CN219351756U - Intranet safety integrated management system architecture - Google Patents
Intranet safety integrated management system architecture Download PDFInfo
- Publication number
- CN219351756U CN219351756U CN202320932324.3U CN202320932324U CN219351756U CN 219351756 U CN219351756 U CN 219351756U CN 202320932324 U CN202320932324 U CN 202320932324U CN 219351756 U CN219351756 U CN 219351756U
- Authority
- CN
- China
- Prior art keywords
- intranet
- switch
- extranet
- network
- management system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The utility model relates to the technical field of power plant intranet management, in particular to an intranet safety integrated management system architecture; the intelligent network system comprises an intranet server, an extranet server, an intranet switch, an extranet switch, a router, a host and an extranet hardware firewall, wherein the host is connected with the intranet switch through an intranet network interface, the intranet switch is connected with the intranet server through the router, the host is accessed to the extranet through the extranet switch, the hardware firewall and the extranet server, the extranet switch is connected with a port of an operator transmission network through the extranet server, and the extranet hardware firewall is connected with the extranet switch. The utility model replaces the original cisco6509 type switch by the S9700 series switch, greatly improves the service processing capacity compared with the prior network, and automatically switches to standby when faults occur by adding the redundant backup link and deploying the redundant technology, thereby ensuring the stability of the network and the stability of the service.
Description
Technical Field
The utility model relates to the technical field of power plant intranet management, in particular to an intranet safety integrated management system architecture.
Background
At present, a factory intranet mainly adopts a cisco6509 switch as a core switch, all convergence switches are hung down, all convergence switches are networked by a pure two-layer technology, a service and management gateway is terminated on the core switch, the model of the core switch cisco6509 is old, the performance is insufficient, the network operation quality can not be ensured when the concurrency is too high or a two-layer storm is too large, the condition that the service is slow or interrupted is easy to generate, all intranet services are borne on a single old device, the service has no redundancy backup, and once the service fails, the service is interrupted, so that the network operation has a great hidden trouble.
Therefore, the utility model provides an intranet security integrated management system architecture.
Disclosure of Invention
Accordingly, it is necessary to provide an intranet security integrated management system architecture for solving the above-mentioned technical problems.
In order to achieve the above object, the technical scheme of the present utility model is as follows:
the utility model provides an intranet safety integration management system framework, includes intranet server, outer network server, intranet switch, outer network switch, router, host computer and outer network hardware firewall, the host computer is connected with the intranet switch through intranet network interface, the intranet switch passes through the router and is connected with the intranet server, host computer, intranet switch, router and intranet server constitute intranet LAN, the host computer passes through outer network switch, hardware firewall and outer network server and inserts the outer network, the outer network switch passes through the port connection of outer network server and operator transmission network, outer network hardware firewall is connected with the outer network switch.
Specifically, the model numbers of the internal network switch and the external network switch are S9700 series switches.
Specifically, the system further comprises a network security isolation device, and the external network hardware firewall is connected with the network security isolation device.
Specifically, the system further comprises an intranet hardware firewall, and the intranet hardware firewall is connected with the network security isolation device and the intranet switch.
Specifically, the router adopts an IS-IS/BGP routing protocol to deploy file transmission of the internal and external networks.
Specifically, the external network switch also comprises a main link and a backup link, and the external network switch is respectively connected with the main link and the backup link.
The external network switch is connected with the main link node machine and the backup link node respectively.
The utility model has the advantages that: according to the intranet safety integrated management system framework provided by the utility model, the S9700 series switch is adopted to replace the original cisco6509 type switch, so that the service processing capacity is greatly improved compared with that of the prior network, and the redundancy backup link is additionally arranged, the redundancy technology is deployed, and the intranet safety integrated management system framework is automatically switched to standby when faults occur, so that the stability of the network and the stability of the service are ensured.
Drawings
Fig. 1 is a schematic structural diagram of an intranet security integrated management system architecture in an embodiment of the present utility model.
Detailed Description
In order to make the objects, technical solutions and advantages of the present utility model more apparent, the present utility model will be further described in detail by the following detailed description with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the utility model.
Referring to fig. 1, an intranet security integrated management system architecture includes an intranet server, an extranet server, an intranet switch, an extranet switch, a router, a host and an extranet hardware firewall, wherein the host is connected with the intranet switch through an intranet network interface, the intranet switch is connected with the intranet server through the router, the host, the intranet switch, the router and the intranet server form an intranet local area network, the host is accessed to an extranet through the extranet switch, the hardware firewall and the extranet server, the extranet switch is connected with a port of an operator transmission network through the extranet server, and the extranet hardware firewall is connected with the extranet switch for storing extranet data to an extranet host and uploading data in the extranet host to the extranet.
In this embodiment, the internal network switch and the external network switch are both S9700 series switches, and when the S9700 series switch is used as a core switch, compared with the original cisco6509 type switch, the service processing capability is greatly improved compared with the previous network.
In this embodiment, the system further includes a network security isolation device, where the external network hardware firewall is connected to the network security isolation device; the system also comprises an intranet hardware firewall, wherein the intranet hardware firewall is connected with the network safety isolation device and the intranet switch.
In the embodiment, the network security isolation device is arranged, so that the internal network and the external network can be isolated through the network security isolation device, the isolation of the internal network and the external network is realized, and the security and stability of information are improved.
In this embodiment, the router adopts IS-IS/BGP routing protocol to deploy file transfer between the internal and external networks.
