WO2007030989A1 - Un systeme de gestion de reseau et le procede correspondant - Google Patents

Un systeme de gestion de reseau et le procede correspondant Download PDF

Info

Publication number
WO2007030989A1
WO2007030989A1 PCT/CN2006/000988 CN2006000988W WO2007030989A1 WO 2007030989 A1 WO2007030989 A1 WO 2007030989A1 CN 2006000988 W CN2006000988 W CN 2006000988W WO 2007030989 A1 WO2007030989 A1 WO 2007030989A1
Authority
WO
WIPO (PCT)
Prior art keywords
ssh
server
snmp
client
module
Prior art date
Application number
PCT/CN2006/000988
Other languages
English (en)
Chinese (zh)
Inventor
Fuyou Miao
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007030989A1 publication Critical patent/WO2007030989A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network

Definitions

  • the present invention relates to the field of network management technologies, and in particular, to a network management system and method. Background technique
  • SNMP Simple Network Management Protocol
  • the S:NMP agent module (agent) is in the managed device for monitoring the operation of the managed device; the SNMP management module (manager) is located at the network management station, and the managed device is obtained through the SNMP agent module. Run the situation and send the administrator's configuration data to the managed device.
  • SNMP has now evolved to the third version of SNMP V3.
  • the security management mode has been added to SNMP V3
  • USM User-based Security Model
  • the USM is a module embedded in SNMP.
  • the other modules send the security requirements and security parameters (security name, key, and security level) of the packets to the USM.
  • the USM processes the packets based on these parameters, including the data source. Verification, data integrity and confidentiality.
  • the USM model needs to configure information such as the key and user name between every two SNMP agents and the network management station.
  • information such as the key and user name between every two SNMP agents and the network management station.
  • the USM account or the USM key cannot be used in common with other network management systems, which greatly increases the management complexity of SNMP.
  • SSH Secure Shell
  • the USM account must be re-established for the user in SNMP, which inevitably increases SNMP. The complexity of security management.
  • the main object of the present invention is to propose a network management system to reduce the complexity of SNMP security management.
  • Another object of the present invention is to provide a network management method to reduce the complexity of SNMP security management.
  • the present invention provides the following technical solutions:
  • a network management system includes: an SNMP agent module and an SNMP management module, and the system further includes:
  • a session channel establishing device respectively connected to the SNMP agent module and the SNMP management module, configured to establish, between the SNMP agent module and the SNMP management module, the SNMP agent module and the SNMP by using a secure shell SSH protocol
  • the management channel performs a session channel for data interaction.
  • the session channel establishing device includes: an SSH client and an SSH server connected thereto, where
  • the SSH client is further connected to the SNMP management module, configured to establish an SSH transmission connection with the SSH server according to the request of the SNMP management module, and initiate a user authentication request to the SSH server;
  • the SSH server is further connected to the SNMP agent module, and is configured to verify the user authentication request sent by the SSH client, establish a session channel with the SSH client on the SSH transmission connection, and start the SNMP agent module connected thereto as a child. system.
  • the SNMP management module and the SSH client are in the same process.
  • the SNMP agent module and the SSH server connected thereto are located in different processes on the same device.
  • the number of the SSH server and the SNMP agent module are the same, one or more, and corresponding to the connection.
  • the SSH client is connected to each SSH server.
  • the system further includes:
  • the authentication server is connected to the SSH server, and is configured to verify the user authentication request forwarded by the SSH server, and send the verification result to the SSH server.
  • a network management method for a management station to manage managed devices through a simple network management protocol comprising:
