CN206472142U - A kind of high security network communication system for railway equipment maintenance management - Google Patents

A kind of high security network communication system for railway equipment maintenance management Download PDF

Info

Publication number
CN206472142U
CN206472142U CN201621474700.5U CN201621474700U CN206472142U CN 206472142 U CN206472142 U CN 206472142U CN 201621474700 U CN201621474700 U CN 201621474700U CN 206472142 U CN206472142 U CN 206472142U
Authority
CN
China
Prior art keywords
intranet
computer room
net
unit
processing module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201621474700.5U
Other languages
Chinese (zh)
Inventor
王平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Shen Rail Kit Can Mdt Infotech Ltd
Original Assignee
Shanghai Shen Rail Kit Can Mdt Infotech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Shen Rail Kit Can Mdt Infotech Ltd filed Critical Shanghai Shen Rail Kit Can Mdt Infotech Ltd
Priority to CN201621474700.5U priority Critical patent/CN206472142U/en
Application granted granted Critical
Publication of CN206472142U publication Critical patent/CN206472142U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The utility model is related to a kind of high security network communication system for railway equipment maintenance management, the system includes outer net processing module, Intranet processing module and intranet and extranet protection module, the outer net processing module and Intranet processing module are connected by intranet and extranet protection module, the Intranet processing module includes net unit in computer room, net unit and managing intranet unit in safeguarding, net unit is connected with outer net processing module in the computer room, net unit is connected with net unit in computer room and the railway equipment safeguarded respectively in the maintenance, office equipment of the managing intranet unit respectively with net unit in computer room and administrative staff is connected.Compared with prior art, the utility model has the advantages that security performance is high, Intranet communication speed is fast and is easy to management to control.

