Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network device and its access control method

A network equipment and access control technology, applied in the field of communications, can solve the problems of reduced processing capacity, malicious attacks on network equipment, reduced processing capacity of network equipment, etc., to achieve the effect of improving security

Inactive Publication Date: 2007-10-17
ZTE CORP
View PDF0 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

On the other hand, if network device B maliciously sends ARP request frames, network device A must process them one by one, which will greatly reduce the processing ability of network device A to process other packets and other functions, and even cause network failure in serious cases. The abnormal operation of equipment A causes more serious consequences
[0006] Since the usual access control list function only filters IP data packets, it does not filter ARP data frames encapsulated in Ethernet data frames, which may reduce the processing capacity of network devices, and even cause malicious attacks on network devices possibility of

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network device and its access control method
  • Network device and its access control method
  • Network device and its access control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Specific examples according to the present invention will be described below.

[0031] Fig. 1 is a schematic structural diagram of a network device according to the present invention. As shown in Figure 1, the network equipment according to the present invention has the access control list function based on IP, and this network equipment comprises: ARP data frame filtering module 104, is used for according to the ARP data frame that network equipment receives The identification information searches the access control list, and filters the address resolution protocol data frame according to the status corresponding to the identification information in the access control list. The network device also includes: an address resolution protocol data frame checking module 102, which is used to check the legality and correctness of the address resolution protocol data frame before the address resolution protocol data frame filtering module filters the address resolution protoco...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a network equipment and its access control methods. Said network equipment comprises an address resolution protocol (ARP) data frame filter module which is used for searching for access control list on the basis of identification information in the address resolution protocol data frames received by the network equipment, and filtrating the address resolution protocol data frames according to the corresponding states of the identification information in the access control list. Said network equipment comprises further an address resolution protocol (ARP) data frame inspection module which is used for inspecting the validity and correctness of the address resolution protocol data frames before the address resolution protocol data frame filter module filtrates the address resolution protocol data frames; and an address resolution protocol (ARP) data frame treatment module which is used for dealing with the address resolution protocol data frames permited by the address resolution protocol (ARP) data frame filter module. The present invention is capable of preventing an illegal equipment attacking viciously network equipments through address resolution protocol data frames, with improved security and reliability.

Description

technical field [0001] The invention relates to the communication field, in particular to a network device and an access control method thereof. Background technique [0002] Access Control List (ACCESS CONTROL LIST, referred to as ACL) uses packet filtering technology to read the information in the third layer and fourth layer packet header on the network device, such as source address, destination address, source port, destination port, etc. , according to the pre-defined rules to filter the data packets, so as to achieve the purpose of access control. In the early days, only routers supported this technology. In recent years, Layer 3 switches can also support this technology. At present, some Layer 2 switches (including access devices) also begin to provide support for access control lists. [0003] There are many types of access control lists, and different types of access control lists can be applied in different occasions. Among them, the simplest is the standard acc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 王峰
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com