  • the SNMP agent module and the SNMP management module exchange data by using the session channel.
  • the step A includes:
  • the SSH client establishes an SSH connection with the SSH server according to the request of the SNMP management module.
  • the SSH client initiates a user authentication request to the SSH server by using the SSH transport connection.
  • the SSH server verifies the user authentication request
  • the SSH server After the verification is passed, the SSH server establishes a session channel with the SSH client and starts the SNMP agent module.
  • the steps of establishing an SSH transmission connection between the SSH client and the SSH server include:
  • the SSH client initiates an SSH transport connection creation request to the SSH server.
  • the SSH server listens for the transport connection creation request and creates an SSH transport connection with the SSH client based on the transport connection creation request.
  • the method further includes:
  • the SSH server After the SSH server detects the SSH client connection creation request from the SSH client, it provides a digital signature to the SSH client.
  • the SSH client checks the digital signature.
  • the step of the SSH client initiating a user authentication request to the SSH server is specifically as follows:
  • the SSH client initiates a password authentication request to the SSH server.
  • the steps of the SSH server to start the SNMP agent module include:
  • the SSH client sends a request to start the SNMP proxy module to the SSH server.
  • the SSH server initiates the request to start the SNMP agent module as a subsystem and redirects the standard input and output of the SNMP agent to the session channel.
  • the method further comprises: pre-establishing a connection between the authentication server and the SSH server.
  • the step of verifying the user authentication request by the SSH server includes: after receiving the user authentication request initiated by the SSH client, the SSH server sends the user authentication request to the authentication server;
  • the authentication server verifies the user authentication request and sends the verification result to the SSH server.
  • the SSH client establishes an SSH transmission connection with the SSH server, and initiates a user authentication request to the SSH server; the SSH server, the user The authentication request is verified, a session channel with the SSH client is established according to the SSH transport connection, and the SNMP agent module is started; the SNMP agent module exchanges data with the SNMP management module according to the session channel.
  • SSH is also a secure shell access tool, SNMP accounts and accounts accessed by the command line interface can be shared. Therefore, after the application of the present invention, the SNMP account is no longer required to be reconfigured, but the SSH account can be directly applied to the SNMP management, thereby greatly reducing the complexity of the SNMP security management.
  • an authentication server is employed, and centralized maintenance of user accounts on the authentication server does not require configuration of user information on each managed device, thereby greatly simplifying the configuration.
  • a user is added and the user can manage the managed device 1, the managed device 2, and the managed device 3, then only the account information of the user needs to be configured on the authentication server, and it is indicated that the account can manage the three.
  • the devices are configured, and the same account number is no longer required to be configured on the managed device 1, the managed device 2, and the managed device 3. Because every user in the network It is often possible to manage a large number of devices, the number of which may be hundreds. If the user is configured one by one, it needs to be configured hundreds of times, and the application of the present invention only needs to be configured once, so the invention is also greatly reduced.
  • the workload of the account configuration is often possible to manage a large number of devices, the number of which may be hundreds. If the user is configured one by one, it needs to be configured hundreds of times, and the application of the present invention only needs to be configured once, so the invention
  • FIG. 1 is a schematic block diagram of a system of the present invention
  • FIG. 2 is a schematic block diagram of a first embodiment of the system of the present invention.
  • FIG. 3 is a schematic block diagram of a second embodiment of the system of the present invention.