Description

A kind of high security network communication system for railway equipment maintenance management
Technical field
The utility model is related to railway administration field, more particularly, to a kind of high safety for railway equipment maintenance management Property network communication system.
Background technology
With developing rapidly for domestic railway, the maintenance management for railway equipment is also important all the more, in order to ensure high ferro Station information and the stabilization, functions reliably and efficiently of electromechanical equipment operation, the railway system need it is a set of it is special, be efficiently used for railway The network communication system of equipment maintenance and management supports the daily operation management to work.
The existing network communication system for railway equipment maintenance management is mostly fairly simple, i.e. outer net and railway Intranet It is attached by fire wall, outer net sends solicited message to railway Intranet, is delivered to after firewall filtering in railway Intranet, Information is stored to server and waits the response of Intranet equipment by railway Intranet, and this communication modes are due to needing Intranet to set Standby active response causes communication speed slow, and due to huge, the connection with complexity between each equipment of railway Intranet Relation, causes once have unsafe solicited message to flow into, it will be transferred to rapidly among whole Intranet, cause the comprehensive of Intranet Paralysis.
Utility model content
The purpose of this utility model is to provide a kind of high security for railway equipment maintenance management regarding to the issue above Network communication system.
The purpose of this utility model can be achieved through the following technical solutions:
A kind of high security network communication system for railway equipment maintenance management, the system includes outer net and handles mould Block, Intranet processing module and intranet and extranet protection module, the outer net processing module and Intranet processing module are protected by intranet and extranet Module is connected, and the Intranet processing module includes net unit in computer room, safeguards interior net unit and managing intranet unit, the computer room Interior net unit is connected with outer net processing module, and net unit is set with net unit in computer room and the railway safeguarded respectively in the maintenance Standby connection, office equipment of the managing intranet unit respectively with net unit in computer room and administrative staff is connected.
Net unit includes computer room Intra-Network switch and application server, the computer room Intra-Network switch difference in the computer room It is connected with net unit and managing intranet unit in outer net processing module, maintenance, the application server and computer room Intra-Network switch Connection.
Net unit also includes computer room Intranet protection gateway in the computer room, is respectively arranged in maintenance in net unit and computer room Between network switch and between managing intranet unit and computer room Intra-Network switch.
Managing intranet fire wall is additionally provided between the computer room Intra-Network switch and managing intranet unit.
The quantity of the application server is no less than 2.
The intranet and extranet protection module includes the intranet and extranet protection gateway being sequentially connected and intranet and extranet fire wall, described inside and outside Net protection gateway is connected with net unit in computer room, and the intranet and extranet fire wall is connected with outer net processing module.
The intranet and extranet protection gateway includes the serial gateways of god of net SecSIS 3600.
The railway equipment safeguarded include AFC system headend equipment, window talkback equipment, scanner and Certification recognition device.
Compared with prior art, the utility model has the advantages that:
(1) Intranet processing module is subjected to modular division according to function, is divided into the dimension for reading railway equipment state in real time Net unit is believed in net unit and the managing intranet unit for connecting administrative staff in shield, and computer room by storing forwarding information The forwarding of breath, actively responds to outer net request without Intranet equipment, substantially increases the information communication speed of system.
(2) only connect in Intranet processing module by net unit in computer room with outer net processing module, safeguard interior net unit with Managing intranet unit keeps isolating with outer net processing module, once there is unsafe solicited message to flow into, can cut off in time Contacting between net unit in interior net unit and managing intranet unit and computer room is safeguarded, the security performance of system is greatly improved.
(3) protection gateway is equipped between net unit in net unit, managing intranet unit and computer room in safeguarding, two have been carried out Secondary security protection, further increases security performance.
(4) do not connected between net unit and managing intranet unit in safeguarding, information therebetween passes through computer room Intranet list Member is transmitted, the risk for reducing administrative staff's maloperation and causing the mistake of railway equipment state to be changed.
(5) quantity of application server is no less than 2 in net unit in computer room, for carrying out redundancy backup, if individual Other server breaks down, and remaining server is it is also ensured that the stable transmission and storage of information.
(6) intranet and extranet protection module includes the intranet and extranet protection gateway and intranet and extranet fire wall being sequentially connected, and traditional The method for carrying out safeguard protection using fire wall as protection module is compared, and dual safety prevention measure can greatly increase system Security.
