CN101018119A - Hardware-based server network security centralized management system without relevance to the operation system - Google Patents
Hardware-based server network security centralized management system without relevance to the operation systemDownload PDFInfo
- Publication number
- CN101018119A CN101018119ACN 200710013546CN200710013546ACN101018119ACN 101018119 ACN101018119 ACN 101018119ACN 200710013546CN200710013546CN 200710013546CN 200710013546 ACN200710013546 ACN 200710013546ACN 101018119 ACN101018119 ACN 101018119A
- Authority
- CN
- China
- Prior art keywords
- security
- server
- network
- hardware
- centralized management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Translated fromChinese
Description
Translated fromChinese技术领域technical field
本发明涉及一种基于硬件的与操作系统无关的服务器网络安全集中管理系统,特别是以集成有安全功能芯片的硬件网络设备为核心,属于计算机信息安全领域。The invention relates to a server network security centralized management system which is based on hardware and has nothing to do with the operating system, especially takes the hardware network equipment integrated with the security function chip as the core, and belongs to the field of computer information security.
背景技术Background technique
随着国内信息化进程的迅猛发展,电子商务,电子政务等信息服务在政府,企业,商业等领域的广泛应用,网络已经成为政府办公,商业贸易的重要工具之一。而构成网络重要基础设施的服务器越来越发挥着举足轻重的作用,不仅承载着企业的宝贵数据资源,也提供着资源和数据的共享服务。正是由于服务器在网络环境及网络基础设施中的显著作用,它面临着三方面的恶意网络行为,即肆意的攻击行为,如拒绝服务攻击,网络病毒等等,这些行为旨在消耗服务器资源,影响服务器的正常运行,甚至导致服务器所在网络的瘫痪;恶意的入侵行为,这种行为更是会导致服务器敏感信息的泄漏,入侵者更是可以为所欲为,肆意破坏服务器;服务器软件本身所具有的安全漏洞,它是由于软件设计和开发不完善而造成的,从而使得各种软件具有了先天的缺陷和隐患,给恶意攻击者开启了攻击的方便之门。这些攻击和破坏给政府,企业造成了不可估量的经济损失。如何保障服务器的安全可靠运行,国家机密数据和信息不被非法窃取或篡改已是关及国家安全的重大问题。With the rapid development of domestic informatization, e-commerce, e-government and other information services are widely used in government, enterprise, business and other fields, the network has become one of the important tools for government office and business trade. The servers that constitute the important infrastructure of the network are playing an increasingly important role, not only carrying the valuable data resources of enterprises, but also providing resource and data sharing services. It is precisely because of the significant role of the server in the network environment and network infrastructure that it faces three malicious network behaviors, that is, wanton attacks, such as denial of service attacks, network viruses, etc., these behaviors are aimed at consuming server resources, Affect the normal operation of the server, and even lead to the paralysis of the network where the server is located; malicious intrusion behavior, this kind of behavior will lead to the leakage of sensitive information of the server, and the intruder can do whatever they want and destroy the server at will; the security of the server software itself Vulnerabilities, which are caused by imperfect software design and development, make various software have inherent defects and hidden dangers, and open the door for malicious attackers to attack. These attacks and damages have caused immeasurable economic losses to the government and enterprises. How to ensure the safe and reliable operation of servers, and how to prevent state secret data and information from being illegally stolen or tampered with is a major issue related to national security.
