CN205249274U - Deciding grade and level border control device - Google Patents
Deciding grade and level border control device Download PDFInfo
- Publication number
- CN205249274U CN205249274U CN201521057275.5U CN201521057275U CN205249274U CN 205249274 U CN205249274 U CN 205249274U CN 201521057275 U CN201521057275 U CN 201521057275U CN 205249274 U CN205249274 U CN 205249274U
- Authority
- CN
- China
- Prior art keywords
- control device
- deciding grade
- convergence switch
- border
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Small-Scale Networks (AREA)
Abstract
The utility model discloses a deciding grade and level border control device, including border router, aggregation switch, protection service ware, application server, terminal, border router and aggregation switch are connected for dangerous data interception to the outer net, aggregation switch and border router, protection service ware and application server are connected respectively for assemble data and handle and the exchange, protection service ware is connected with aggregation switch for data interchange to the database protects, application server is connected respectively with aggregation switch and terminal for dispose and maintain the data interchange between terminal and the aggregation switch. The utility model provides a border protection, assemble the exchange, the database protects in the deciding grade and level border control device of an organic whole.
Description
Technical field
The utility model relates to a kind of apparatus for management of information, particularly relates to a kind of deciding grade and level border control device.
Background technology
Information system is carried out after cascade protection, can build undoubtedly strict protection and isolation barrier between system, forms new data silo, and in this and informatization, the actual needs of information exchange is disagreed. Therefore, do not destroying under the prerequisite of the normal operation of original information system and hierarchical security feature, continuing to keep interconnecting between information system is the key issue that must solve.
At present, implement to force access control by distribute safety label for Subjective and Objective, realize safety between information system interconnected, but it also exists problems in the application of real network, such as, because main body is strictly followed simple security property, make most network principal access limited, network implementation difficulty is larger, and flexibility and availability are poor. Common way is that the dynamic adjusting range of safety label is set, once but the adjustment of safety label scope, the authority of main body will be limited in less scope, may occur that extreme case lost efficacy safety label adjustment; Due to the difference of object levels of information, still exist because information association, polymerization cause the problem of divulging a secret; Due to real network isomery and complexity, make the build exception complexity of multistage deciding grade and level network, exist cross-domain secure access problem, how effectively controlling the not access of the interior main body of same area, object is also the key of multistage deciding grade and level network implementation.
Summary of the invention
Technical problem to be solved in the utility model is to provide a kind of boundary protection, converges exchange, database protects the deciding grade and level border control device in one.
The utility model solves above-mentioned technical problem by following technical proposals: a kind of deciding grade and level border control device, comprise border router, convergence switch, protection server, application server, terminal, wherein,
Described border router is connected with convergence switch, for the dangerous data interception to outer net;
Described convergence switch is connected respectively with border router, protection server and application server, for data are carried out to convergence processing and exchange;
Described protection server is connected with convergence switch, protects for the exchanges data to database;
Described application server is connected respectively with convergence switch and terminal, for the exchanges data between terminal and convergence switch is configured and is safeguarded.
Preferably, described border router comprises Ethernet interface, serial ports and power interface.
Preferably, described border router comprises ethernet communication indicator lamp and run indicator.
Preferably, also comprise leakage-preventing equipment, be arranged between border router and convergence switch, be connected with the two.
Preferably, also comprise management server, be connected with described convergence switch.
Preferably, also comprise data change between database and flash machine, be connected with described protection server.
Positive progressive effect of the present utility model is: by utilizing border router to carry out security protection to network boundary, data in database are carried out to secure access, prevent that data from revealing, losing, the unexpected leakage of data that can effectively prevent that disabled user from walking around that the external data of initiating on border is attacked, high authority user's internal data is stolen simultaneously and cause because disk, tape are stolen etc.; By protection server, the access behavior of database switch is fully filtered, thereby alleviated the impact that malice is accessed and violation operation brings; Simultaneously; by utilization protect server conduct interviews fine granularity filter or the sensitive data in database is carried out to encryption and decryption; thereby can realize the double protection to database, further prevent that malice leakage from waiting behavior, ensured safety storing and the use of data in database.
Brief description of the drawings
Fig. 1 is the deciding grade and level border control apparatus structure schematic diagram of the utility model one specific embodiment;
Fig. 2 is the deciding grade and level border control apparatus structure schematic diagram of the another specific embodiment of the utility model.
Detailed description of the invention
Provide the utility model preferred embodiment below in conjunction with accompanying drawing, to describe the technical solution of the utility model in detail.
Referring to Fig. 1-2, the structural representation of the deciding grade and level border control device of two specific embodiments of the utility model, a kind of deciding grade and level border control device, comprise border router 10, convergence switch 20, protection server 30, application server 40, terminal 50, wherein, described border router 10 is connected with convergence switch 20, for the dangerous data interception to outer net; Described convergence switch 20 is connected respectively with border router 10, protection server 30 and application server 40, for data are carried out to convergence processing and exchange; Described protection server 30 is connected with convergence switch 20, protects for the exchanges data to database; Described application server 40 is connected respectively with convergence switch 20 and terminal 50, for the exchanges data between terminal 50 and convergence switch 20 is configured and is safeguarded.
In specific embodiment, border router 10 also comprises Ethernet interface, serial ports, power interface, ethernet communication indicator lamp and run indicator.
Deciding grade and level border control device also comprises leakage-preventing equipment 60, is arranged between border router 10 and convergence switch 20, is connected, for the data of convergence switch 20 are carried out to anti-leak protection with the two. Also comprise management server 70, be connected with convergence switch 20, realize the access of database is dynamically monitored in real time and access history is analyzed. Also comprise data change between database and flash machine 80, be connected with protection server 30, the data in data change between database and flash machine 80 can be by secure access after server 30 by protecting.
Above-described specific embodiment; technical problem, technical scheme and beneficial effect to solution of the present utility model further describe; institute is understood that; the foregoing is only specific embodiment of the utility model; be not limited to the utility model; all within spirit of the present utility model and principle, any amendment of making, be equal to replacement, improvement etc., within all should being included in protection domain of the present utility model.
Claims (6)
1. a deciding grade and level border control device, is characterized in that, comprises border router, convergence switch, protection server, application server, terminal, wherein,
Described border router is connected with convergence switch, for the dangerous data interception to outer net;
Described convergence switch is connected respectively with border router, protection server and application server, for data are carried out to convergence processing and exchange;
Described protection server is connected with convergence switch, protects for the exchanges data to database;
Described application server is connected respectively with convergence switch and terminal, for the exchanges data between terminal and convergence switch is configured and is safeguarded.
2. a kind of deciding grade and level border control device according to claim 1, is characterized in that, described border router comprises Ethernet interface, serial ports and power interface.
3. a kind of deciding grade and level border control device according to claim 1 and 2, is characterized in that, described border router comprises ethernet communication indicator lamp and run indicator.
4. a kind of deciding grade and level border control device according to claim 1 and 2, is characterized in that, also comprises leakage-preventing equipment, is arranged between border router and convergence switch, is connected with the two.
5. a kind of deciding grade and level border control device according to claim 1, is characterized in that, also comprises management server, is connected with described convergence switch.
6. a kind of deciding grade and level border control device according to claim 1, is characterized in that, also comprises data change between database and flash machine, is connected with described protection server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201521057275.5U CN205249274U (en) | 2015-12-17 | 2015-12-17 | Deciding grade and level border control device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201521057275.5U CN205249274U (en) | 2015-12-17 | 2015-12-17 | Deciding grade and level border control device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN205249274U true CN205249274U (en) | 2016-05-18 |
Family
ID=55948340
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201521057275.5U Active CN205249274U (en) | 2015-12-17 | 2015-12-17 | Deciding grade and level border control device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN205249274U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106982355A (en) * | 2017-04-06 | 2017-07-25 | 浙江宇视科技有限公司 | The video monitoring system and anti-leak server of a kind of anti-image leakage |
-
2015
- 2015-12-17 CN CN201521057275.5U patent/CN205249274U/en active Active
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106982355A (en) * | 2017-04-06 | 2017-07-25 | 浙江宇视科技有限公司 | The video monitoring system and anti-leak server of a kind of anti-image leakage |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kimani et al. | Cyber security challenges for IoT-based smart grid networks | |
| Wang et al. | Security issues and challenges for cyber physical system | |
| CN103490895B (en) | A kind of industrial control identity authentication applying the close algorithm of state and device | |
| WO2010144301A3 (en) | Key management in secure network enclaves | |
| CN108259226A (en) | Security configuration and platform management are carried out using network is managed | |
| CN106302498B (en) | A kind of database access firewall system based on login parameters | |
| Banerjee et al. | Blockchain-based security layer for identification and isolation of malicious things in IoT: A conceptual design | |
| CN105740733B (en) | A kind of encryption mobile hard disk and its implementation | |
| CN205249274U (en) | Deciding grade and level border control device | |
| CN103309819A (en) | Embedded system and safety managing method for internal storage thereof | |
| Gupta et al. | A light weight centralized file monitoring approach for securing files in cloud environment | |
| CN104468591A (en) | Power dependable safety communication system based on dependable computing module | |
| CN202218262U (en) | Safety management system for internal network information | |
| CN105471857A (en) | Power grid terminal invalid external connection monitoring blocking method | |
| CN104102524A (en) | Method for realizing virtual secure element (VSE) | |
| Yao et al. | Privacy information antistealing control method of medical system based on cloud computing | |
| CN115964714A (en) | GPU (graphics processing Unit) trusted execution environment system based on Trusted Platform Control Module (TPCM) and secure virtual machine | |
| CN103441882A (en) | Remote management method for internet access | |
| CN103581191A (en) | Data safe transmitting method adapted to Internet of Things | |
| CN102932354A (en) | Verification method and device for internet protocol (IP) address | |
| Zhang et al. | Application strategy of data encryption technology in computer network security | |
| CN204576521U (en) | A kind of anti-computer network system of divulging a secret | |
| Suryanegara et al. | An integrated model of technical and non-technical perspectives on managing IoT security | |
| CN203951495U (en) | Network security shielding system | |
| CN204667399U (en) | A kind of database security reinforces platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |