KR20170084618A - Network apparatus for controlling traffic with usage pattern of user and method thereof - Google Patents
Network apparatus for controlling traffic with usage pattern of user and method thereof Download PDFInfo
- Publication number
- KR20170084618A KR20170084618A KR1020160003872A KR20160003872A KR20170084618A KR 20170084618 A KR20170084618 A KR 20170084618A KR 1020160003872 A KR1020160003872 A KR 1020160003872A KR 20160003872 A KR20160003872 A KR 20160003872A KR 20170084618 A KR20170084618 A KR 20170084618A
- Authority
- KR
- South Korea
- Prior art keywords
- user
- traffic
- usage pattern
- pattern
- network device
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A network device and a traffic control method for traffic control reflecting a usage pattern of a user are disclosed. A network device according to an embodiment includes a transmitting and receiving unit for transmitting and receiving a packet, a memory for storing a usage pattern of a user, a traffic control policy according to a usage pattern of a user and a usage pattern, And collects traffic information corresponding to the user pattern, and processes the traffic according to the set control policy when the collected traffic matches the set usage pattern.
Description
The present invention relates to network technology, and more particularly, to network management and service technology.
A network device such as a router or a wired / wireless router is used to connect to the Internet through a user terminal at a company or a home. These devices support user control policies and can block or transmit user traffic by a control policy defined as 5-tuple. For example, the network device can set a control policy such as an access control list (ACL), which is a source IP address, a destination IP address, a protocol number, a TCP / UDP source port number, a TCP / UDP destination port number or the like to transmit or block user traffic.
However, the policy set in the network device is fixed by the administrator in advance, and once applied, the traffic of the user matching the condition is blocked unconditionally. If it is necessary to transmit the traffic of the corresponding user by necessity, it is difficult to efficiently use because it is necessary to delete the set control policy and transmit the traffic again after the set control policy is transmitted.
According to an embodiment, a network device and a traffic control method capable of controlling user traffic by considering a usage pattern of a user when the user terminal accesses the Internet network are proposed.
A network device according to an embodiment includes a transmitting and receiving unit for transmitting and receiving a packet, a memory for storing a usage pattern of a user, a traffic control policy according to a usage pattern of a user and a usage pattern, And collects traffic information corresponding to the user pattern, and processes the traffic according to the set control policy when the collected traffic matches the set usage pattern.
According to one embodiment, since the user terminal can control by considering the usage pattern when connecting to the network, it provides more flexibility than the 5-tuple ACL type control. In addition, it is possible to customize traffic control according to the entire usage pattern of individual users, a specific service usage pattern of individual users, and a specific service usage pattern of various users.
For example, using a network device having such a function in the home can prevent children from excessively connecting to a specific game, service, or the like.
1 is a configuration diagram of a network system to which the present invention is applied;
2 is a reference diagram showing an example of a usage pattern set in a network device according to an embodiment of the present invention;
3 is a configuration diagram of a network device according to an embodiment of the present invention;
4 is a flowchart illustrating a traffic control method according to an embodiment of the present invention.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. In addition, the terms described below are defined in consideration of the functions of the present invention, which may vary depending on the intention of the user, the operator, or the like. Therefore, the definition should be based on the contents throughout this specification.
The present invention preliminarily sets a usage pattern defined by an administrator in a network device, selects only a user or a service that meets a predetermined usage pattern condition, and effectively controls only selected traffic. For example, rather than performing traffic control by setting a 5-tuple-based control policy fixedly on a network device used when a user terminal accesses the network, And performs a control policy only on the traffic of the user conforming to the set usage pattern condition. At this time, the user pattern can be set as a whole or individually, such as a total usage pattern of individual users, a specific service usage pattern of individual users, and a specific service usage pattern of various users. Hereinafter, a user traffic control technique considering a user pattern will be described in detail with reference to the following drawings.
1 is a configuration diagram of a network system to which the present invention is applied.
Referring to FIG. 1, a
Blocking traffic based on preset control policies is very simple, but can lead to inconvenience to efficient use of network and user management method. In order to solve this problem, the present invention defines a usage pattern of a user and controls only traffic matching the condition.
2 is a reference diagram showing an example of a usage pattern set in a network device according to an embodiment of the present invention.
Referring to FIG. 1 and FIG. 2, various usage patterns can be set in the
As another example, when a single user sends and receives traffic to multiple services or destination addresses, the general case allows traffic to be forwarded and blocks traffic when it is at a certain time (from several hours to several hours). This usage pattern is defined by the administrator and can efficiently control the use of the user's network. Various user patterns can be defined by combining the source IP address, destination IP address, protocol, and time as well as the above-described usage pattern. In addition, by setting the time at which the control policy is applied, the control policy is controlled only within the application time, thereby enabling more flexible user traffic control.
3 is a block diagram of a network device according to an embodiment of the present invention.
3, the
The transmission /
The
4 is a flowchart illustrating a traffic control method according to an embodiment of the present invention.
Referring to FIG. 4, when the network device receives (401) a packet, it classifies the received packet according to the usage pattern, analyzes the set usage pattern, and collects traffic information matching the usage pattern (402). Then, it is checked whether the condition of the control policy is satisfied based on the collected information according to the usage pattern. If the condition is matched (404), packet control according to the control policy is performed (405) Processing is performed (406). In addition, packets that are not registered as usage patterns or packets that do not match control conditions perform normal packet processing according to the conventional method.
As described above, it is possible to define a usage pattern of a user rather than a fixed type of control such as an ACL type to a network device used by a user terminal to access the network, to collect traffic information according to a usage pattern, It can be more flexibly applied to individual control of a user, control of a specific service of a user, and use of a specific service of a user. In addition, since the control policy duration can be set, once set control policy is released over time, user traffic can be transmitted.
The embodiments of the present invention have been described above. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Therefore, the disclosed embodiments should be considered in an illustrative rather than a restrictive sense. The scope of the present invention is defined by the appended claims rather than by the foregoing description, and all differences within the scope of equivalents thereof should be construed as being included in the present invention.
101: user terminal 102: network device
103: Internet network 104: Server
1020: Transmitting / receiving unit 1022: Processor
1024: Memory
Claims (1)
A memory for storing a usage pattern of a user; And
A traffic control policy according to a usage pattern and a usage pattern of a user is set and stored in the memory, the packets transmitted and received through the transceiver are classified according to usage patterns, the traffic information matching the user pattern is collected, A processor that processes the traffic according to the set control policy if the pattern is met;
Lt; RTI ID = 0.0 > 1, < / RTI >
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160003872A KR20170084618A (en) | 2016-01-12 | 2016-01-12 | Network apparatus for controlling traffic with usage pattern of user and method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160003872A KR20170084618A (en) | 2016-01-12 | 2016-01-12 | Network apparatus for controlling traffic with usage pattern of user and method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20170084618A true KR20170084618A (en) | 2017-07-20 |
Family
ID=59443590
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160003872A KR20170084618A (en) | 2016-01-12 | 2016-01-12 | Network apparatus for controlling traffic with usage pattern of user and method thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20170084618A (en) |
-
2016
- 2016-01-12 KR KR1020160003872A patent/KR20170084618A/en unknown
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11218488B2 (en) | Access enforcement at a wireless access point | |
US10212160B2 (en) | Preserving an authentication state by maintaining a virtual local area network (VLAN) association | |
KR101029954B1 (en) | Providing quality of service for various traffic flows in a communications environment | |
US9276852B2 (en) | Communication system, forwarding node, received packet process method, and program | |
JP5862577B2 (en) | COMMUNICATION SYSTEM, CONTROL DEVICE, POLICY MANAGEMENT DEVICE, COMMUNICATION METHOD, AND PROGRAM | |
US8966075B1 (en) | Accessing a policy server from multiple layer two networks | |
WO2012160809A1 (en) | Communication system, control device, communication method, and program | |
CN108512885A (en) | Network packet to being identified as message queue telemetering transmission packet executes specific action | |
US20160036514A1 (en) | Communication terminal, communication control apparatus, communication system, communication control method, and program | |
EP3982600A1 (en) | Qos policy method, device, and computing device for service configuration | |
CN1996939A (en) | Method for message access control, forwarding engine and communication device | |
US20130028176A1 (en) | Wireless transmission of data packets based on client associations | |
CN104160735B (en) | Send out message processing method, transponder, message processor, message handling system | |
US20130275620A1 (en) | Communication system, control apparatus, communication method, and program | |
CN105052177B (en) | Radio Network System, terminal management apparatus, relay apparatus and communication means | |
KR101712168B1 (en) | Method for controling packet-in message, switch and controller thereof | |
CN106411852B (en) | Distributed terminal access control method and device | |
CN104081801A (en) | Intelligent edge device | |
US20160352686A1 (en) | Transmitting network traffic in accordance with network traffic rules | |
KR20170084618A (en) | Network apparatus for controlling traffic with usage pattern of user and method thereof | |
CN113853776B (en) | Method, system and computer readable medium for network architecture | |
EP2204953A1 (en) | Method, apparatus and system for realizing dynamic correlation of control plane traffic rate | |
US20170019845A1 (en) | Communication terminal, communication method, and program-containing storage medium | |
KR101328735B1 (en) | Apparatus and method for connection cotrol in wireless network environment | |
JP2017059868A (en) | Address management device and communication system |