Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Safety control method and exchanger

A security control and security processing technology, applied in the field of communications, can solve the problems of reducing security control effect, occupying global resources, limited capacity of network interface usage policies, etc., so as to improve security control effect, save global resources, improve manageability and The effect of update speed

Inactive Publication Date: 2012-01-25
BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When applying the decentralized security control method to realize security control, there are at least the following problems: Since these same security processing policies need to be configured on the security processing engines of all line cards of the switch, in the case of many global security processing policies, these Security processing policies need to occupy the same amount of capacity on all line cards. Therefore, the remaining policy capacity on each line card that can be used for the network interface on the line card becomes extremely limited; in addition, in the global security When the processing policy changes, it is necessary to update the security processing policy on all the line cards in the switch, the workload is heavy, the manageability of the security processing policy is poor, and the security control effect is reduced
When the centralized security control method is used to implement security control, there are at least the following problems: it may be necessary to adopt a specific security processing policy to perform security processing on the data packets received on the network interface on a specific line card. The network interface configures a specific security processing policy. Since all the network interfaces on the line cards in the switch share the storage capacity of the security processing policy on the management board, they all need to occupy global resources. Therefore, the security processing policy that can be allocated to each network interface on the line card Policies have very limited storage capacity
Especially when the security processing policies of network interfaces on different line cards are quite different, the storage capacity of the security processing policies that can be allocated to each network interface on each line card is less, and it is impossible to use the security processing policies on the management board to Data packets are effectively filtered, reducing the effect of security control

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety control method and exchanger
  • Safety control method and exchanger
  • Safety control method and exchanger

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] In the embodiment of the present invention, the first security processing engine is set on the line card, and the interface security processing policy is deployed therein, thereby realizing the first filtering of data packets, and the second security processing engine is set on the management board, and Deploy the global security processing strategy in it, based on which the secondary filtering of data packets is realized, the storage capacity of the security processing strategy on the line card and the switch is reasonably utilized, and the capacity utilization rate of the security processing engine on the line card and the switch is improved. And effectively realize the security control of the data message.

[0034] Figure 4 It is a flowchart of an embodiment of the security control method of the present invention. The process of this embodiment can be implemented by a chassis-type centralized forwarding switch. Such as Figure 4 As shown, the process of this embo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a safety control method and an exchanger, wherein the safety control method comprises the following steps that a network interface on a line card receives data messages; a first safety processing engine on the line card utilizes an interface safety processing strategy to carry out a first filtering to the data messages; when the line card outputs the datamessage after the first filtering, the line card sends the output data message to a management plate; a second safety processing engine on the management plate utilizes a global safety processing strategy to carry out a second filtering to the output data messages; when the management plate outputs the legal data message after the second filtering, the management plate carries out a retransmittingtreatment to the legal data message. The embodiment can reasonably utilize the memory capability of the safety processing strategy on the line card and the management plate and effectively realize the safety control to the data messages.

Description

technical field [0001] The invention relates to communication technology, in particular to a safety control method and a switch. Background technique [0002] Existing chassis-type centralized forwarding switches, also known as: centralized forwarding switches or switches, usually include a management board, one or more line cards, and also include key components such as fans and power supplies. Among them, the management board is also called the management engine or the main control board. It is the aggregation point of the management and control of the entire switch. It is mainly used to perform various operations on the line cards and run various protocols. Once it fails, the entire switch will be unavailable. . Each line card is provided with one or more network interfaces, which are mainly used for forwarding data packets with other communication devices through the network interfaces. like figure 1 As shown in , it is a schematic structural diagram of a chassis-type...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/56H04L29/06H04L12/937
Inventor 郭伟
Owner BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com