CN211406284U - Mobile office system - Google Patents
Mobile office system Download PDFInfo
- Publication number
- CN211406284U CN211406284U CN201821595472.6U CN201821595472U CN211406284U CN 211406284 U CN211406284 U CN 211406284U CN 201821595472 U CN201821595472 U CN 201821595472U CN 211406284 U CN211406284 U CN 211406284U
- Authority
- CN
- China
- Prior art keywords
- network
- mobile office
- network system
- equipment
- acceleration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The utility model discloses a mobile office system, this system includes: the system comprises an acceleration network system, a service providing network system connected with the acceleration network system and mobile office equipment connected with the acceleration network system; the service providing network system comprises a public cloud network system and a private network system. The embodiment of the utility model provides an in introduce the not good problem of network quality when accelerateing network system and solving mobile office and visit public cloud network system and private network system to on the cloud border was expanded to the network architecture deployment of enterprise first, make mobile office experience reach with the inside daily use of company experience the same. In addition, the access authority management is introduced to the equipment firstly, so that the mobile office staff do not need to frequently use a login account password to log in.
Description
Technical Field
The utility model relates to the field of internet technology, especially, relate to a mobile office system.
Background
In the internet cloud era, the working mode of mobile office is more and more common. The mobile office can also be called a 3A office, that is, under the premise that an office worker can access the internet, the office worker can process any business (Anything) related to business at any time (Anytime) and any place (Anywhere), and usually needs to access services deployed by an enterprise at headquarters, offices in various places and cloud machine rooms, and a large amount of third-party SaaS services are used at present.
The brand-new office mode of mobile office can lead office workers to get rid of the constraint of time and space and smoothly carry out interactive flow with other office workers at any time and any place, thus leading the working process to be easier and more effective and leading the whole operation to be more harmonious and efficient. With the gradual improvement of the use degree of the mobile phone, an enterprise software application system for interconnection and intercommunication between the mobile phone and the computer is established by utilizing mobile information software of the mobile phone, so that the limitation of time and place is eliminated, the personal company management and communication are carried out at any time, the management efficiency is effectively improved, and the enterprise benefit is promoted to increase.
Enterprises that make heavy use of mobile offices typically include:
ToB enterprises, customers are located all over the country, business personnel need to frequently visit customers on business trips, and mobile office needs to update customer information and conditions. The company needs to carry out mobile office examination and approval on internal flow application when the company is led out of business;
in a business coming out of the sea, a large number of technical personnel need to go out and go to overseas local countries for technical deployment and maintenance, mobile office is needed, and the problem of visiting home base intranet services is solved.
The service type enterprise provides 7 × 24 hours of service, technicians need to be online to process customer and platform problems at any time, and mobile offices need to be accessed to a company network at any time.
Compared with the intranet office, the mobile office needs to solve two problems:
the safety problem is as follows: under the office scene of the company intranet, the data are circulated in the intranet, and the safety of the data is controllable. In a mobile office scene, mobile office personnel directly access internal data of an enterprise from the outside, and data security is easily threatened.
Problem of fluency of access: in the office scene of the internal network of the company, the internal network usually has smooth access to the internal services, and corresponding solutions are provided for accessing the cloud computer room and the SaaS services. In a mobile office scene, due to uncertainty of addresses and networks, network instability caused by cross-network and cross-region is greatly influenced.
The current mobile office solutions are mainly of two kinds:
first, the company internal service directly provides a public network access entrance, like a Web site, all users directly access the public network, usually the intermediate transmission security is guaranteed by providing https service, but the Web site is easy to be scanned by hackers, and once there is a vulnerability on the platform or the framework, the core data has a very large risk of disclosure. In addition, the staff cross-region and cross-operator access company services, access speed cannot be guaranteed, and problems of slow access, unstable access and the like can occur.
And secondly, purchasing a third-party VPN service, deploying a VPN server in the headquarters, installing a VPN client at the mobile office terminal, erecting a virtual channel between the VPN client and the VPN server, and accessing the headquarters service request to the VPN server by the virtual channel and then to the intranet server of the company. The scheme can effectively solve the problem of company service safety, but the use of the user is troublesome, and login authentication is required every time. In addition, the problem that employees visit company services across regions and operators exists, the visiting speed cannot be guaranteed, and the problems of slow visiting, unstable visiting and the like occur.
Therefore, new solutions are needed to address the issues of security and access experience in mobile office.
SUMMERY OF THE UTILITY MODEL
In order to solve the above technical problem, a new system structure is needed to be provided so that the technical staff can perform software development on the basis of the system architecture, and the utility model provides a mobile office system.