In this embodiment, the router according to the present utility model adopts the IS-IS/BGP routing protocol, and IS capable of deploying file transmission (e.g., VXLAN service) of an internal and external network, so that both the original service and the newly added service can be classified into VXLAN, so as to ensure service experience.
In this embodiment, the external network switch further includes a main link and a backup link, where the external network switch is connected to the main link and the backup link respectively; the external network switch is connected with the main link node machine and the backup link node respectively.
In the embodiment, by setting the main link, the backup link, the main link node machine and the backup link node, and by adding the redundant backup link, the redundant technology is deployed, and the network is automatically switched to standby when faults occur, so that the stability of the network and the stability of the service are ensured.
It will be apparent to those skilled in the art that the various step embodiments of the utility model described above may be performed in ways other than those described herein, including but not limited to simulation methods and experimental apparatus described above. The steps of the utility model described above may in some cases be performed in a different order than that shown or described above, they may be performed separately or. Therefore, the present utility model is not limited to any specific combination of hardware and software.
The foregoing is a further detailed description of the utility model in connection with specific embodiments, and is not intended to limit the practice of the utility model to such descriptions. It will be apparent to those skilled in the art that several simple deductions or substitutions may be made without departing from the spirit of the utility model, and these should be considered to be within the scope of the utility model.
Claims (7)
1. The internal network safety integrated management system architecture is characterized by comprising an internal network server, an external network server, an internal network switch, an external network switch, a router, a host and an external network hardware firewall, wherein the host is connected with the internal network switch through an internal network interface, the internal network switch is connected with the internal network server through the router, the host, the internal network switch, the router and the internal network server form an internal network local area network, the host is accessed to the external network through the external network switch, the hardware firewall and the external network server, the external network switch is connected with a port of an operator transmission network through the external network server, and the external network hardware firewall is connected with the external network switch.
2. The intranet security integrated management system architecture of claim 1, wherein the intranet switches and the extranet switches are all S9700 series switches.
3. The intranet security integrated management system architecture of claim 1, further comprising a network security isolation device, wherein the extranet hardware firewall is coupled to the network security isolation device.
4. The intranet security integrated management system architecture of claim 3, further comprising an intranet hardware firewall, wherein the intranet hardware firewall is connected to the network security isolation device and the intranet switch.
5. The intranet security integrated management system architecture of claim 1, wherein the router deploys file transfer for the internal and external networks using IS-IS/BGP routing protocol.
6. The intranet security integrated management system architecture of claim 1, further comprising a main link and a backup link, wherein the extranet switch is connected to the main link and the backup link, respectively.
7. The intranet security integrated management system architecture of claim 6, further comprising a main link node machine and a backup link node machine, wherein the main link node machine is connected with the main link through a node, the backup link node machine is connected with the backup link through a node, and the external network switch is respectively connected with the main link node machine and the backup link node.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202320932324.3U CN219351756U (en) | 2023-04-23 | 2023-04-23 | Intranet safety integrated management system architecture |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202320932324.3U CN219351756U (en) | 2023-04-23 | 2023-04-23 | Intranet safety integrated management system architecture |
Publications (1)
Publication Number | Publication Date |
---|---|
CN219351756U true CN219351756U (en) | 2023-07-14 |
Family
ID=87111279
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202320932324.3U Active CN219351756U (en) | 2023-04-23 | 2023-04-23 | Intranet safety integrated management system architecture |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN219351756U (en) |
-
2023
- 2023-04-23 CN CN202320932324.3U patent/CN219351756U/en active Active
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102148677B (en) | Method for updating address resolution protocol table entries and core switch | |
CN101588304B (en) | Implementation method of VRRP and device | |
US9461841B2 (en) | Communication system, communication method, node, and program for node | |
US20190116114A1 (en) | Packet forwarding method and apparatus | |
US20080068985A1 (en) | Network redundancy method and middle switch apparatus | |
WO2004075485A1 (en) | Network system, spanning tree configuration method, configuration program, and spanning tree configuration node | |
CN103118148B (en) | A kind of ARP buffering updating method and equipment | |
EP3562107A1 (en) | Broadcast packet processing method and processing apparatus, controller, and switch | |
USRE45454E1 (en) | Dual-homing layer 2 switch | |
CN101060533B (en) | A method, system and device for improving the reliability of VGMP protocol | |
CN101252503B (en) | Method and apparatus for switching traffic of looped network | |
CN102326358B (en) | Method, device of cluster system extension and cluster system | |
CN101394309A (en) | Cluster system expanding method, apparatus and cluster system | |
WO2020114017A1 (en) | Data center traffic exchange method and apparatus, device and storage medium | |
CN101340377B (en) | Method, apparatus and system for data transmission in double layer network | |
CN113709046A (en) | PRP-based cross-three-layer exchange parallel redundancy method | |
CN115987778A (en) | Container communication method based on Kubernetes cluster | |
CN101783769A (en) | Method and device for forwarding message during failure of link | |
CN109194592B (en) | Method and system for solving island problem in multi-link network | |
CN111526078A (en) | Sub-ring network redundancy expansion protocol applied to diversified network topology | |
CN219351756U (en) | Intranet safety integrated management system architecture | |
CN108282346B (en) | Software upgrading method and device | |
CN115987871B (en) | MQTT-based topological relation preservation method, device and medium | |
CN102291313B (en) | Method, device and equipment for finding virtual router redundancy protocol (VRRP) network topology | |
CN112003825A (en) | SDN-based virtual network isolation method and SDN controller |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |