CN2667565Y - Integrated network isolating card - Google Patents
Integrated network isolating card Download PDFInfo
- Publication number
- CN2667565Y CN2667565Y CN 03248811 CN03248811U CN2667565Y CN 2667565 Y CN2667565 Y CN 2667565Y CN 03248811 CN03248811 CN 03248811 CN 03248811 U CN03248811 U CN 03248811U CN 2667565 Y CN2667565 Y CN 2667565Y
- Authority
- CN
- China
- Prior art keywords
- network interface
- switch
- mac address
- intranet
- control circuit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Small-Scale Networks (AREA)
Abstract
The utility model is an integrated network separating card, comprising a transfer control circuit 1 which chooses work mode according to switch 7 and consists of a latch circuit 8, a magnification driving circuit 9 and a transfer switch 10. The two controlled ends of the transfer switch 10 are respectively connected with control ends of an outer net read-write control switch 11, an outer net MAC address interface control switch 13, an outer hard disk control switch 15, an inner net read-write control switch 12, an inner net MAC address interface control switch 14 and an inner net hard disk control switch 16. The two controlled ends of the inner and the outer net read-write control switch are respectively connected in series between the read-write signal lines of the inner and the outer MAC address interface control switch and a network card control circuit 2. The controlled ends of the inner and outer interface control switches are respectively connected in series with the signal lines of the inner and the outer interfaces and the network card 2. the serial signal lines of the inner and the outer MAC address memorizers are connected with the corresponding port of the network card control circuit 2, which achieves the connection of the inner net and the outer networks in the same PC. The inner and the outer hard disk control switches directly control the inner and the outer hard disks, which achieves the connection of the inner and the outer hard disks in the same PC. The utility model completely achieves physical isolation of the inner net and the outer networks so that each computer in local area network can get on the internet safely, without attacking the inner network.
Description
Technical field
The utility model relates to a kind of computer network spacer assembly, particularly a kind of integrated network isolation card.
Background technology
Present company manager had both needed the employee can carry out information interchange in inside, and to obtain Literacy Internet Resources, do not wish that again the information of enterprises do not incurred loss by not to be allowed enterprise by steal (perhaps being stolen from network by other staff) that the part employee deliberates simultaneously.Simultaneously hardware cost also is reluctant to increase by enterprise.
Do not increasing aspect the cost: that many enterprises and institutions use is virtual office net (VLAN), and the network segment of the MAC Address binding computing machine by terminal user's network interface card is realized physical isolation.Original method is: use two netting twines to cooperate the MAC Address of two network interface cards to carry out the division of the network segment at the switch end, increase an isolation card and a hard disk on terminal computer, realize the physical isolation of inside and outside data.For a long time, all there is certain Security Vulnerability problem in physical isolation card on the market, and is not suitable for the actual state of the virtual office net (VLAN) of many enterprises and institutions.Their ubiquities these shortcomings: use two netting twines to cause the trouble of network topology aspect and cost to increase; Need to increase a network interface card and an isolation card, increase cost and take two PCI expansion slots more, reduce the appearance complementary energy power of computing machine; Because the network segment partitioning of VLAN only can not be distinguished hard disk by binding MAC address, therefore can not prevent the data leak that artificial exchange netting twine causes.
Summary of the invention
The purpose of this utility model aims to provide a kind of integrated network isolation card, and it can concentrate the function of network interface card and physical isolation control card, and integrated two MAC Address, and each MAC Address locks a hard-disk interface and network interface.
It comprises conversion control circuit 1, network interface card control circuit 2, outer network interface 3, interior network interface 4, outer net MAC Address storer 5, Intranet MAC Address storer 6, switch 7, outer net MAC Address read-write control switch 11, Intranet MAC Address read-write control switch 12, outer network interface gauge tap 13, Intranet gauge tap 14, outer net hard disk gauge tap 15, Intranet hard disk gauge tap 16.
Described conversion control circuit 1 also comprises by hardware and latching or software latchs latch cicuit 8, amplification driving circuit 9 and the switch 10 of realization; Wherein 8 latch signal input end is connected with described switch 7, and its latch signal output terminal is connected with control signal conductive channel 10 after amplification driving circuit 9 amplifies;
Described switch 7 is toggle switches, and perhaps one by the soft switch of programme controlled control signal;
A controlled end of described 10 is connected with outer net hard disk gauge tap 15 with the control end of outer net read-write control switch 11, outer network interface gauge tap 13 respectively, and two controlled ends of described outer net MAC Address read-write control switch 11 are series between the reading writing signal line of described outer net MAC Address storer 5 and network interface card control circuit 2; The controlled end of described outer network interface gauge tap 13 is series at respectively between each signal wire of described outer network interface 3 and network interface card control circuit 2; The serial signal line of described outer net MAC Address storer 5 is connected with the corresponding port of network interface card control circuit 2; The controlled end of described outer net hard disk gauge tap 15 is connected in outer net hard disk 17.