另一方面,目前服务器的管理方式主要体现在以下三个方面:即基于硬件的管理工具、网络操作系统的附加管理功能以及第三方的系统管理软件。其中,基于硬件的管理工具往往由服务器生产厂商所提供,它主要是通过服务器主板上集成的远程管理芯片实现对服务器的CPU、硬盘、内存、风扇等底层部件的监控和管理;网络操作系统所附带的管理功能如Windows Server 2003中的服务器管理向导,就是为很多服务器网络管理人员所熟知的功能。这两种管理方式局限性较大,不支持异构跨平台的管理。除此之外,还有一些第三方管理软件厂商的产品,这些专业产品具有强大的跨平台管理能力,可以完成对操作系统、应用软件、硬件平台等多种系统资源的维护和监控,并具备一些智能化管理的特性。On the other hand, the current server management methods are mainly reflected in the following three aspects: hardware-based management tools, additional management functions of the network operating system, and third-party system management software. Among them, hardware-based management tools are often provided by server manufacturers, which mainly realize the monitoring and management of underlying components such as the CPU, hard disk, memory, and fan of the server through the remote management chip integrated on the server motherboard; The accompanying management functions, such as the server management wizard in Windows Server 2003, are functions well known to many server network administrators. These two management methods have relatively large limitations and do not support heterogeneous cross-platform management. In addition, there are some products of third-party management software manufacturers. These professional products have strong cross-platform management capabilities, and can complete the maintenance and monitoring of various system resources such as operating systems, application software, and hardware platforms. Some features of intelligent management.
但是在实际的应用中,随着网络系统越来越复杂,网络技术的不断应用对服务器的可靠性、安全性管理上的要求越来越高,企业需要服务器的管理软件来简化服务器系统管理。此外,由于服务器数量的增加,地域的扩展,企业部署并使用了多个服务器管理平台对多家服务器进行管理,而这些管理平台之间的互操作性、整体拥有成本、管理人员的知识都会带来管理上的挑战。However, in practical applications, as the network system becomes more and more complex, the continuous application of network technology has higher and higher requirements for server reliability and security management. Enterprises need server management software to simplify server system management. In addition, due to the increase in the number of servers and the expansion of regions, enterprises have deployed and used multiple server management platforms to manage multiple servers, and the interoperability between these management platforms, the total cost of ownership, and the knowledge of managers will bring to manage the challenges.
因此,必须采用先进技术及管理方式解决服务器网络安全集中管理和监控的问题,以通过单一的控制台实现对系统资源全方位的监控、管理和控制,同时在不影响服务器正常运转和降低其性能的情况下,满足用户对安全、详细日志以及报警等功能的多方面需求。Therefore, it is necessary to adopt advanced technology and management methods to solve the problem of centralized management and monitoring of server network security, so as to realize all-round monitoring, management and control of system resources through a single console, without affecting the normal operation of the server and reducing its performance. In the case of the system, it meets the various needs of users for functions such as security, detailed logs, and alarms.
发明内容Contents of the invention
本发明的目的在于提供一种基于硬件的与操作系统无关的服务器网络安全集中管理系统。为实现上述目的,本发明的技术解决方案是:The purpose of the present invention is to provide a server network security centralized management system which is based on hardware and has nothing to do with the operating system. For realizing the above object, technical solution of the present invention is:
将集成有安全功能芯片的硬件网络设备部署在被监管服务器中并与安全集中管理平台相连,由安全集中管理平台统一制订安全策略并分发给硬件网络设备,同时收集各硬件网络设备所生成的安全事件和信息,实时监控服务器网络的健康程度及安全状态,具体步骤如下:Deploy hardware network devices integrated with security function chips in supervised servers and connect them to the centralized security management platform. The centralized security management platform formulates security policies and distributes them to hardware network devices, and collects security data generated by each hardware network device at the same time. Events and information, real-time monitoring of the health and security status of the server network, the specific steps are as follows:
1)在管理平台下设置监管服务器SA、SB和SC,通过监管服务器对外分别提供Web和邮件代理服务以及入侵检测功能,通过Web和邮件代理可以访问外部网站和邮件服务器;1) Set up supervision servers SA , SB and SC under the management platform, and provide Web and mail proxy services and intrusion detection functions through the supervision servers, and can access external websites and mail servers through Web and mail proxy;
2)部署安装:将集成安全功能芯片的硬件网络设备NICA、NICB和NICC分别安装部署到被监管服务器SA、SB和SC中,并加载其驱动程序,配置相应的网络参数。通过网络线、交换机将被监管服务器SA、SB和SC与安全集中管理平台M所在机器相连;2) Deployment and installation: install and deploy the hardware network devices NICA , NICB and NICC with integrated security function chips to the supervised servers SA , SB and SC respectively, load their drivers, and configure corresponding network parameters . Connect the supervised servers SA , SB and SC to the machine where the security centralized management platform M is located through network cables and switches;
3)配置安全集中管理平台M使之能监管服务器SA、SB和SC;3) configure the security centralized management platform M so that it can supervise the serversSA , SB and SC ;
4)策略编制:系统管理人员通过安全集中管理平台M制订Web、邮件、入侵检测安全策略。Web安全策略以黑白名单,关键字,扩展名或应用型的形式对Web访问进行过滤,阻断对不良站点或内容的访问;邮件安全策略根据发件人、收件人、抄送、邮件主题和附件类型对邮件进行过滤;入侵检测安全策略用以实时侦测服务器网络环境中所发生的入侵攻击行为并生成报警信息;4) Policy formulation: System managers formulate security policies for Web, mail, and intrusion detection through the security centralized management platform M. Web security policies filter web access in the form of black and white lists, keywords, extensions, or applications to block access to bad sites or content; email security policies are based on sender, recipient, CC, and email subject and attachment types to filter emails; the intrusion detection security policy is used to detect intrusion attacks in the server network environment in real time and generate alarm information;
5)策略分发:分别将安全集中管理平台M所制订的Web、邮件和入侵检测安全策略分发给被监管服务器SA、SB和SC的硬件网络设备NICA、NICB和NICC中并使这些安全策略生效;5) Policy distribution: distribute the Web, mail and intrusion detection security policies formulated by the security centralized managementplatform M to the hardware network devices NICA , NICB and NICC of the supervised servers SA, SB and SC respectively and enforce these security policies;
6)硬件网络设备以独立于服务器及其操作系统的方式工作,不受服务器及其操作系统的影响,它只接收安全集中管理平台M所分发的各种安全策略并根据安全策略的动作在满足安全策略的条件下,采取相应的策略动作。网络报文的实时采集分析以及网络访问和网络流量的监控都是在硬件网络设备所集成的安全功能芯片中进行,不占用任何被监管服务器的CPU资源,更不会影响甚至降低服务器的性能;同时,安全集中管理平台M对硬件网络设备的单一控制,从一定程度上杜绝安全风险的发生,保障硬件网络设备的安全性和可靠性;6) The hardware network device works independently of the server and its operating system, and is not affected by the server and its operating system. It only receives various security policies distributed by the security centralized management platform M and acts according to the security policies to satisfy Under the condition of the security policy, take the corresponding policy action. The real-time collection and analysis of network messages and the monitoring of network access and network traffic are all carried out in the security function chip integrated in the hardware network device, which does not occupy any CPU resources of the supervised server, and will not affect or even reduce the performance of the server; At the same time, the single control of the hardware network equipment by the security centralized management platform M can prevent the occurrence of security risks to a certain extent and ensure the security and reliability of the hardware network equipment;
7)被监管服务器SA、SB和SC中的硬件网络设备NICA、NICB、和NICC实时监控通过硬件网络设备进入被监管服务器的网络报文和网络访问,对于满足安全策略的任何Web访问,入侵攻击行为或者邮件发送或接收,都会触发相应的安全策略,根据安全策略所规定的动作采取对应的处理,即阻断或通过,并记录日志;7) The hardware network devices NICA , NICB , and NICC in the supervised servers SA, SB and SC monitor in real time the network packets and network accessesentering the supervised server through the hardware network devices. Any web access, intrusion attack behavior, or email sending or receiving will trigger the corresponding security policy, and take corresponding processing according to the action specified in the security policy, that is, block or pass, and record the log;
8)安全集中管理平台M实时监控Web、邮件和入侵检测安全策略所产生的安全事件日志。根据安全事件的级别及数量,系统管理人员可以通过安全集中管理平台M适当调整硬件网络设备NICA、NICB和NICC所加载的Web,入侵检测和邮件安全策略的内容,使这些安全策略更能准确地检测网络报文和网络访问,进而能提高服务器网络环境的整体安全性;8) The security centralized management platform M monitors in real time the security event logs generated by the security policies of Web, email and intrusion detection. According to the level and quantity of security events, system administrators can properly adjust the content of Web, intrusion detection and email security policies loaded by the hardware network devices NICA , NICB and NICC through the security centralized management platform M to make these security policies more secure. It can accurately detect network packets and network access, thereby improving the overall security of the server network environment;
本发明的基于硬件的与操作系统无关的服务器网络安全集中管理系统,它包括安全集中管理平台,被监管服务器和集成有安全功能芯片的以标准全长全高千兆线速网卡形式体现的硬件网络设备。The hardware-based, operating system-independent server network security centralized management system of the present invention includes a security centralized management platform, a supervised server and a hardware network embodied in the form of a standard full-length full-height gigabit wire-speed network card integrated with a security function chip equipment.
本发明的优点和积极效果是,硬件网络设备所集成的安全功能芯片,根据安全集中管理平台制订并分发的安全策略,实时监控进入服务器的网络报文及网络资源访问,避免了服务器遭受外部黑客、病毒的攻击。本发明将集成有安全功能芯片的硬件网络设备安装部署到局域网的所有被监管服务器中,而硬件网络设备以独立于服务器及其操作系统的方式运行,支持跨平台,不受服务器操作系统的控制,只接收安全集中管理平台所制订分发的安全策略。本发明在不影响服务器和降低服务器性能的条件下,从物理上保障了服务器安全可靠的运行,增强了服务器的高可用性和稳定性,突破了传统服务器单一的管理模式及其局限,有效解决了安全和管理效率之间的矛盾,在低成本、易安装、性能、稳定性、功能等方面都有很大的提高。The advantages and positive effects of the present invention are that the security function chip integrated in the hardware network device can monitor the network message and network resource access entering the server in real time according to the security policy formulated and distributed by the security centralized management platform, and avoid the server from being subjected to external hackers , Virus attack. The present invention installs and deploys the hardware network device integrated with the security function chip to all supervised servers in the local area network, and the hardware network device operates independently of the server and its operating system, supports cross-platform, and is not controlled by the server operating system , only receive the security policies formulated and distributed by the security centralized management platform. Under the condition of not affecting the server and reducing the performance of the server, the present invention physically guarantees the safe and reliable operation of the server, enhances the high availability and stability of the server, breaks through the single management mode and limitations of the traditional server, and effectively solves the problem of The contradiction between safety and management efficiency has been greatly improved in terms of low cost, easy installation, performance, stability, and functions.
附图说明Description of drawings
图1是本发明的安全管理系统结构示意图。Fig. 1 is a schematic structural diagram of the safety management system of the present invention.
具体实施方式Detailed ways
下面结合附图和具体实施例对本发明作进一步的说明。The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
如图1所示,本发明提供一种基于硬件的与操作系统无关的服务器网络安全集中管理系统,它包括安全集中管理平台M,被监管服务器SA、SB和SC以及集成有安全功能芯片的硬件网络设备NICA、NICB和NICC。Asshown in Fig. 1, the present invention provides a kindof hardware-based server network security centralized management system that has nothing to do with the operating system. The chip's hardware network devices NICA , NICB and NICC .
本发明的工作原理是:The working principle of the present invention is:
1.被监管服务器SA、SB和SC对外分别提供Web和邮件代理服务和入侵检测功能,通过Web和邮件代理可以访问外部网站和邮件服务器。1. The supervised servers SA , SB and SC respectively provide web and mail proxy services and intrusion detection functions, and can access external websites and mail servers through the web and mail proxy.
2.部署安装:将集成安全功能芯片的硬件网络设备NICA、NICB和NICC分别安装部署到被监管服务器SA、SB和SC中,并加载其驱动程序,配置相应的网络参数。通过网络线、交换机将被监管服务器SA、SB和SC与安全集中管理平台M所在机器相连。2. Deployment and installation: Install and deploy the hardware network devices NICA , NICB , and NICC with integrated security function chips to the supervised servers SA , SB , and SC respectively, load their drivers, and configure corresponding network parameters . The supervised servers SA , SB and SC are connected to the machine where the security centralized management platform M is located through network cables and switches.