  • FIG. 4 is a schematic block diagram of a third embodiment of the system of the present invention.
  • Figure 5 is a flow chart showing the implementation of the method of the present invention.
  • FIG. 6 is a flowchart of establishing a session channel between an SNMP agent module and an SNMP management module in the method of the present invention.
  • the core of the invention is to establish a session channel between the SNMP agent module and the SNMP management module through an SSH (Secure Shell) transmission protocol, and the SNMP agent module and the SNMP management module use the session channel for data interaction, thereby implementing an SNMP network. management.
  • SSH Secure Shell
  • the SSH protocol is a security protocol based on the application layer and the transport layer. It is mainly composed of a transport layer protocol, a user authentication protocol, and a connection protocol to jointly implement the security and confidentiality mechanism of SSH.
  • the transport layer protocol provides security measures such as authentication, confidentiality, and integrity checks, and it provides data compression.
  • the user authentication protocol is used to implement identity authentication between the server and the client user.
  • the connection protocol allocates multiple encrypted channels to some logical channels, which run on top of the user authentication layer protocol.
  • the subsystem is a process running by the SSH server (SSH daemon, sshd).
  • SSH daemon SSH daemon, sshd
  • STDIN and STDOUT standard input and output
  • FIG. 1 is a block diagram of the system of the present invention:
  • the system includes: an SNMP agent module 101, an SNMP management module 103, and a session channel establishing means 11.
  • the SNMP agent module 101 is located on the managed device
  • the SNMP management module 103 is located on the network management device
  • the session channel establishing device 11 is connected to the SNMP agent module 101 and the SNMP management module 103, respectively.
  • the session channel establishing device 11 is configured to establish a session channel between the SNMP agent module and the SNMP management module by using the secure shell SSH protocol, so that the SNMP agent module and the SNMP management module can perform secure data interaction through the session channel, for example, SNMP management.
  • the module obtains the running status of the managed device through the SNMP agent module, and sends the configuration data to the managed device, thereby implementing management of the network device.
  • These managed network devices can be servers, workstations, routers, switches, and the like.
  • FIG. 2 shows a block diagram of the first embodiment of the system according to the invention:
  • the system includes: an SNMP agent module 101, an SSH server 102,
  • the SSH client 104 is connected to the SNMP management module 103, the SSH client 104 is further connected to the SSH server 102, and the SSH server 102 is further connected to the SNMP agent module 101.
  • the SSH client 104 is used by the SSH client 104. Establishing an SSH transmission connection with the SSH server 102, and initiating a user authentication request to the SSH server 102.
  • the SSH server 102 is configured to verify the user authentication request, and establish a session channel with the SSH client 104 on the SSH transmission connection.
  • the SNMP agent module 101 is started as a subsystem; the SNMP agent module 101 uses the session channel to exchange data with the SNMP management module 103.
  • the SNMP agent module 101 is located in the managed device, and may preferably be a process.
  • the SNMP agent module 101 monitors the running status of the managed device, and sends the running status of the managed device to the SNMP management module 103 through the session channel established by the SSH server 102 and the SSH client 104, and the configuration sent by the management module 103.
  • the data is forwarded to the managed device.
  • the SNMP management module 103 initiates a transmission connection creation request to the SSH client 104, and the SSH client 104 receives the request.
  • the transport connection creation request is sent to the SSH server 102.
  • the SSH server 102 listens for a transport connection creation request from the SSH client 104, wherein the listening port may not use the IANA (Internet Assigned Number Authority) assigned to the well-known port of the SSH. If the SSH server 102 is listening for a transport connection creation request from the SSH client 104, the SSH server 102 runs the SSH transport protocol, creates an SSH transport connection with the SSH client 104, and provides a digital signature to the SSH client 104; SSH server 102.
  • IANA Internet Assigned Number Authority
  • the user authentication request sent by the SSH client 104 is verified, wherein the user authentication request sent by the SSH client 104 is preferably a password authentication risk request.
  • the SSH server 104 checks the password according to a certain policy to complete the user authentication function.
  • the SSH server 102 responds to the session channel connection setup request from the SSH client 104 to create an interactive session channel, and activates the SNMP agent module 101 as a subsystem, and the SNMP agent module 101
  • the standard input and output (STDIN and STDOUT) are redirected to the created interactive session channel and the data between the SNMP agent module 101 and the SNMP management 103 is transmitted using the interactive session channel.
  • the SNMP management module 103 initiates a transport connection creation request to the SSH client 104, and the SSH client 104 sends the transport connection creation request to the SSH server 102 to create an SSH transport connection with the SSH client 104.
  • the SNMP management module 103 sends a data transfer request to the SSH client 104, and the SSH client 104 sends the data transfer request to the SSH server 102 to send data to the SSH client 104 or from the SSH client. 104 receives data.
  • the SNMP management module 103 is usually in the same process as the SSH client 104, and may also be located in different processes of the same device.
  • the SNMP management module 103 is located on the management station; and preferably the SNMP agent module 101 and the SSH server 102 are located. On the same device.
  • the SSH client 104 is configured to initiate a transport protocol creation request to the SSH server 102, check the digital signature of the SSH server 102, and initiate a user authentication request to the SSH server 102.
  • the SSH client 104 is further configured to initiate a session channel connection establishment to the SSH server 102. Requesting and instructing the SSH server 102 to start the SNMP agent module 101 as a subsystem; acquiring data from the SNMP management module 103 and transmitting the obtained data to the SSH server 102, or from SSH
  • the server 102 receives the data and sends the received data to the SNMP management module 103.
  • the SSH client 104 can connect to only one SSH server 102 or multiple SSH servers 102.
  • Figure 3 shows a block diagram of a second embodiment of the system of the present invention:
  • the SSH server includes a first SSH server 203, an nth SSH server 202, and an SNMP agent module includes a first SNMP agent module 201.
  • the SSH client 205 is connected to the first SSH server 203 nth SSH server 202; the first SSH server 203 is connected to the respective SNMP agent module; the SSH client 205 is connected to the SNMP management module 206.
  • SSH client 205 is the same as the first SSH server 203 nth SSH server
  • the SSH server 202 initiates a user authentication request; the first SSH server 203 authenticates the received user authentication request by the nth SSH server 202; the SSH client 205 also initiates an interactive session to the first SSH server 203, the nth SSH server 202, respectively.
  • the SSH client 205 acquires data from the SNMP management module 203
  • the obtained data is sent to the first SSH server 203, the nth SSH server 202, or the first SSH server 203, the nth SSH server 202, and the data is sent to the SNMP management module 206.
  • Figure 4 shows a block diagram of a third embodiment of the system of the present invention:
  • the system further includes an authentication server 311, which is respectively connected to the first SSH server 303 and the second SSH server 306 nth SSH server 308.
  • the nth SSH server 308 After receiving the user authentication request initiated by the SSH client connected to the first SSH server 303 and the second SSH server 306, the nth SSH server 308 sends the user authentication request to the authentication server 311, and the authentication server 311 receives the received authentication request.
  • Each user authentication request is verified, and the verification result is sent to the first SSH server 303, the second SSH server 306, the nth SSH server 308, and the first SSH service.
  • the 303, the second SSH server 306, and the nth SSH server 308 respectively determine whether the user authentication is legal according to the verification result.
  • the authentication server is used, and user authentication is centrally maintained on the authentication server, so that user information does not need to be configured on each managed device and management station, thus greatly simplifying the relationship between the managed device and the management station.
  • the configuration of information such as keys and user names also reduces the workload of configuration data maintenance.
  • FIG. 5 is a flowchart of an implementation of the method of the present invention, including the following steps:
  • Step 501 Establish a secure session channel between the SNMP agent module on the managed device and the SNMP management module on the management station through the SSH protocol.
  • the SSH protocol is a security protocol based on the transport layer, its application is mainly implemented by connecting a protocol and calling user authentication. Therefore, in the method of the present invention, the SSH protocol is used to improve the security of the SNMP, and the SSH protocol is used as the transmission protocol of the SNMP protocol, and the SSH client connected to the SNMP management module and the SSH server connected to the SNMP agent module are used for interaction. Establish a secure session channel between the SNMP agent module and the SNMP management module on the management station. The specific establishment process of the session channel will be described in detail later.
  • Step 502 The SNMP agent module and the SNMP management module exchange data by using the session channel.
  • the SNMP agent module can interact with the SNMP management module. Therefore, the SNMP agent module can send the operation status of the managed device to the SNMP management module; the SNMP management module can also send the configuration data of the administrator to the SNMP agent module, and the SNMP agent module sends the data to the managed device.
  • FIG. 6 shows a flow of establishing a session channel between an SNMP agent module and an SNMP management module in the method of the present invention, including the following steps:
  • Step 601 Establish an SSH transmission connection between the SSH client and the SSH server.
  • the SSH client first initiates an SSH transport connection creation request to the SSH server. After the SSH server listens to the transport connection creation request, it creates an SSH transport connection.
  • the SSH server can also provide a digital signature to the SSH client, which checks the digital signature. After the check is successful, the SSH client initiates a user authentication request to the SSH server, where the initiated user authentication request may be a password authentication request.
  • Step 602 The SSH client initiates a user authentication request to the SSH server through the established SSH transmission connection.
  • Step 603 The SSH server verifies the user authentication request.
  • Step 604 After the verification is passed, the SSH server establishes a session channel with the SSH client on the SSH transport connection, and starts the SMP proxy module as a subsystem.
  • the SSH client sends a request to start the SMP proxy module to the SSH server; the SSH server starts the SNMP agent module as a subsystem according to the request, and redirects the STDIN and STDOUT of the SNMP agent to the created session channel.
  • each SSH server needs to start the SNMP agent module as a subsystem, and each SSH server corresponds to a management station. .
  • these SSH server modules must use different TCP (Transfer Control Protocol) ports.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un système de gestion de réseau qui comprend: le module agent SNMP; le module gestionnaire SNMP; le canal de session établissant l'appareil qui est connecté séparément avec le module agent SNMP et le module gestionnaire SNMP. Le système de gestion de réseau est utilisé en vue d'établir le canal de session entre le module agent SNMP et le module gestionnaire SNMP à l'aide du protocole SSH de coquille de sécurité. De plus, le procédé de gestion de réseau comprend les étapes suivantes: établissement du canal de session entre le module agent SNMP du dispositif géré et le module gestionnaire SNMP de la station gestionnaire à l'aide du protocole SSH de coquille de sécurité; utilisation par le module agent SNMP et le module gestionnaire SNMP du canal de session pour échanger les données. L'invention peut réduire la complexité de la gestion SNMP.
PCT/CN2006/000988 2005-09-14 2006-05-16 Un systeme de gestion de reseau et le procede correspondant WO2007030989A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510102922.4 2005-09-14
CN 200510102922 CN100484027C (zh) 2005-09-14 2005-09-14 一种应用简单网络管理协议的网络管理系统和方法

Publications (1)

Publication Number Publication Date
WO2007030989A1 true WO2007030989A1 (fr) 2007-03-22

Family

ID=37864615

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/000988 WO2007030989A1 (fr) 2005-09-14 2006-05-16 Un systeme de gestion de reseau et le procede correspondant

Country Status (2)

Country Link
CN (1) CN100484027C (fr)
WO (1) WO2007030989A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109379280A (zh) * 2018-10-25 2019-02-22 许继电气股份有限公司 一种协议转换网关

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101795206B (zh) * 2009-11-26 2012-08-15 福建星网锐捷网络有限公司 一种在分布式构成设备上实现snmp代理的方法和装置
CN102148704A (zh) * 2011-01-19 2011-08-10 武汉迈威光电技术有限公司 一种加密型交换机通用网管接口的软件实现方法
CN102521099A (zh) * 2011-11-24 2012-06-27 深圳市同洲视讯传媒有限公司 一种进程监控方法及进程监控系统
CN103001807B (zh) * 2012-12-20 2015-09-09 北京思特奇信息技术股份有限公司 一种与snmp协议对应的请求应答模块
CN110247803B (zh) * 2019-06-20 2022-05-20 成都积微物联集团股份有限公司 一种针对网络管理协议SNMPv3的协议优化架构及其方法
CN113067834A (zh) * 2021-04-09 2021-07-02 上海新炬网络信息技术股份有限公司 基于Web浏览器远程控制服务器的方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6044468A (en) * 1997-08-25 2000-03-28 Emc Corporation Secure transmission using an ordinarily insecure network communication protocol such as SNMP
US6851113B2 (en) * 2001-06-29 2005-02-01 International Business Machines Corporation Secure shell protocol access control
CN1581795A (zh) * 2003-08-06 2005-02-16 华为技术有限公司 一种网络管理安全认证的方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6044468A (en) * 1997-08-25 2000-03-28 Emc Corporation Secure transmission using an ordinarily insecure network communication protocol such as SNMP
US6851113B2 (en) * 2001-06-29 2005-02-01 International Business Machines Corporation Secure shell protocol access control
CN1581795A (zh) * 2003-08-06 2005-02-16 华为技术有限公司 一种网络管理安全认证的方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109379280A (zh) * 2018-10-25 2019-02-22 许继电气股份有限公司 一种协议转换网关
CN109379280B (zh) * 2018-10-25 2021-05-07 许继电气股份有限公司 一种协议转换网关

Also Published As

Publication number Publication date
CN100484027C (zh) 2009-04-29
CN1933418A (zh) 2007-03-21

Similar Documents

Publication Publication Date Title
US11936786B2 (en) Secure enrolment of security device for communication with security server
KR101086576B1 (ko) 보안 프로토콜의 자동 협상 시스템 및 방법
US8447977B2 (en) Authenticating a device with a server over a network
JP2005085102A (ja) 保証システム
WO2018010146A1 (fr) Procédé, appareil et système de réponse dans une authentification informatique de réseau virtuel, et serveur mandataire
WO2007030989A1 (fr) Un systeme de gestion de reseau et le procede correspondant
WO2015143651A1 (fr) Procédé, appareil et système de configuration de certificat faisant appel à la virtualisation de fonction de réseau
EP2031793A1 (fr) Cadre de gestion de sécurité réseau et son procédé de traitement d'informations
RU2008146517A (ru) Управляемое политиками делегирование учетных данных для единой регистрации в сети и защищенного доступа к сетевым рессурсам
WO2010020187A1 (fr) Procédé de gestion de réseau de confiance de connexions de réseau de confiance sur la base d'une authentification de poste à trois éléments
WO2006058493A1 (fr) Procede et systeme d'authentification de domaine et d'autorite de reseau
JP5023804B2 (ja) 認証方法及び認証システム
WO2014176997A1 (fr) Procédé et système de transmission et de réception de données, procédé et dispositif de traitement de message
WO2019237576A1 (fr) Procédé et appareil de vérifications de performances de communication d'une machine virtuelle
WO2003081839A1 (fr) Procede d'etablissement d'une liaison entre le dispositif d'acces au reseau et l'utilisateur mettant en oeuvre le protocole 802.1x
WO2021031465A1 (fr) Procédé et système d'authentification de dispositif basés sur un réseau sd-wan
US8676998B2 (en) Reverse network authentication for nonstandard threat profiles
JP2006270431A (ja) 呼制御装置、端末、これらのプログラム、及び通信チャネル確立方法
CN111628960B (zh) 用于连接至专用网络上的网络服务的方法和装置
JP4571006B2 (ja) ネットワーク制御装置、ネットワークシステム、及びプログラム
KR100429395B1 (ko) 보안 전송 계층의 사전 연관 설정을 이용한 에이에이에이시스템의 이중화 방법
CN116723023A (zh) 一种基于ssh协议的内网穿透登录方法及系统
CN116827885A (zh) 资源访问方法、装置、系统、电子设备及可读存储介质
Headquarters Configuring Secure Signaling and Media Encryption for the Cisco VG224
KR20050046834A (ko) 클라이언트 시스템과 특정 도메인 서버간의 보안 시스템및 그 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06741876

Country of ref document: EP

Kind code of ref document: A1