The controlled end of another of described 10 is connected with Intranet hard disk gauge tap 16 with the control end of Intranet read-write control switch 12, Intranet gauge tap 14 respectively, and two controlled ends of described Intranet MAC Address read-write control switch 12 are series between the reading writing signal line of described Intranet MAC Address storer 6 and network interface card control circuit 2; The controlled end of described Intranet gauge tap 14 is series at respectively between each signal wire of described interior network interface 4 and network interface card control circuit 2; The serial signal line of described Intranet MAC Address storer 6 is connected with the corresponding port of network interface card control circuit 2; The controlled end of described Intranet hard disk gauge tap 16 is connected in Intranet hard disk 18.
Described network interface card control circuit 2 links to each other with pci bus by slot.
The utlity model has and use single netting twine to reduce cost, reduce the layout work amount, need not increase a network interface card and an isolation card, with low cost increase the appearance complementary energy power of computing machine, because MAC Address and the man-to-man binding of hard disk, so can prevent the advantages such as data leak that artificial exchange netting twine causes.It is a kind of integrated computer physics isolation card and network interface card function, and has two MAC Address and specialize in the isolated product that VLAN is used.This product has high security performance and easy characteristics.Because integrated network interface card and two MAC Address functions on the basis of physical isolation card, it not only can realize PC and physically-isolated requirement, can also bind the MAC Address of network interface card simultaneously, thereby realize that single netting twine enters the physical isolation that PC is realized VLAN.Being specially adapted to needs not only to realize that physical isolation and requirement prevent the artificially situation of enterprises and institutions' virtual office nets (VLAN) of premeditated leakage data.
Description of drawings
Fig. 1 is the utility model schematic block circuit diagram.
Among Fig. 1: 1, conversion control circuit 2, network interface card control circuit 3, outer network interface 4, interior network interface 5, outer net MAC Address storer 6, Intranet MAC Address storer 7, switch 8, latch cicuit 9, amplification driving circuit 10, switch 11, outer net MAC Address read-write control switch 12, Intranet MAC Address read-write control switch 13, outer network interface gauge tap 14, interior network interface gauge tap 15, outer net hard disk gauge tap 16 Intranet hard disk gauge tap 17, outer net hard disk 18, the Intranet hard disk
Embodiment
As shown in Figure 1, it comprises conversion control circuit 1, network interface card control circuit 2, outer network interface 3, interior network interface 4, outer net MAC Address storer 5, Intranet MAC Address storer 6, switch 7, outer net MAC Address read-write control switch 11, Intranet MAC Address read-write control switch 12, outer network interface gauge tap 13, Intranet gauge tap 14; Outer net hard disk gauge tap 15, Intranet hard disk gauge tap 16.
Described conversion control circuit 1 also comprises latch cicuit 8, amplification driving circuit 9 and switch 10; Wherein the latch signal input end of latch cicuit 8 is connected with described switch 7, and its latch signal output terminal is connected with control signal conductive channel switch 10 after amplification driving circuit 9 amplifies;
Described switch 7 is toggle switches, and perhaps one by the soft switch of programme controlled control signal;
A controlled end of described 10 is connected with outer net hard disk gauge tap 15 with the control end of outer net read-write control switch 11, outer network interface gauge tap 13 respectively, and two controlled ends of described outer net MAC Address read-write control switch 11 are series between the reading writing signal line of described outer net MAC Address storer 5 and network interface card control circuit 2; The controlled end of described outer network interface gauge tap 13 is series at respectively between each signal wire of described outer network interface 3 and network interface card control circuit 2; The serial signal line of described outer net MAC Address storer 5 is connected with the corresponding port of network interface card control circuit 2; The controlled end of described outer net hard disk gauge tap 15 is connected in outer net hard disk 17.
The controlled end of another of described 10 is connected with Intranet hard disk gauge tap 16 with the control end of Intranet read-write control switch 12, Intranet gauge tap 14 respectively, and two controlled ends of described Intranet MAC Address read-write control switch 12 are series between the reading writing signal line of described Intranet MAC Address storer 6 and network interface card control circuit 2; The controlled end of described Intranet gauge tap 14 is series at respectively between each signal wire of described interior network interface 4 and network interface card control circuit 2; The serial signal line of described Intranet MAC Address storer 6 is connected with the corresponding port of network interface card control circuit 2; The controlled end of described Intranet hard disk gauge tap 16 is connected in Intranet hard disk 18.