3.配置安全集中管理平台M使之能监管服务器SA、SB和SC。3. Configure the security centralized management platform M so that it can supervise the servers SA , SB and SC .
4.策略编制:系统管理人员通过安全集中管理平台M制订Web、邮件和入侵检测安全策略。Web安全策略以黑白名单,关键字,扩展名或应用型的形式对Web访问进行过滤,阻断对不良站点或内容的访问;邮件安全策略根据发件人、收件人、抄送、邮件主题和附件类型对邮件进行过滤;入侵检测安全策略用以实时侦测服务器网络环境中所发生的入侵攻击行为并生成报警信息。4. Policy formulation: System managers formulate security policies for Web, mail and intrusion detection through the centralized security management platform M. Web security policies filter web access in the form of black and white lists, keywords, extensions, or applications to block access to bad sites or content; email security policies are based on sender, recipient, CC, and email subject Emails are filtered according to the attachment type; the intrusion detection security policy is used to detect the intrusion attacks in the server network environment in real time and generate alarm information.
5.策略分发:分别将安全集中管理平台M所制订的Web、邮件和入侵检测安全策略分发给被监管服务器SA、SB和SC的硬件网络设备NICA、NICB和NICC中并使这些安全策略生效。5. Policy distribution: distribute the Web, mail and intrusion detection security policies formulated by the security centralized management platform M to the hardware network devices NICA , NICB and NICC of the supervised servers SA, SB and SC respectivelyand Make these security policies effective.
6.硬件网络设备以独立于服务器及其操作系统的方式工作,不受服务器及其操作系统的影响。它只接收安全集中管理平台M所分发的各种安全策略并根据安全策略的动作在满足安全策略的条件下,采取相应的策略动作。网络报文的实时采集分析以及网络访问和网络流量的监控都是在硬件网络设备所集成的安全功能芯片中进行,不占用任何被监管服务器的CPU资源,更不会影响甚至降低服务器的性能。同时,安全集中管理平台M对硬件网络设备的单一控制,从一定程度上杜绝了安全风险的发生,保障了硬件网络设备的安全性和可靠性。6. The hardware network device works independently of the server and its operating system, and is not affected by the server and its operating system. It only receives various security policies distributed by the security centralized management platform M, and takes corresponding policy actions according to the security policy actions under the condition of satisfying the security policies. The real-time collection and analysis of network packets and the monitoring of network access and network traffic are all carried out in the security function chip integrated in the hardware network device, which does not occupy any CPU resources of the supervised server, and will not affect or even reduce the performance of the server. At the same time, the single control of the hardware network equipment by the security centralized management platform M prevents the occurrence of security risks to a certain extent and ensures the security and reliability of the hardware network equipment.
被监管服务器SA、SB和SC中的硬件网络设备NICA、NICB、和NICC实时监控通过硬件网络设备进入被监管服务器的网络报文和网络访问。对于满足安全策略的任何Web访问,入侵攻击行为或者邮件发送或接收,都会触发相应的安全策略,根据安全策略所规定的动作采取对应的处理,即阻断或通过,并记录日志。The hardware network devices NICA , NICB , and NICC in the supervised serversSA , SB , andSC monitor in real time the network packets and network accesses entering the supervised servers through the hardware network devices. For any web access, intrusion attack behavior, or email sending or receiving that meets the security policy, the corresponding security policy will be triggered, and corresponding processing will be taken according to the action specified in the security policy, that is, blocking or passing, and the log will be recorded.
7.安全集中管理平台M实时监控Web、邮件和入侵检测安全策略所产生的安全事件日志。根据安全事件的级别及数量,系统管理人员可以通过安全集中管理平台M适当调整硬件网络设备NICA、NICB和NICC所加载的Web,入侵检测和邮件安全策略的内容,使这些安全策略更能准确地检测网络报文和网络访问,进而能提高服务器网络环境的整体安全性。7. The security centralized management platform M monitors the security event logs generated by the security policy of Web, email and intrusion detection in real time. According to the level and quantity of security events, system administrators can properly adjust the content of Web, intrusion detection and email security policies loaded by the hardware network devices NICA , NICB and NICC through the security centralized management platform M to make these security policies more secure. It can accurately detect network packets and network access, thereby improving the overall security of the server network environment.
Claims (2)
Translated fromChinesePriority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200710013546CN101018119A (en) | 2007-02-09 | 2007-02-09 | Hardware-based server network security centralized management system without relevance to the operation system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200710013546CN101018119A (en) | 2007-02-09 | 2007-02-09 | Hardware-based server network security centralized management system without relevance to the operation system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101018119Atrue CN101018119A (en) | 2007-08-15 |
Family
ID=38726892
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200710013546PendingCN101018119A (en) | 2007-02-09 | 2007-02-09 | Hardware-based server network security centralized management system without relevance to the operation system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101018119A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101753554A (en)* | 2008-12-02 | 2010-06-23 | 卡巴斯基实验室 | Self-adaptivity safety module for information device |
| CN102025735A (en)* | 2010-12-08 | 2011-04-20 | 北京航空航天大学 | Distributed network firewall system of Linux based on defense strategy |
| CN102063588A (en)* | 2010-12-15 | 2011-05-18 | 北京北信源软件股份有限公司 | Control method and system for safety protection of computer terminal network |
| CN102143168A (en)* | 2011-02-28 | 2011-08-03 | 浪潮(北京)电子信息产业有限公司 | Linux platform-based server safety performance real-time monitoring method and system |
| CN101790081B (en)* | 2010-01-15 | 2012-01-04 | 上海市浦东新区保安服务总公司 | Link alarm video monitoring integrated information centralized management system and control method thereof |
| CN102379139A (en)* | 2009-01-30 | 2012-03-14 | 惠普开发有限公司 | Dynamically applying a control policy to a network |
| CN102646173A (en)* | 2012-02-29 | 2012-08-22 | 成都新云软件有限公司 | Safety protection control method and system based on white and black lists |
| CN101771679B (en)* | 2008-12-31 | 2012-08-29 | 中国移动通信集团公司 | Virus defense method, communication network and core node |
| CN101719914B (en)* | 2009-11-10 | 2012-09-05 | 中国科学院计算技术研究所 | Security event source integrated system and implementing method thereof |
| CN101729531B (en)* | 2009-03-16 | 2016-04-13 | 中兴通讯股份有限公司 | Network security policy distribution method, Apparatus and system |
| CN107295021A (en)* | 2017-08-16 | 2017-10-24 | 深信服科技股份有限公司 | The safety detection method and system of a kind of main frame based on centralized management |
| CN107332863A (en)* | 2017-08-16 | 2017-11-07 | 深信服科技股份有限公司 | The safety detection method and system of a kind of main frame based on centralized management |
| CN113742740A (en)* | 2020-05-29 | 2021-12-03 | 华为技术有限公司 | Equipment behavior monitoring method and device and storage medium |
- 2007
- 2007-02-09CNCN 200710013546patent/CN101018119A/enactivePending
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101753554B (en)* | 2008-12-02 | 2014-05-07 | 卡巴斯基实验室 | Information device with security protection capable of dynamically configuring and method for automatically configuring information device |
| CN101753554A (en)* | 2008-12-02 | 2010-06-23 | 卡巴斯基实验室 | Self-adaptivity safety module for information device |
| CN101771679B (en)* | 2008-12-31 | 2012-08-29 | 中国移动通信集团公司 | Virus defense method, communication network and core node |
| US9356932B2 (en) | 2009-01-30 | 2016-05-31 | Hewlett Packard Enterprise Development Lp | Dynamically applying a control policy to a network |
| CN102379139B (en)* | 2009-01-30 | 2015-04-29 | 惠普开发有限公司 | Dynamically applying a control policy to a network |
| CN102379139A (en)* | 2009-01-30 | 2012-03-14 | 惠普开发有限公司 | Dynamically applying a control policy to a network |
| CN101729531B (en)* | 2009-03-16 | 2016-04-13 | 中兴通讯股份有限公司 | Network security policy distribution method, Apparatus and system |
| CN101719914B (en)* | 2009-11-10 | 2012-09-05 | 中国科学院计算技术研究所 | Security event source integrated system and implementing method thereof |
| CN101790081B (en)* | 2010-01-15 | 2012-01-04 | 上海市浦东新区保安服务总公司 | Link alarm video monitoring integrated information centralized management system and control method thereof |
