bypass protection circuit of network equipment | |
CN201393231Y (en) | Gateway device with by-pass switch | |
CN117331423A (en) | Power supply method and device of PCIE equipment, storage medium and electronic device | |
CN109388216A (en) | The veneer and the network equipment of starter, the network equipment | |
CN103401708A (en) | Port configuration method and device | |
CN212413158U (en) | Ten-thousand-million network card | |
CN213934570U (en) | SVG (scalable vector graphics) coordinated redundancy controller and SVG coordinated redundancy control system | |
WO2021093570A1 (en) | Power supply switching control system and power supply switching control method | |
CN203532217U (en) | Control logic unit with two pumps mutually serving as stand-by pump and with stand-by pump being started automatically |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130102 Termination date: 20170619 |
|
CF01 | Termination of patent right due to non-payment of annual fee |