Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for realizing virtual firewall

A technology of virtual firewall and configuration parameters, applied in the field of network security

Active Publication Date: 2020-01-21
ZTE CORP
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a method and device for implementing a virtual firewall, the main purpose of which is to solve the technical problem of how to implement multiple virtual firewall instances on a single hardware platform

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for realizing virtual firewall
  • Method and device for realizing virtual firewall
  • Method and device for realizing virtual firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0061] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0062] The invention provides a method for realizing a virtual firewall.

[0063] refer to figure 1 , figure 1 It is a schematic flowchart of the first embodiment of the method for implementing a virtual firewall in the present invention.

[0064] In the first embodiment, the method for implementing a virtual firewall includes:

[0065] Step 101, obtaining the identifier of the virtual firewall instance according to the first information of the received data flow;

[0066] Wherein, the first information includes at least quintuple, virtual local area network (Virtual Local Area Network, VLAN) information or Internet Protocol (Internet Protocol, IP) information in the packet of the data traffic.

[0067] Preferably, said obtaining the identifier of the virtual firewall instance according to the first information of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for realizing a virtual firewall. The identification of the virtual firewall instance is obtained according to the first information of the received data flow; the configuration parameters of the virtual firewall are searched according to the identification of the virtual firewall instance, and according to the obtained Search the ACL rule group for the packet information of the data flow; generate a session entry according to the data flow, the configuration parameters of the virtual firewall and the ACL rule group, and set the relevant security service parameters of the session in the data flow Stored in the session entry. The invention also discloses a device for realizing virtual firewall. Therefore, it can be realized that a physical firewall can be divided into multiple logical firewalls, and each logical firewall can apply for resources independently; at the same time, it solves the defects of traditional firewall deployment and can greatly reduce maintenance and management costs. At the same time, it provides independent security service policies for different users.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and device for realizing a virtual firewall. Background technique [0002] In traditional solutions, when the system requires multiple sets of firewall protection, multiple firewalls are generally deployed for protection. The traditional way is to deploy a firewall in front of the CE equipment, and manage and configure them separately. For example, in the MPLSVPN network, security protection is required between VPNs. The traditional solution has obvious shortcomings: [0003] Enterprises need to deploy and manage multiple independent firewalls, resulting in higher cost of ownership and maintenance, and greater complexity of network management; multiple independent firewalls placed in a centralized manner will take up more rack space and bring additional overhead to integrated wiring. Complexity: Due to the development of services, new changes may occur in the division of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L9/40
Inventor 王煜
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com