Described network interface card control circuit 2 links to each other with pci bus by slot.
If switch 7 is in the Intranet position, this signal is sent to latch cicuit 8 and latchs, amplify 10 actions of driving switch through amplification driving circuit 9, select control Intranet MAC Address read-write control switch 12, Intranet gauge tap 14 and Intranet hard disk gauge tap 16 are made action, make the reading writing signal line of Intranet MAC Address storer 6 be communicated to network interface card control circuit 2, and network interface 4 and Intranet hard disk 18 are effective in making, network interface card control circuit 2 is enabled Intranet MAC Address storer 6 by string line, thereby confirms to distribute this terminal to be in the Intranet operator scheme at the server that links to each other with network interface card control circuit 2 by pci bus.Otherwise, then be in the outer net operator scheme.It is the microprocessor of RTL8139 that described network interface card control circuit 2 adopts model, and it is the EEROM storer of 93C46 that described outer net MAC Address storer 5, Intranet MAC Address storer 6 adopt model.Outer network interface 3 and interior network interface 4 all adopt the RJ45 interface.
It has realized following function: realize being connected of Intranet and two networks of outer net on same PC.Thoroughly realize the physical isolation of Intranet and outer net by hardware, make in the LAN (Local Area Network) any computing machine INTERNET net on the ground that can both be perfectly safe, and Intranet can be not under attack.Can freely switch between inside and outside two kinds of heterogeneous networks.The integrated network card function, and have two MAC Address.A MAC Address of hard disk locking and a network interface are come in and gone out and are held.Also can be made as single netting twine directly imports.Avoid multi-platform work conflict: because two incompatible fully systems are owing to be installed in different hard disks, so can share the hardware resource beyond the hard disk, independent operating system, program and data are independent fully, do not disturb mutually, do not conflict mutually.
And have following characteristics:, safe and reliable during conversion by the powered-down or the removing internal memory that resets; The computer interface of employing standard, network interface; Adopt two hard disks to switch pure hardware design, absolute physical is isolated.Prevent that effectively internet worm and network hacker from attacking Intranet by outer net, Intranet is operated in the environment as safe as a house.According to customer requirements, can shield or increase floppy disk, CD prompt facility floppy drive and CD-ROM drive.If in the driver disk is arranged when switching, can point out the taking-up disk; Applicable to single two routing networks; The network interface card function of the two MAC Address of integrated belt; The network interface card function is controlled by pci bus; Has hard disk, network interface, MAC Address lock function simultaneously; Support operating systems such as DOS, WINDOWS9.X/ME/NT/2000/XP.Do not take the computer-internal resource, can not have any impact performance and the network of PC.Install simply, friendly interface, easy to use, non-maintaining appearance design uniqueness, visual effect is strong.
Adopt the pci bus standard that the 10/100M adaptive net card of 32 data transmission capabilities is provided for the user.
Claims (3)
1, a kind of integrated network isolation card is characterized in that it comprises conversion control circuit (1), network interface card control circuit (2), outer network interface (3), interior network interface (4), outer net MAC Address storer (5), Intranet MAC Address storer (6), switch (7), outer net MAC Address read-write control switch (11), Intranet MAC Address read-write control switch (12), outer network interface gauge tap (13) and Intranet gauge tap (14); The outer net hard disk gauge tap (15) that is connected with the controlled end of outer net hard disk, the Intranet hard disk gauge tap (16) that is connected with the controlled end of Intranet hard disk;
Described conversion control circuit (1) also comprises latch cicuit (8), amplification driving circuit (9) and switch (10); Wherein the latch signal input end of latch cicuit (8) is connected with described switch (7), and its latch signal output terminal is connected with control signal conductive channel switch (10) after amplification driving circuit (9) amplifies;
A controlled end of described switch (10) is connected with outer net read-write control switch (11), outer network interface gauge tap (13) and the control end of outer net hard disk gauge tap (15) respectively, and two controlled ends of described outer net read-write control switch (11) are series between the reading writing signal line of described outer net MAC Address storer (5) and network interface card control circuit (2); The controlled end of described outer network interface gauge tap (13) is series at respectively between each signal wire of described outer network interface (3) and network interface card control circuit (2); The serial signal line of described outer net MAC Address storer (5) is connected with the corresponding port of network interface card control circuit (2);
Another controlled end of described switch (10) is connected with Intranet read-write control switch (12), Intranet gauge tap (14) and the control end of Intranet hard disk gauge tap (16) respectively, and two controlled ends of described Intranet read-write control switch (12) are series between the reading writing signal line of described Intranet MAC Address storer (6) and network interface card control circuit (2); The controlled end of described Intranet gauge tap (14) is series at respectively between each signal wire of described interior network interface (4) and network interface card control circuit (2); The serial signal line of described Intranet MAC Address storer (6) is connected with the corresponding port of network interface card control circuit (2).
2, a kind of integrated network isolation card as claimed in claim 1, it is characterized in that it is the microprocessor of RTL8139 that described network interface card control circuit (2) adopts model, it is the EEROM storer of 93C46 that described outer net MAC Address storer (5), Intranet MAC Address storer (6) adopt model, and described outer network interface (3) and interior network interface (4) all adopt the RJ45 interface.
3, as a kind of integrated network isolation card of claim 1 or 2, it is characterized in that described switch (7) is a toggle switch, perhaps one by the soft switch of programme controlled control signal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03248811 CN2667565Y (en) | 2003-09-19 | 2003-09-19 | Integrated network isolating card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03248811 CN2667565Y (en) | 2003-09-19 | 2003-09-19 | Integrated network isolating card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2667565Y true CN2667565Y (en) | 2004-12-29 |
Family
ID=34327388
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 03248811 Expired - Fee Related CN2667565Y (en) | 2003-09-19 | 2003-09-19 | Integrated network isolating card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2667565Y (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101170587B (en) * | 2007-11-19 | 2010-12-08 | 中兴通讯股份有限公司 | A personal computer system and method for dynamically switching communication port |
| CN102904748A (en) * | 2012-09-18 | 2013-01-30 | 四川省电力公司绵阳电业局 | Internal/external network controller |
| CN102932372A (en) * | 2012-11-22 | 2013-02-13 | 山东中孚信息产业股份有限公司 | Network security isolation card and implementation method thereof |
| CN113111393A (en) * | 2020-01-13 | 2021-07-13 | 华为技术有限公司 | Component system, terminal equipment and dual-operating-system isolation method |
-
2003
- 2003-09-19 CN CN 03248811 patent/CN2667565Y/en not_active Expired - Fee Related
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101170587B (en) * | 2007-11-19 | 2010-12-08 | 中兴通讯股份有限公司 | A personal computer system and method for dynamically switching communication port |
| CN102904748A (en) * | 2012-09-18 | 2013-01-30 | 四川省电力公司绵阳电业局 | Internal/external network controller |
| CN102932372A (en) * | 2012-11-22 | 2013-02-13 | 山东中孚信息产业股份有限公司 | Network security isolation card and implementation method thereof |
| CN102932372B (en) * | 2012-11-22 | 2015-04-15 | 山东中孚信息产业股份有限公司 | Network security isolation card and implementation method thereof |
| CN113111393A (en) * | 2020-01-13 | 2021-07-13 | 华为技术有限公司 | Component system, terminal equipment and dual-operating-system isolation method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2768687A1 (en) | Passive video multiplexing method and apparatus | |
| CN101277214B (en) | Method and system for managing blade type server | |
| CN1288620A (en) | Method and apparatus for automatically reducing cross-talk between coupled to a common network device | |
| MXPA02010378A (en) | Programmatic masking of storage units. | |
| CN101018119A (en) | Hardware-based server network security centralized management system without relevance to the operation system | |
| CN101661380A (en) | Storage device | |
| CN2667565Y (en) | Integrated network isolating card | |
| CN105516189A (en) | Network security enforcement system and method based on big data platform | |
| CN105450494A (en) | Virtual network and method for implementing same | |
| US20080183937A1 (en) | Method and Apparatus to Reduce EMI Emissions Over Wide Port SAS Buses | |
| CN1317846C (en) | Method of realizing internal external network physical partition and its device | |
| CN2785015Y (en) | Network safe system based on NC system | |
| CN2684479Y (en) | Security isolation apparatus for unidirectional connection network | |
| CN111131280A (en) | Internal and external network isolation system | |
| CN1278248C (en) | Data isolation switching transmission method based on extended data bus of embedded system | |
| CN100435512C (en) | Network isolating device based on PCI bus and its method | |
| CN2790053Y (en) | Mixed network isolation system | |
| CN2790051Y (en) | Network isolation device based on PCI bus | |
| US9535872B2 (en) | Physical chassis as a different number of logical chassis | |
| CN1815416A (en) | Keyboard circuit | |
| CN1301469C (en) | Control circuit and method of double hot plug-in IDE devices | |
| CN1464655A (en) | New modulation method of OFDMA system | |
| CN200980093Y (en) | A 10/100M self-adaptive double network card of the quick Ethernet | |
| CN2645134Y (en) | Line concentration network safety isolation switching device | |
| CN2588676Y (en) | Rewiring free and on-line interference network teleterminal switching physical isolatio device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20041229 Termination date: 20120919 |