Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A management system and control method for mirroring network traffic in a virtual network environment

A technology of traffic management and management system, which is applied in the field of network security monitoring solutions based on mirrored network traffic, which can solve the problem of large bandwidth occupation of business hosts, repeated capture of traffic by network traffic capture terminals, and inability of network traffic capture terminals to achieve fine-grained bypass Network traffic forwarding strategy and other issues to achieve the effect of ensuring integrity and agile scheduling

Active Publication Date: 2019-06-18
BEIJING RUIHE YUNTU TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to implement a new technical architecture and system that utilizes the concept of software definition to realize the forwarding management and control of mirrored network traffic, which is used to solve: 1) the problem of capturing network traffic by security devices during the security monitoring process; 2) Due to performance limitations, the network traffic capture terminal cannot implement a fine-grained bypass network traffic forwarding strategy; 3) Due to the lack of global vision, the network traffic capture terminal captures repeated traffic; 4) To multiple security The problem that the bandwidth of the service host is too large due to the multi-purpose traffic forwarding of the device forwarding traffic at the same time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A management system and control method for mirroring network traffic in a virtual network environment
  • A management system and control method for mirroring network traffic in a virtual network environment
  • A management system and control method for mirroring network traffic in a virtual network environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0036] In data centers or cloud computing centers with virtualization technology as the core, since SDN technology has not been widely used, the implementation of the system should not require users to use virtual switches and physical switches that support Openflow in the business environment , so this embodiment will describe an application scenario in which the openflow protocol is only used on the layer-3 physical switch (when the openflow protocol is not used, the layer-3 switch can also use policy routing to forward mirrored traffic or pass The traffic management node modifies the destination MAC address to realize forwarding based on MAC address learning), considering that security devices can generally be provided by security vendors, so in this embodiment, a bypass security resource pool based on virtualization technology is used, and the intrusion de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A management system for mirrored network traffic in a virtualized network environment and a software-defined mirrored traffic management and control method, the mirrored network traffic management and monitoring system of the present invention includes a mirrored network traffic center control node, a virtualized mirrored traffic management node , a virtualized image traffic distribution node. Use the mirrored network traffic center control node for global management and control, use the virtualized mirrored traffic management node deployed close to the business virtual machine to realize data packet capture and forward according to the action of the flow table, and use the virtualized mirrored traffic distribution node deployed close to the security device to realize data packet Reproduction and distribution by security business. The present invention has an optimized mirror flow export strategy from a global perspective, and the mirror flow scheduling is quick and complete, and the mirror flow management nodes only occupy few computing resources.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to the management of mirrored network traffic in a virtualized network environment and a network security monitoring solution based on the mirrored network traffic. Background technique [0002] In a virtualized network environment, user business systems are deployed on virtual machines. In order to ensure the security of these systems and comply with relevant security compliance, it is still necessary to perform network security on these virtual machines as in traditional physical network environments. monitor. However, traditional hardware physical security products cannot accurately capture the network traffic of business virtual machines that need to be monitored. [0003] Software Defined Networks (SDN) is a new network control architecture proposed in recent years that utilizes the control layer, forwarding layer and data layer of decoupling network hardware to a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08H04L29/06H04L12/741H04L12/851H04L12/931H04L45/74
CPCH04L45/54H04L45/745H04L47/2425H04L49/208H04L63/1466H04L67/1095
Inventor 不公告发明人
Owner BEIJING RUIHE YUNTU TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com