(7) gateway employs the serial gateways of god of net SecSIS 3600, it is possible to achieve swap control by independent hardware System, security performance is higher.
Brief description of the drawings
Fig. 1 is structural representation of the present utility model;
Wherein, 1 is outer net processing module, and 21 be net unit in computer room, and 22 be net unit in safeguarding, 23 be managing intranet list Member, 211 be computer room Intra-Network switch, and 212 be application server, and 213 be that computer room Intranet protects gateway, and 214 be that intranet and extranet are protected Gateway, 215 be intranet and extranet fire wall, and 221 be railway equipment, and 231 be office equipment, and 232 be managing intranet fire wall.
Embodiment
The utility model is described in detail with specific embodiment below in conjunction with the accompanying drawings.The present embodiment is with the utility model Implemented premised on technical scheme, give detailed embodiment and specific operating process, but guarantor of the present utility model Shield scope is not limited to following embodiments.
A kind of high security network communication for railway equipment maintenance management to be provided in the present embodiment as shown in Figure 1 System, including:Outer net processing module 1, is connected with outer net equipment, for receiving the solicited message of outer net and being fed back;Intranet Processing module, is connected with outer net processing module 1 and Intranet equipment respectively, for being sent to Intranet equipment through outer net processing module 1 The solicited message of transmission, and the feedback information of Intranet equipment is passed into outer net processing module 1;Intranet and extranet protection module, respectively It is connected with outer net processing module 1 and Intranet processing module, the solicited message for filtering the transmission of outer net processing module 1, it is ensured that interior The security performance of net processing module;Intranet processing module includes:Net unit 21 in computer room, are connected with outer net processing module 1, are used for Solicited message and feedback information are stored, and two-way communication is carried out with outer net processing module 1;Net unit 22 in safeguarding, respectively with machine Net unit 21 and the railway equipment 221 safeguarded are connected in room, the maintenance status information for transmitting railway equipment 221;Management Interior net unit 23, is connected with net unit in computer room 21 and the office equipment of administrative staff 231 respectively, for from computer room Intranet unit Solicited message and the maintenance status information of railway equipment 221 are received in 21, and produces feedback information.
Wherein, net unit 21 includes in computer room:Computer room Intra-Network switch 211, it is interior with outer net processing module 1, maintenance respectively Net unit 22 and managing intranet unit 23 are connected, for receiving and forwarding solicited message, feedback information and safeguard status information;Should With server 212, it is connected with computer room Intra-Network switch 211, for storing solicited message, feedback information and safeguarding status information. Net unit 21 also includes computer room Intranet protection gateway 213 in computer room, is respectively arranged at net unit 22 and computer room Intranet in maintenance and hands over Change planes between 211 and between managing intranet unit 23 and computer room Intra-Network switch 211.Computer room Intra-Network switch 211 and management Managing intranet fire wall 232 is additionally provided between interior net unit 23.In the present embodiment, the quantity of application server 212 is 4.It is interior Outer net protection module includes the intranet and extranet protection gateway 214 being sequentially connected and intranet and extranet fire wall 215.And it is inside and outside in the present embodiment Net protection gateway 214 uses the serial gateways of net Shen SecSIS 3600.The railway equipment 221 safeguarded is examined including automatic selling Bill system headend equipment, window talkback equipment, scanner and certification recognition device.
The operation principle of the system is as follows:External user sends solicited message, intranet and extranet fire wall 215 and intranet and extranet first Protection gateway 214 is filtered to the solicited message successively, and wait is transmitted into computer room Intra-Network switch 211 if safety and is turned Hair, is preserved while being uploaded in application server 212.Solicited message is forwarded by computer room Intra-Network switch 211, warp Sent after crossing the firewall filtering of 213 managing intranet unit of computer room Intranet protection gateway 23 in the case where confirming safety in managing Net unit 23, managing intranet unit 23 is transmitted it in the office equipment 231 of administrative staff, and administrative staff believe according to request Breath, generates the solicited message of the maintenance state of railway equipment 221 and transmits to computer room net unit 21, computer room Intra-Network switch The information is protected gateway 213 to transmit the net unit 22 in safeguarding after filtering by 211 by computer room Intranet, safeguards interior 22 pairs of net unit The maintenance state of railway equipment 221, which is read out and generated, safeguards status information, then in the computer room by net unit in computer room 21 Network switch 211 is forwarded to managing intranet unit 23, and administrative staff generate and solicited message according to the maintenance status information of reading Corresponding feedback information, is re-transmitted to net unit 21 in computer room, is on the one hand transmitted it to by computer room Intra-Network switch 211 Outer net processing module 1, on the other hand upload onto the server middle preserved.