The utility model provides a mobile office system, include: the system comprises an acceleration network system, a service providing network system connected with the acceleration network system and mobile office equipment connected with the acceleration network system;
the service providing network system comprises a public cloud network system and a private network system.
The mobile office system also has the following characteristics:
the acceleration network system includes a plurality of network access points.
The mobile office system also has the following characteristics:
the mobile office equipment is connected with at least one network access point in the acceleration network system.
The mobile office system also has the following characteristics:
the acceleration network system is an SD-WAN network.
The mobile office system also has the following characteristics:
the private network system includes a client terminal device.
The mobile office system also has the following characteristics:
the public cloud network system comprises a site server.
The mobile office system also has the following characteristics:
the private network system is one of the following networks: the system comprises an enterprise headquarter network, an enterprise branch office network and a cloud computer room.
The mobile office system also has the following characteristics:
the public cloud network system is a SaaS network.
The mobile office system also has the following characteristics:
the client terminal equipment comprises a decryption module and a sending module which are connected.
The mobile office system also has the following characteristics:
the mobile office equipment comprises USB equipment.
The embodiment of the utility model provides an in introduce network system SD-WAN network with higher speed to on the network architecture deployment of enterprise was expanded to the cloud border first, form a brand-new system architecture, make technical staff develop on this system architecture, thereby make the mobile office experience reach with the inside daily use experience of company the same.
Drawings
The accompanying drawings, which form a part hereof, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention without undue limitation. In the drawings:
fig. 1 is a block diagram of a mobile office system in an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. Based on the embodiments in the present invention, all other embodiments obtained by a person skilled in the art without creative work belong to the protection scope of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
As shown in fig. 1, the mobile office system includes: the system comprises an acceleration network system, a service providing network connected with the acceleration network system and mobile office equipment connected with the acceleration network system. The service providing network comprises a public cloud network system and a private network system.
The acceleration network system includes a plurality of network access points. The acceleration Network system is typically a Software-Defined Wide Area Network (SD-WAN), the Network includes a plurality of Network access points, namely, Point-of-Presence (PoP), and the SD-WAN is a global private Network system composed of mass resources, and is accessed through the PoP and selected through an internal dynamic routing. In a typical application scenario, access nodes in the same city of an enterprise intranet can be found through an SD-WAN, and return source nodes in the same city as a site server can be found, so that extranet data required by a user can be acquired very quickly.
The mobile office equipment can be a computer, a mobile phone, a tablet and the like and has the capability of connecting with the Internet. The mobile office device in the method may be a general device loaded with application software for implementing the processing method of the method, for example, a general device installed with a special software Development kit (sdk), or a special device having a function for implementing the processing method of the method, for example, a USB device with a stream guidance and encryption function.
The mobile office equipment is connected with at least one network access point in the acceleration network system. The mobile office equipment is registered in the acceleration network system when being connected with the acceleration network system for the first time. For example, the registration method is to send the unique identification of the mobile office device to the acceleration network system. When the mobile office equipment is provided with the ordinary equipment of the special SDK, the unique identification can be the unique identification of the SDK, the unique identification is bound with the equipment, and the binding relationship cannot be changed. When the mobile office equipment is special equipment with the function of realizing the processing mode of the method, the unique identification is the unique identification of the mobile office equipment.
The private network system is one of the following networks: the system comprises an enterprise headquarter network, an enterprise branch office network and a cloud computer room. The public cloud network system is a SaaS network.
The acceleration network includes a rights management device; the system comprises a mobile office device, a server and a server, wherein the mobile office device is used for receiving a registration request of the mobile office device and distributing access authority for the mobile office device; and the mobile office equipment is also used for verifying whether the mobile office equipment is registered and has access authority after receiving the mobile office access request. The access right setting rule may be configured according to the service type, or according to the user equipment type, or may be a time-sensitive rule, for example: the access authority can be set for different mobile office equipment, and the access authority of the mobile office equipment is cancelled after the access authority of some mobile office equipment is used for more than the preset time.
The mobile office implementation method comprises the following steps:
step 1, the mobile office equipment sends a mobile office access request to an acceleration network;
step 2, the accelerating network determines a target network of the mobile office access request and sends the mobile office access request to the target network;
step 3, the target network acquires response data of the mobile office access request and sends the response data to the acceleration network;
and 4, the acceleration network sends the response data to the mobile office equipment.
The mobile office equipment can be a computer, a mobile phone, a tablet and the like, and has the capability of connecting the Internet. The mobile office equipment in the method may be a general equipment loaded with application software for implementing the processing mode of the method, for example, a general equipment installed with a special software Development kit (sdk), or a special equipment having a function for implementing the processing mode of the method, for example, an external equipment having a certain processing function connected to a computer, for example, a USB equipment having stream guidance and encryption functions.