| CN102025735B (en)* | 2010-12-08 | 2013-04-24 | 北京航空航天大学 | Distributed network firewall system of Linux based on defense strategy |
| CN102025735A (en)* | 2010-12-08 | 2011-04-20 | 北京航空航天大学 | Distributed network firewall system of Linux based on defense strategy |
| CN102063588A (en)* | 2010-12-15 | 2011-05-18 | 北京北信源软件股份有限公司 | Control method and system for safety protection of computer terminal network |
| CN102143168B (en)* | 2011-02-28 | 2014-07-09 | 浪潮(北京)电子信息产业有限公司 | Linux platform-based server safety performance real-time monitoring method and system |
| CN102143168A (en)* | 2011-02-28 | 2011-08-03 | 浪潮(北京)电子信息产业有限公司 | Linux platform-based server safety performance real-time monitoring method and system |
| CN102646173A (en)* | 2012-02-29 | 2012-08-22 | 成都新云软件有限公司 | Safety protection control method and system based on white and black lists |
| CN107295021A (en)* | 2017-08-16 | 2017-10-24 | 深信服科技股份有限公司 | The safety detection method and system of a kind of main frame based on centralized management |
| CN107332863A (en)* | 2017-08-16 | 2017-11-07 | 深信服科技股份有限公司 | The safety detection method and system of a kind of main frame based on centralized management |
| CN113742740A (en)* | 2020-05-29 | 2021-12-03 | 华为技术有限公司 | Equipment behavior monitoring method and device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101018119A (en) | Hardware-based server network security centralized management system without relevance to the operation system | |
| US11882128B2 (en) | Improving incident classification and enrichment by leveraging context from multiple security agents | |
| US7246156B2 (en) | Method and computer program product for monitoring an industrial network | |
| US7007301B2 (en) | Computer architecture for an intrusion detection system | |
| US7134141B2 (en) | System and method for host and network based intrusion detection and response | |
| US11856008B2 (en) | Facilitating identification of compromised devices by network access control (NAC) or unified threat management (UTM) security services by leveraging context from an endpoint detection and response (EDR) agent | |
| US20090271504A1 (en) | Techniques for agent configuration | |
| Zarrabi et al. | Internet intrusion detection system service in a cloud | |
| US11347872B2 (en) | Dynamic cybersecurity protection mechanism for data storage devices | |
| US20070050777A1 (en) | Duration of alerts and scanning of large data stores | |
| CN113032710A (en) | Comprehensive audit supervisory system | |
| US12363135B2 (en) | Enabling enhanced network security operation by leveraging context from multiple security agents | |
| WO2006138469A2 (en) | Duration of alerts and scanning of large data stores | |
| CN114553537A (en) | An abnormal flow monitoring method and system for industrial Internet | |
| CN203968148U (en) | A kind of network security management system with intrusion detection | |
| GB2381722A (en) | intrusion detection (id) system which uses signature and squelch values to prevent bandwidth (flood) attacks on a server | |
| KR20130033161A (en) | Intrusion detection system for cloud computing service | |
| Kumar | Intrusion detection and prevention system in enhancing security of cloud environment | |
| Araújo et al. | Virtualization in intrusion detection systems: a study on different approaches for cloud computing environments | |
| Lin et al. | VNGuarder: An Internal Threat Detection Approach for Virtual Network in Cloud Computing Environment | |
| De La Peña Montero et al. | Autonomic and integrated management for proactive cyber security (AIM-PSC) | |
| Yang et al. | Research on computer network information security and protection strategy based on internet of things | |
| CN114844667B (en) | Intelligent security analysis management decision system and method based on network equipment | |
| Cai | A distributed autonomous intrusion detection framework | |
| TW202518292A (en) | Information security rapid screening system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication | Open date:20070815 |