Claims (8)

1. a kind of high security network communication system for railway equipment maintenance management, the system includes outer net and handles mould Block, Intranet processing module and intranet and extranet protection module, the outer net processing module and Intranet processing module are protected by intranet and extranet Module is connected, it is characterised in that the Intranet processing module includes net unit in computer room, safeguards interior net unit and managing intranet list Net unit is connected with outer net processing module in member, the computer room, in the maintenance net unit respectively with net unit in computer room and by The railway equipment connection of maintenance, the managing intranet unit connects with net unit in computer room and the office equipment of administrative staff respectively Connect.
2. the high security network communication system according to claim 1 for railway equipment maintenance management, its feature exists In, in the computer room net unit include computer room Intra-Network switch and application server, the computer room Intra-Network switch respectively with outside Net unit and the connection of managing intranet unit in net processing module, maintenance, the application server are connected with computer room Intra-Network switch.
3. the high security network communication system according to claim 2 for railway equipment maintenance management, its feature exists In net unit also includes computer room Intranet protection gateway in the computer room, is respectively arranged at net unit and computer room Intranet in maintenance and hands over Between changing planes and between managing intranet unit and computer room Intra-Network switch.
4. the high security network communication system according to claim 2 for railway equipment maintenance management, its feature exists In being additionally provided with managing intranet fire wall between the computer room Intra-Network switch and managing intranet unit.
5. the high security network communication system according to claim 2 for railway equipment maintenance management, its feature exists In the quantity of the application server is no less than 2.
6. the high security network communication system according to claim 1 for railway equipment maintenance management, its feature exists In the intranet and extranet protection module includes the intranet and extranet protection gateway being sequentially connected and intranet and extranet fire wall, and the intranet and extranet are prevented Protecting wire net lock is connected with net unit in computer room, and the intranet and extranet fire wall is connected with outer net processing module.
7. the high security network communication system according to claim 6 for railway equipment maintenance management, its feature exists In the intranet and extranet protection gateway includes the serial gateways of god of net SecSIS 3600.
8. the high security network communication system according to claim 1 for railway equipment maintenance management, its feature exists In the railway equipment safeguarded, which includes AFC system headend equipment, window talkback equipment, scanner and certificate, to be known Read device.
CN201621474700.5U 2016-12-30 2016-12-30 A kind of high security network communication system for railway equipment maintenance management Active CN206472142U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201621474700.5U CN206472142U (en) 2016-12-30 2016-12-30 A kind of high security network communication system for railway equipment maintenance management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201621474700.5U CN206472142U (en) 2016-12-30 2016-12-30 A kind of high security network communication system for railway equipment maintenance management

Publications (1)

Publication Number Publication Date
CN206472142U true CN206472142U (en) 2017-09-05

Family

ID=59712554

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201621474700.5U Active CN206472142U (en) 2016-12-30 2016-12-30 A kind of high security network communication system for railway equipment maintenance management

Country Status (1)

Country Link
CN (1) CN206472142U (en)

Similar Documents

Publication Publication Date Title
US8756411B2 (en) Application layer security proxy for automation and control system networks
CN107070613B (en) Reliable data transmission method in distributed network environment
CN101986638A (en) Gigabit one-way network isolation device
CN109617923A (en) A kind of transformer station process layer network packet filtering retransmission unit
CN109558366A (en) A kind of firewall based on multiple processor structure
CN108566369A (en) Data collecting system based on industrial big data and method
CN101888284B (en) Method and device used for one-way transmission of data
CN107635008A (en) A kind of knitting machine interconnection plane system and operational process
CN108270590A (en) A kind of high security network communication system for railway equipment maintenance management
Das et al. Process-to-bay level peer-to-peer network delay in IEC 61850 substation communication systems
CN102694832B (en) Game system and realization method thereof, and game clients
CN106230993A (en) The security protection compliance data acquisition method of electric power monitoring system and system
CN105681131B (en) Main preparation system and its parallel output method
CN105515835B (en) A kind of aerospace TTE network system grade gateways with communication integrity audit function
CN103416026B (en) Network system and packet processing method
CN206472142U (en) A kind of high security network communication system for railway equipment maintenance management
CN109639529A (en) The diagnostic method of intelligent substation remote control command exception
CN108566325A (en) Ciphering type ring exchanger system
CN205407853U (en) Double -link data transmission system
CN202231742U (en) Network isolation device
CN201966691U (en) Background monitoring central management system for transformer substation or centralized control station
CN104656572A (en) Internet of Things household control system based on handheld terminal
CN100424672C (en) Network safety control equipment based on physical isolation and data exchange monitoring
CN206195823U (en) Network video monitoring takes photograph isolation devices between camera node and server
CN106411616B (en) A kind of device and method by 1553B bus management ethernet terminal

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant