Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Firewall based on multiprocessor architecture

A multi-processor and firewall technology, applied in the field of firewalls, can solve problems such as inability to apply, failure of restarting security mechanisms, and increased firewall processing delays, reducing processing time and reducing security threats.

Active Publication Date: 2019-04-02
浙江国利网安科技有限公司
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) Because the general-purpose operating system does not fully consider the security of the operating system itself, and the security mechanism is not perfect, there are many security loopholes and hidden dangers. When the security loopholes and backdoors of the operating system are exploited, the firewall equipment will be abnormal, restart or security Mechanism failure, etc.;
[0006] (2) Because the processors of traditional firewalls are mostly executed sequentially, and industrial control firewalls need to analyze in-depth packet analysis of industrial protocol data packets and perform legality checks on industrial protocol instructions and operands, resulting in increased firewall processing delays, cannot Applied in industrial control systems with very high requirements for real-time transmission feedback

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall based on multiprocessor architecture
  • Firewall based on multiprocessor architecture
  • Firewall based on multiprocessor architecture

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The present invention will be further described in detail below through specific embodiments in conjunction with the accompanying drawings.

[0045] In the embodiment of the present invention, a firewall with a multi-processor architecture is provided to solve the problems of unsound security mechanisms and poor real-time performance of traditional firewalls.

[0046] This example uses the dual-processor architecture as an example to illustrate the working principle of a firewall with a multi-processor architecture. The schematic diagram is as follows figure 1As shown, it includes a main processor for processing the management process of the firewall and a co-processor for parallel processing of the business process of the firewall. The main processor and the co-processor are independent of each other and communicate through the communication port. Among them, the management process of the firewall includes non-real-time processes such as policy management and alarm log...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A firewall based on a multiprocessor architecture comprises a main processor for processing a management flow of the firewall and a coprocessor which is used for carrying out parallel processing on the service flow of the firewall, and the main processor and the coprocessor are independent of each other and communicate with each other through a communication interface. The firewall provided by theinvention adopts a double-processor architecture, the two processors are independent of each other and are in limited communication through the communication interface, and when the main processor isattacked by a network or the main processor cannot work normally, the service processing unit of the coprocessor can still process the service flow normally. Compared with other industrial control firewalls, the firewall disclosed by the invention has the advantages that the reduced processing time reaches several orders of magnitudes, and the 100% throughput is achieved under the conditions of gigabit rate linear speed and 64-byte Ethernet message through the modules such as message deep analysis, basic strategy matching, industrial control protocol function code matching, industrial controlprotocol parameter matching, alarm information uploading and the like.

Description

technical field [0001] The invention relates to the technical field of firewalls, in particular to a firewall based on a multi-processor architecture. Background technique [0002] Hardware-based traditional industrial control firewalls generally adopt several mainstream architectures in terms of hardware: X86, ASIC, NP, MIPS and ARM. Because most of the commonly used operating systems are based on general-purpose operating systems, and the general-purpose operating systems do not fully consider the security of the operating system itself, and the security mechanism is not perfect, resulting in many security loopholes and hidden dangers. For example, firewalls suffer more and more Attacks based on operating system vulnerabilities, backdoor viruses and Trojan horses. It is very difficult to modify the core code of the operating system, and adding various security technologies and protective measures around the operating system without modifying the core code of the operating...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F15/17G06F21/53
CPCG06F15/17G06F21/53
Inventor 叶秀员陈建飞还约辉王迎薛金良许剑新
Owner 浙江国利网安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com