The mobile office device registers in the acceleration network when first connecting to the acceleration network. For example, the registration method is to send the unique identification of the mobile office device to the acceleration network. When the mobile office equipment is provided with the ordinary equipment of the special SDK, the unique identification can be the unique identification of the SDK, the unique identification is bound with the equipment, and the binding relationship cannot be changed. When the mobile office equipment is special equipment with the function of realizing the processing mode of the method, the unique identifier can be the unique identifier of the mobile office equipment.
The acceleration network receives the registration request of the mobile office equipment and distributes the access authority for the mobile office equipment, the acceleration network can preset the access authority setting rule, and sets access authority for different mobile office equipment according to the access authority setting rule, the access authority setting rule can be configured according to service types, for example, different access rights can be configured for OA system, ERP system, Portal system, etc. according to user type (such as finance, personnel, development, operation and maintenance, etc.), for example, different access rights are configured for the mobile phone user and the PC user according to the devices, for example, the access rights can be set for different mobile office devices, after the access authority of some mobile office equipment is used for more than the preset time, the access authority of the mobile office equipment is cancelled, and the mobile office personnel can log in without frequently using a login account password by using a rule with timeliness.
Before step 1, the method further comprises: the mobile office equipment registers in the acceleration network and acquires the access authority. After step 1 and before step 2, further comprising: the acceleration network verifies whether the mobile office equipment is registered and has the access right, and step 2 is executed when the mobile office equipment is verified to be registered and have the access right.
The target network may be of different types, such as a public cloud network and a private network. The private network can be an enterprise headquarter network, a branch office network, a cloud machine room network and the like, and the public cloud network can be a SaaS network.
The following is a detailed description of different types of target networks.
Type one, the type of the target network is a private network
In step 2, after the accelerating network determines the target network of the mobile office access request, the method further comprises: determining the type of a target network, and determining the address of client terminal equipment in a private network when the type of the target network is the private network;
in step 2, sending the mobile office access request to the target network includes: the method comprises the steps that a network access point which is closest to a private network in an acceleration network sends a mobile office access request to client terminal equipment in the private network;
in step 3, the step of acquiring the response data of the mobile office access request by the target network includes: and the client terminal equipment performs source returning processing on the mobile office access request to obtain response data of the mobile office access request.
In order to improve data security, the mobile office equipment can encrypt the mobile office access request through SDK software and then send the encrypted mobile office access request to an acceleration network, the acceleration network forwards the encrypted mobile office access request, the client terminal equipment decrypts the received encrypted mobile office access request according to a preset encryption algorithm and sends the decrypted mobile office access request to a site server in a target network.
In step 3, the step of acquiring the response data of the mobile office access request by the target network includes: and the client terminal equipment performs source returning processing on the mobile office access request to obtain response data of the mobile office access request.
The process of encrypting and decrypting the response data comprises the following steps: and after receiving the response data of the site server, the client terminal equipment encrypts the response data according to a preset encryption algorithm and forwards the encrypted response data to the acceleration network. And 4, after the step 4, the mobile office equipment decrypts the received encrypted response data through the SDK software.
The client terminal device comprises a decryption module and a sending module.
The decryption module is used for decrypting the mobile office access request according to the preset encryption algorithm when the mobile office access request is the mobile office access request encrypted according to the preset encryption algorithm.
And the sending module is used for sending the decrypted mobile office access request to a site server in the target network.
The client terminal equipment further comprises an encryption module used for encrypting the response data according to a preset encryption algorithm after receiving the response data from the site server in the target network.
Type two, the type of the target network system is a public cloud network
In step 2, after the accelerating network determines the target network of the mobile office access request, the method further comprises: determining the type of a target network, and determining the address of a site server in a public cloud network when the type of the target network is the public cloud network;
in step 2, sending the mobile office access request to the target network includes: and the network access point closest to the public cloud network in the acceleration network sends the mobile office access request to a site server in the public cloud network.
In step 3, the step of acquiring, by the target network, the response data of the mobile office access request includes: the site server determines response data of the mobile office access request.
In order to improve data security, the mobile office equipment can encrypt the mobile office access request through SDK software and then send the encrypted mobile office access request to an acceleration network, a network access point closest to a public cloud network in the acceleration network decrypts the mobile office access request according to a preset encryption algorithm, and the decrypted mobile office access request is sent to a site server in a target network.
In step 3, sending the response data to the acceleration network includes: and the site server forwards the response data to a network access point which is closest to the public cloud network in the acceleration network.
The process of encrypting and decrypting the response data comprises the following steps: after the station server sends the response data to the acceleration network, after the network access point closest to the target network in the acceleration network receives the response data, the response data is encrypted according to a preset encryption algorithm, and then the response data is forwarded through the network access point and sent to the network access point closest to the mobile office equipment in the acceleration network. And 4, after the step 4, the mobile office equipment decrypts the received encrypted response data through the SDK software.
The utility model discloses in introduce network system SD-WAN network with higher speed to on taking first to expand the network architecture deployment of enterprise to the cloud border, form a brand-new system architecture, make technical staff develop on this system architecture, thereby make the mobile office experience reach and experience with the inside daily use of company and experience the same.
The above-described embodiments can be implemented individually or in various combinations, and such variations are within the scope of the present invention.
It is to be noted that, in this document, the terms "comprises", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion, so that an article or apparatus including a series of elements includes not only those elements but also other elements not explicitly listed or inherent to such article or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of additional like elements in the article or device comprising the element.
The above embodiments are merely for illustrating the technical solutions of the present invention and are not to be construed as limiting, and the present invention is described in detail with reference to the preferred embodiments. It should be understood by those skilled in the art that various modifications and equivalent substitutions may be made to the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention, and all the modifications and equivalents should be covered by the scope of the claims of the present invention.
Claims (2)
1. A mobile office system, comprising: the SD-WAN network, a service providing network system connected with the SD-WAN network and mobile office equipment connected with the SD-WAN network;
the service providing network system includes a SaaS network and one of the following networks: an enterprise headquarter network, an enterprise branch network and a cloud machine room;
the SD-WAN network comprises a plurality of network access points;
the mobile office equipment is connected with at least one network access point in the SD-WAN network;
the enterprise headquarter network, the enterprise branch office network and the cloud machine room comprise client terminal equipment;
the SaaS network comprises a site server.
2. The mobile office system of claim 1,
the mobile office equipment comprises USB equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201821595472.6U CN211406284U (en) | 2018-09-28 | 2018-09-28 | Mobile office system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201821595472.6U CN211406284U (en) | 2018-09-28 | 2018-09-28 | Mobile office system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN211406284U true CN211406284U (en) | 2020-09-01 |
Family
ID=72213751
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201821595472.6U Active CN211406284U (en) | 2018-09-28 | 2018-09-28 | Mobile office system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN211406284U (en) |
-
2018
- 2018-09-28 CN CN201821595472.6U patent/CN211406284U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11962571B2 (en) | Ecosystem per distributed element security through virtual isolation networks | |
| EP3420465B1 (en) | Platform for computing at the mobile edge | |
| JP4666169B2 (en) | Method of communication via untrusted access station | |
| CN104113934A (en) | Router accessing method for communication equipment and accessing system | |
| MXPA05006843A (en) | Method and system for demonstrating the operability of secure wireless networks. | |
| JPH07202883A (en) | Method and network system to distribute and to check key | |
| CN111212426B (en) | Terminal access method, terminal, micro base station and access system | |
| CN108900484B (en) | Access right information generation method and device | |
| JP5536628B2 (en) | Wireless LAN connection method, wireless LAN client, and wireless LAN access point | |
| AU2013269845B2 (en) | Method for tracking a mobile device onto a remote displaying unit | |
| US11812273B2 (en) | Managing network resource permissions for applications using an application catalog | |
| JP3601434B2 (en) | Pseudo public wireless access service | |
| CN110972093B (en) | Mobile office implementation method and system | |
| CN211406284U (en) | Mobile office system | |
| KR102224454B1 (en) | Method, apparatus, system and computer program for controlling network traffic | |
| Nguyen et al. | An SDN-based connectivity control system for Wi-Fi devices | |
| CN112702776B (en) | Method for realizing wireless terminal access to wireless local area network and wireless access point | |
| Raiyn | INFORMATION SECURITY AND SAFETY IN CYBERPARKS | |
| JP2020017032A (en) | User authorization method for core network system including authorization device and service device | |
| WO2022270228A1 (en) | Device and method for providing communication service for accessing ip network, and program therefor | |
| KR102536855B1 (en) | Method for configuring wireless lan secure channel | |
| KR20230037183A (en) | The system that supports on-line access to remotly located equipment/products | |
| CN117715043A (en) | Service access method, device, equipment and storage medium | |
| JP2023002449A (en) | Device and method for providing communication service for accessing ip network, and program therefor | |
| JP2005341456A (en) | Public wireless lan sharing access point providing system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |