JP3210462U - Network security equipment - Google Patents

Abstract

Provided is a network security device that can reliably prevent an open network, a closed network, and an intermediate server from being connected simultaneously, can be easily introduced, and realizes redundancy. An intermediate server, a power supply control device, an external server, two external hubs, and an internal server, and internal hubs are provided. The on / off of the power switch of the internal hub can be controlled, and the power switches of the external hubs 4A, 4B and the internal hubs 6A, 6B are all off, only one power switch is on, and only the other power switch is on. Controlled by one of the states, the intermediate server 1, the external server 3, and the internal server 5 perform a predetermined operation in each state repeated in a certain order. [Selection] Figure 1

Description

  The present invention is installed between an open network such as the Internet and a closed network such as an in-house LAN, and is used for security measures such as prevention of virus intrusion from the open network to the closed network and information leakage from the closed network to the open network. The present invention relates to a suitable network security device.

Organizations such as corporations establish closed networks such as LANs to manage various information and share them within the organization, as well as open closed networks to communicate outside the organization and collect information. Connected to the network.
However, since the closed network is connected to the open network, it is necessary to take measures such as prevention of virus intrusion from the open network to the closed network and information leakage prevention from the closed network to the open network.
The main means for the countermeasures include, for example, anti-virus software installed on each computer to prevent infection with a virus, or a predetermined FW server installed between the closed network and the open network. There are known firewalls that control relaying of information based on rules.

However, since anti-virus software cannot eliminate new types of viruses, computers in a closed network may be attacked and secret information may be leaked to the outside, and the FW server itself is also infected by viruses. If this happens, there is a risk that the defense function cannot be achieved.
In order to deal with such a risk, Patent Document 1 (Japanese Patent Laid-Open No. 2009-176292) describes processing confidential information between the non-secure network 250 (open network) and the secure network 322 (closed network). A network security device is disclosed that includes means for connecting the processor 101 to the secure network 322 only when the non-secure network 250 is disconnected from the processor 101 with the processor 101 configured to be interposed therebetween ( In particular, see claim 12, paragraph 0050 and FIG.

  However, the network security device described in Patent Document 1 connects the processor 101 to the secure network 322 when the non-secure network 250 is disconnected from the processor 101, and the secure network 322 is disconnected from the processor 101. Since a special device using the switch 104, the ratchet 106, and the handle 108 is sometimes used as means for connecting the processor 101 to the non-secure network 250, it cannot be easily introduced.

JP 2009-176292 A

In consideration of such circumstances, the present invention provides a network security device that can reliably prevent an open network, a closed network, and an intermediate server from being connected simultaneously by combining commonly used devices. In addition to making it easy to install, the intermediate server installed between the open network and the closed network is not connected to any network, and virus check is performed on the intermediate server to improve safety. Was made as the first issue.
In addition, the present invention increases the data transmission speed of a download file transmitted from an open network to a closed network and an upload file transmitted from the closed network to the open network, and connects the open network and the intermediate server. In order to avoid the stop of the network security device due to the failure of the hub arranged in the middle of the transmission path connecting the closed network and the intermediate server, the second problem is to realize the redundancy of the device It is.

The device according to claim 1 is a network security device installed between an external network and an internal network,
An intermediate server having a download memory and an upload memory, a power control device controlled by the intermediate server, an external server connected to an external network, an external hub connected between the intermediate server, and an internal network An internal hub connected between the connected internal server and the intermediate server;
The power control device can control on / off of a power switch of the external hub and a power switch of the internal hub,
The intermediate server includes the following means (1) to (8) and means for repeatedly operating these means in the same order.
(1) Means for controlling only the power switch of the external hub from the state where both the power switch of the external hub and the power switch of the internal hub are off.
(2) When only the power switch of the external hub is turned on, the download file is received from the external server and stored in the download memory, and the upload file stored in the upload memory is transmitted to the external server. A means by which an action can be performed.
(3) Means for controlling the power switch of the external hub from being turned on only to the power switch of the external hub being turned off.
(4) When both the power switch of the external hub and the power switch of the internal hub are off, the downloaded file stored in the download memory is checked for viruses, and if it is determined that there is a virus, the virus is removed. Means to do.
(5) Means for controlling only the power switch of the internal hub from the state where both the power switch of the external hub and the power switch of the internal hub are off.
(6) When only the power switch of the internal hub is turned on, the download file stored in the download memory is transmitted to the internal server, and the upload file is received from the internal server and stored in the upload memory. A means by which an action can be performed.
(7) Means for controlling the power switch of the internal hub from being turned on only to the power switch of the internal hub being turned off.
(8) Means for checking an uploaded file stored in the upload memory when both the power switch of the external hub and the power switch of the internal hub are off.

  According to a second aspect of the present invention, in the network security device according to the first aspect, the external hub and the plurality of internal hubs are provided in plural.

  The invention according to claim 3 is the network security device according to claim 1 or 2, wherein the intermediate server has a monitor, and the file name of the download file stored in the download memory and the upload memory. And a means for displaying on the monitor the file name of the uploaded file, the virus check result for the download file, and the check result for the upload file.

According to the network security device of the invention according to claim 1, an intermediate server having a download memory and an upload memory, a power control device controlled by the intermediate server, an external server connected to the external network, and the intermediate server An external hub connected in between, and an internal hub connected between the internal server and the intermediate server connected to the internal network,
The power control device can control the on / off of the power switch of the external hub and the power switch of the internal hub,
By controlling the power control device with an intermediate server, both the external hub power switch and the internal hub power switch are off, only the external hub power switch is on, and only the internal hub power switch is on. Controlled by either
The intermediate server can execute the operation to receive the download file from the external server and store it in the download memory and the operation to send the upload file stored in the upload memory to the external server when only the power switch of the external hub is on And
Control the power switch of the external hub from the state where only the power switch of the external hub is on to the off state,
When the power switch of the external hub and the power switch of the internal hub are both off, the downloaded file stored in the download memory is checked for viruses, and if it is determined that there is a virus, the virus is removed.
In the state where only the power switch of the internal hub is on, it is possible to execute the operation of transmitting the download file stored in the download memory to the internal server and the operation of receiving the upload file from the internal server and storing it in the upload memory.
Control the power switch of the internal hub from the on state to the off state.
When both the external hub power switch and the internal hub power switch are off, a series of operations for checking the uploaded files stored in the upload memory are repeatedly executed in the same order. An unauthorized person such as the above cannot directly access an internal server or a computer in the internal network from the external network.
In addition, download files stored in the download memory and upload files stored in the upload memory are checked for viruses by the intermediate server 1 that is not susceptible to cyber attacks, so a download file containing a virus is sent to the internal server. No upload file that should not be uploaded is sent to the external server.

According to the second aspect of the present invention, in addition to the effect of the network security device of the first aspect, the plurality of external hubs and internal hubs are provided. Redundancy can be realized.
Note that the hub installed between the two servers is not frequently turned on / off in normal use, so there is a possibility that operation is not guaranteed when the number of on / off operations is large. In some cases, the above effects are particularly important.

  According to the invention of claim 3, in addition to the effects of the network security device of the invention of claim 1 or 2, the intermediate server has a monitor, the file name of the download file stored in the download memory, the upload memory Since the file name of the uploaded file stored in the file, the result of the virus check for the downloaded file and the result of the check for the uploaded file are displayed on the monitor, the downloaded file received from the external server by the intermediate server and the internal server It is possible to easily grasp information such as the processing status and the check result for the uploaded file received from.

The figure which shows the structure etc. of the network security apparatus of an Example. A table that organizes the commands of intermediate servers and the operations of each server.

  Hereinafter, embodiments of the present invention will be described by way of examples.

FIG. 1 is a diagram illustrating a configuration of a network security device according to an embodiment and a connection state between the network security device and an external server connected to an open network and an internal server connected to a closed network.
As shown in FIG. 1, the network security apparatus according to the embodiment has the following configuration.
(1) An intermediate server 1 having a download memory and an upload memory (not shown).
The intermediate server 1 has a monitor 1M for displaying various information and an input unit 1N for inputting various information.
(2) A power supply control device 2 controlled by the intermediate server 1.
(3) An upload file that is connected between the external server 3 and the intermediate server 1 connected to the open network and is stored in the upload memory in the intermediate server 1 and a download file that is stored in the external server 3 The two external hubs 4A and 4B that amplify the data signal and transmit the data signal to the external server 3 and the intermediate server 1, respectively.
The external server 3 has a monitor 3M for displaying various information and an input unit 3N for inputting various information.
The two external hubs 4A and 4B transmit and receive data when two of them are functioning, and transmit and receive data only with the other external hub when one of them is out of order and cannot be used.
(4) A download file connected between the internal server 5 and the intermediate server 1 connected to the closed network and stored in the download memory in the intermediate server 1 and an upload file stored in the internal server 5 Two internal hubs 6A and 6B for amplifying the data signals of the two and transmitting them to the internal server 5 and the intermediate server 1, respectively.
The internal server 5 has a monitor 5M for displaying various information and an input unit 5N for inputting various information.
The two internal hubs 6A and 6B, like the external hubs 4A and 4B, send and receive data when both are functioning, and when one is out of order and cannot be used, only the other internal hub Send and receive data.

The power switches of the external hubs 4A and 4B and the internal hubs 6A and 6B are controlled to be turned on and off by the power control device 2 based on command commands to be described later from the intermediate server 1, respectively. Either the power switch of 4B and the power switch of the internal hubs 6A and 6B are both off, only the power switch of the external hubs 4A and 4B is on, or only the power switch of the internal hubs 6A and 6B is on. Be controlled.
As shown in FIG. 1, the external server 3 is connected to the Internet line 7, and the internal server 5 is connected to a plurality of personal computers (hereinafter referred to as “PCs”) 9 via the LAN line 8.

The intermediate server 1 includes a monitor 1M and an input unit 1N. The monitor 1M includes a file name of a download file received from the external server 3 and stored in a download memory, and a progress of virus check on the download file. As a result, a warning when it is determined that there is a virus, a notification that virus removal processing has been performed, the file name of the upload file received from the internal server 5 and stored in the upload memory, and the progress of the check on the upload file As a result, when it is determined that there is a virus, a warning or notification that virus removal processing has been performed, and when it is determined that the file is prohibited from being uploaded, processing that cancels the warning or upload is performed. Display an announcement.
In addition, the administrator can check download files and upload files as necessary, and can input whether the files can be downloaded or uploaded from the input unit 1N.

  Similarly, the external server 3 includes a monitor 3M and an input unit 3N, and the internal server 5 includes a monitor 5M and an input unit 5N. The monitor 3M includes a file name of a download file obtained from an open network, and a download. The progress of the virus check on the file and the result, a warning when it is determined that there is a virus, and a notification that virus removal processing has been performed are displayed, and the monitor 5M is sent from the PC 9 in the closed network or the internal server 5 The file name of the uploaded file itself, the progress and result of the check on the uploaded file, a warning when it is determined that there is a virus, a notification that virus removal processing has been performed, and a file for which uploading is prohibited Warnings and warnings when it is determined that To display a notice to the effect that performing the process to stop the load.

  Next, the command command output from the intermediate server 1, the state of the power switches of the external hubs 4A and 4B and the internal hubs 6A and 6B after receiving the command commands, the intermediate server 1, the external server 3 and the internal in each state The operation of the server 5 will be described in order.

(1) Command to control only the power switch of the external hub to be in the ON state The intermediate server 1 is in the state of 3 to 10 minutes after the power switches of the external hubs 4A and 4B and the internal hubs 6A and 6B are both turned off. When the time has elapsed, a command command is output to the power supply control device 2 so that only the power switches of the external hubs 4A and 4B are controlled to be in an ON state.
(2) Operation in a state where only the power switch of the external hub is on The intermediate server 1 receives the download file put in the download folder of the external server 3 and stores it in the download memory. The upload file stored in the upload memory is transmitted to the external server 3.
In the external server 3, the download file put in the download folder is transmitted to the intermediate server 1. Also, the upload file received from the intermediate server 1 is uploaded to the open network if no virus is found after being put into the upload folder and checked for viruses.
From the upload file upload folder input to the end of the upload, the file name is displayed on the monitor 3M to inform that it is being processed.
In the internal server 5, when an upload file is transmitted from the PC 9 in the closed network, the file is input to the upload folder. When a file stored in the internal server 5 itself is selected as an upload file, the file name is displayed on the monitor 5M, and an instruction is given when an operation for instructing upload (such as clicking an OK icon) is performed. Uploaded files are placed in the upload folder.

(3) Command to control the power switch of the external hub to the OFF state The intermediate server 1 determines that the external hub 4A, 3A, and 3B have passed after the power switch of the external hubs 4A and 4B is turned on. A command command is output to the power supply control device 2 so as to control the power switch of 4B to the OFF state.
(4) Operation when both the external hub and the internal hub are switched off The intermediate server 1 performs a virus check on the downloaded file stored in the download memory during the operation (2), and determines that there is a virus. If it does, disinfect the virus and warn if necessary.
The warning is displayed on the monitor 1M of the intermediate server 1 or displayed on the monitor of the server administrator's PC to notify that a download file containing a virus has been found.
In addition, virus removal may be performed only by deleting a download file that is determined to have a virus, but it is transferred from the download memory to the check memory so that it is not transmitted to the internal server 5 and is used for subsequent virus countermeasures. You may do it.
In the external server 3, when a download file to be acquired from an open network is selected, the file name is displayed on the monitor 3M. When an operation for instructing download (such as clicking an OK icon) is performed, the designated download file is downloaded. It is put in the folder.
In the internal server 5, the operation state (2) is maintained.

(5) Command to control only the power switch of the internal hub to the on state When the intermediate server 1 passes 3 to 10 minutes after the power switch of the external hub 4A, 4B is turned off, the internal hub 6A, A command command is output to the power supply control device 2 so that only the 6B power switch is controlled to be turned on.
(6) Operation in a state where only the power switch of the internal hub is on The intermediate server 1 receives the upload file input to the upload folder of the internal server 5 and stores it in the upload memory. Further, the download file stored in the download memory is transmitted to the internal server 5.
In the external server 3, the operation state (4) is maintained.
In the internal server 5, the upload file input to the upload folder during the operations (2) and (4) is transmitted to the intermediate server 1. The download file received from the intermediate server 1 is sent to a predetermined PC in the closed network if no virus is found after being put in the download folder and checked for viruses.
Then, from the input of the download folder of the download file to the end of transmission to the PC, the file name is displayed on the monitor 5M to notify that it is being processed.

(7) Command to control the power switch of the internal hub to the off state When 3 to 10 minutes have elapsed since only the power switch of the internal hub 6A, 6B is turned on, the power switch of the internal hub 6A, 6B should be turned off. A command command is output to the power supply control device 2 so as to control to the off state.
(8) Operation when both the external hub and the internal hub are turned off The intermediate server 1 checks the uploaded files stored in the upload memory during the state (6), and checks whether there is a virus and uploads. It is determined whether the file to be uploaded is a file for which uploading of confidential documents or the like is prohibited.
As a result, if it is determined that there is a virus, the virus is removed and a warning is issued as necessary. If it is determined that the file is prohibited from being uploaded, the upload is stopped and a warning is issued if necessary.
In the external server 3, the operation state (6) is maintained.
The internal server 5 returns to the operation state (2).

Then, by repeating the commands and operations (1) to (8) in the same order, the download file is transferred from the open network and the external server 3 to the internal server 5 and the PC 9, and the PC 9 and the internal server 5 to the external server 3 In addition, the upload file can be smoothly transferred to the open network.
In addition, since the intermediate server 1, the external server 3 and the internal server 5 are not connected at the same time when transferring the download file or the upload file, the remote operation to the internal server 5 and the PC 9 from the open network side is surely prevented. can do.
In addition, since the intermediate server 1 that is not easily attacked by a cyber attack checks the virus for the downloaded file, checks the virus for the uploaded file, and checks whether the file is prohibited from being uploaded, a highly secure system can be constructed.
FIG. 2 is a table in which the commands and operations of (1) to (8) are arranged, but download is abbreviated as DL and upload is abbreviated as UL.

The modification of an Example is listed.
(1) The network security device of the embodiment includes the two external hubs 4A and 4B and the two internal hubs 6A and 6B. However, if the external hub and the internal hub are both durable and reliable, Only one external hub 4A and one internal hub 6A may be provided.
On the contrary, when there is a concern about the durability and reliability of the external hub and the internal hub, three or more external hubs or internal hubs may be provided for further redundancy.
(2) The intermediate server 1, the external server 3 and the internal server 5 of the embodiment had the monitor 1M and the input unit 1N, the monitor 3M and the input unit 3N, and the monitor 5M and the input unit 5N, respectively. It is not necessary, and various information may be displayed and input by other terminals or PCs connected to each server.
Further, if the application of the intermediate server 1 can be changed only by replacing the ROM or mounting a special external memory, the safety can be further improved.

(3) In the embodiment, when 3 to 10 minutes have passed since entering each state, a command command for changing the on / off state of the power switch of the external hub 4A, 4B or the internal hub 6A, 6B is output. The output may be made any time after a predetermined time longer than the time required for transmission / reception and check of the file and the upload file (usually about 1 minute).
(4) In the embodiment, the external server 3 performs a virus check on the uploaded file, and the internal server 5 performs a virus check on the download file. However, these virus checks are also performed on the intermediate server 1. The virus check on the external server 3 and the internal server 5 may be omitted.
(5) In the embodiment, the intermediate server 1 checks whether or not the uploaded file is a virus-checked and upload-prohibited file, but if the check is performed by the internal server 5 The check on the uploaded file in the intermediate server 1 can be omitted.
In such a case, the intermediate server 1 only performs a minimum check (for example, confirmation of a file name or an identifier) on the uploaded file, so that the time required for the operation (8) can be shortened.

(6) In the embodiment, the network security device is installed between the open network and the closed network, but it may be installed between two closed networks or between two open networks.
Therefore, in the scope of claims for utility model registration, the means for solving the problems, and the effects of the invention, the open network in the embodiment is described as an external network, and the closed network is described as an internal network.

DESCRIPTION OF SYMBOLS 1 Intermediate server 1M Monitor of intermediate server 1N Input part of intermediate server 1 2 Power supply control device 3 External server 3M Monitor of external server 3 3N Input part of external server 3 4A, 4B External hub 5 Internal server 5M Monitor of internal server 5 5N Input part of internal server 5 6A, 6B Internal hub 7 Internet line 8 LAN line 9 Personal computer (PC)

Claims (3)

A network security device installed between an external network and an internal network,
An intermediate server having a download memory and an upload memory, a power control device controlled by the intermediate server, an external server connected to an external network, an external hub connected between the intermediate server, and an internal network An internal hub connected between the connected internal server and the intermediate server;
The power control device can control on / off of a power switch of the external hub and a power switch of the internal hub,
The intermediate server includes the following means (1) to (8) and means for repeatedly operating these means in the same order.
(1) Means for controlling only the power switch of the external hub from the state where both the power switch of the external hub and the power switch of the internal hub are off.
(2) When only the power switch of the external hub is turned on, the download file is received from the external server and stored in the download memory, and the upload file stored in the upload memory is transmitted to the external server. A means by which an action can be performed.
(3) Means for controlling the power switch of the external hub from being turned on only to the power switch of the external hub being turned off.
(4) When both the power switch of the external hub and the power switch of the internal hub are off, the downloaded file stored in the download memory is checked for viruses, and if it is determined that there is a virus, the virus is removed. Means to do.
(5) Means for controlling only the power switch of the internal hub from the state where both the power switch of the external hub and the power switch of the internal hub are off.
(6) When only the power switch of the internal hub is turned on, the download file stored in the download memory is transmitted to the internal server, and the upload file is received from the internal server and stored in the upload memory. A means by which an action can be performed.
(7) Means for controlling the power switch of the internal hub from being turned on only to the power switch of the internal hub being turned off.
(8) Means for checking an uploaded file stored in the upload memory when both the power switch of the external hub and the power switch of the internal hub are off. The network security device according to claim 1, comprising a plurality of external hubs and internal hubs. The intermediate server has a monitor, and the file name of the download file stored in the download memory, the file name of the upload file stored in the upload memory, the result of the virus check for the download file, and the upload file The network security device according to claim 1, further comprising a means for displaying a result of a check on the monitor on the monitor.