CN112769804A - Internet security supervision method, system, computer equipment and readable storage medium - Google Patents
Internet security supervision method, system, computer equipment and readable storage medium Download PDFInfo
- Publication number
- CN112769804A CN112769804A CN202011634649.0A CN202011634649A CN112769804A CN 112769804 A CN112769804 A CN 112769804A CN 202011634649 A CN202011634649 A CN 202011634649A CN 112769804 A CN112769804 A CN 112769804A
- Authority
- CN
- China
- Prior art keywords
- enterprise
- network
- data
- internet security
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000006855 networking Effects 0.000 claims abstract description 57
- 230000005540 biological transmission Effects 0.000 claims description 15
- 238000004590 computer program Methods 0.000 claims description 9
- 239000013307 optical fiber Substances 0.000 claims description 3
- 238000010276 construction Methods 0.000 abstract description 14
- 230000009286 beneficial effect Effects 0.000 abstract 1
- 238000012545 processing Methods 0.000 description 11
- 238000004458 analytical method Methods 0.000 description 10
- 238000007726 management method Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 7
- 230000000903 blocking effect Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 238000013144 data compression Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention provides an internet security supervision method, an internet security supervision system, computer equipment and a readable storage medium, wherein the method comprises the following steps: receiving an instruction identifying enterprise network traffic; identifying enterprise network traffic in the internet data at the enterprise networking outlet according to the instruction; generating enterprise networking related call ticket log data and original flow according to the enterprise network flow; and sending the related call ticket log data of the enterprise networking and the original flow. The scheme is beneficial to accurately identifying the enterprise network flow, realizing accurate management, reducing technical risks and realizing supervision flexibility; meanwhile, the resource investment of the flow acquisition equipment is favorably reduced, and the construction difficulty and the construction cost are favorably reduced.
Description
Technical Field
The invention relates to the technical field of information security, in particular to an internet security supervision method, an internet security supervision system, computer equipment and a readable storage medium.
Background
According to the industry analysis of the attack target, the website attacks the most, and then the game industry and the internet service are carried out. Therefore, strengthening network security protection becomes a primary target of current internet development.
In order to realize the security supervision of the internet, as shown in fig. 1, the architecture of the conventional solution is to adopt a link beam splitting and mirror flow mode, transmit the full flow to a front-end flow acquisition and analysis system at an outlet of an operator's machine room, identify the related flow of the enterprise network from the mass flow, perform operations such as analysis and restoration, and cooperate with a back-end application system to realize the security supervision of the internet, but this mode has the disadvantages of difficulty in realizing accurate management, high technical risk, inflexible supervision, large construction difficulty, high construction cost, and the like.
Disclosure of Invention
The embodiment of the invention provides an internet security supervision method, which aims to solve the technical problems of difficult accurate management, high technical risk and high construction cost of internet security supervision in the prior art. The method comprises the following steps:
receiving an instruction identifying enterprise network traffic;
identifying enterprise network traffic in the internet data at the enterprise networking outlet according to the instruction;
generating enterprise networking related call ticket log data and original flow according to the enterprise network flow;
and sending the related call ticket log data of the enterprise networking and the original flow.
The embodiment of the invention also provides an internet security supervision system, which is used for solving the technical problems of difficult accurate management, high technical risk and high construction cost in the internet security supervision in the prior art. The device includes:
the CPE controller is used for issuing an instruction for identifying the enterprise network flow;
the CPE terminal is arranged at the enterprise networking outlet and used for receiving the instruction and identifying enterprise network flow in the internet data at the enterprise networking outlet according to the instruction; generating enterprise networking related call ticket log data and original flow according to the enterprise network flow; and sending the related call ticket log data of the enterprise networking and the original flow.
The embodiment of the invention also provides computer equipment which comprises a memory, a processor and a computer program which is stored in the memory and can run on the processor, wherein the processor realizes the random internet security supervision method when executing the computer program so as to solve the technical problems of difficult accurate management, high technical risk and high construction cost of internet security supervision in the prior art.
The embodiment of the invention also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program for executing any Internet security supervision method, so as to solve the technical problems of difficult accurate management, high technical risk and high construction cost in the Internet security supervision in the prior art.
In the embodiment of the invention, enterprise network flow is identified in the internet data at the enterprise networking outlet, and enterprise networking related call ticket log data and original flow are generated, namely the internet data is collected, identified and generated at the enterprise networking outlet, compared with the scheme of identifying the enterprise network flow on a link in the prior art, the enterprise network flow is prevented from being identified in mass data, and meanwhile, because the link is compressed and/or encrypted data, the internet safety supervision method can prevent the compressed and/or encrypted data from being collected to identify the enterprise network flow, so that the enterprise network flow is favorably and accurately identified, the accurate management is favorably realized, the technical risk is reduced, and the supervision flexibility is favorably realized; meanwhile, the resource investment of the flow acquisition equipment is favorably reduced, and the construction difficulty and the construction cost are favorably reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a schematic diagram of an Internet regulatory system in the prior art;
fig. 2 is a flowchart of an internet security supervision method according to an embodiment of the present invention;
FIG. 3 is a block diagram of an Internet supervision architecture according to an embodiment of the present invention;
fig. 4 is a schematic diagram of traffic screening of a terminal device according to an embodiment of the present invention;
fig. 5 is a logic flow diagram of an implementation of the foregoing internet security monitoring method according to an embodiment of the present invention;
FIG. 6 is a block diagram of a computer device according to an embodiment of the present invention;
fig. 7 is a block diagram of an internet security monitoring system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
The english abbreviations and their corresponding chinese characters referred to in this application are shown in table 1 below.
TABLE 1
In an embodiment of the present invention, an internet security supervision method is provided, as shown in fig. 2, the method includes:
step 202: receiving an instruction identifying enterprise network traffic;
step 204: identifying enterprise network traffic in the internet data at the enterprise networking outlet according to the instruction;
step 206: generating enterprise networking related call ticket log data and original flow according to the enterprise network flow;
step 208: and sending the related call ticket log data of the enterprise networking and the original flow.
It can be known from the flow shown in fig. 2 that, in the embodiment of the present invention, it is proposed to identify enterprise network traffic and generate enterprise networking related ticket log data and original traffic in the internet data at the enterprise networking exit, that is, to collect, identify and generate enterprise networking related ticket log data and original traffic at the enterprise networking exit, compared with the scheme of collecting and identifying enterprise network traffic on the link or the operator side in the prior art, the method avoids identifying enterprise network traffic in mass data, and meanwhile, because of compressed and/or encrypted data on the link, the internet security supervision method can avoid collecting compressed and/or encrypted data to identify enterprise network traffic, thereby facilitating to accurately identify enterprise network traffic, facilitating to achieve accurate management, and reducing technical risks, the supervision flexibility is favorably realized; meanwhile, the resource investment of the flow acquisition equipment is favorably reduced, and the construction difficulty and the construction cost are favorably reduced.
In a specific implementation, as shown in fig. 3, the functions of identifying the enterprise network traffic, generating and sending the enterprise networking related dialog log data and the original traffic may be implemented by CPE terminal devices deployed at the enterprise networking outlet.
In specific implementation, the method for generating the enterprise networking related call ticket log data and the original traffic according to the enterprise network traffic can be implemented by adopting the prior art, and the method is not particularly limited in this application. For example, as shown in fig. 4, the enterprise network traffic may be identified by the terminal device deployed at the enterprise networking outlet, and the operations such as protocol identification, analysis, restoration, and original traffic mirroring are performed on the enterprise network traffic to generate enterprise networking related call ticket log data and original traffic, and the enterprise networking related call ticket log data and the original traffic are sent to the traffic collection and analysis system, and further sent to the big data processing platform and/or the internet application system.
In specific implementation, as shown in fig. 4, an internet protocol traffic identification engine, a security supervision engine, and an application processing engine may be integrated and embedded in the CPE terminal device, and an integrated acceleration chip (similar to a field programmable gate array FPGA, a multi-core processing chip, or the like) completes processing such as protocol identification, analysis, restoration, and original traffic mirroring on the enterprise network traffic, so as to generate enterprise networking related ticket log data and original traffic.
In specific implementation, the traffic collection and analysis system may be deployed according to specific deployment requirements, for example, may be deployed on a data centralized processing platform, or may be deployed at an operator networking outlet.
In specific implementation, in order to improve convenience and flexibility of data transmission performed by an enterprise access gateway and further improve quality and reliability of data transmission, in this embodiment, a plurality of edge network access modes are set in the enterprise access gateway at an enterprise networking outlet, where the plurality of edge network access modes include a 5G wireless network, a WIFI wireless network, and a wired broadband network; and automatically switching the enterprise access network gateway to carry out the routing of data transmission in a plurality of edge network access modes according to the network state of each network.
In specific implementation, a plurality of edge network access modes can be set in CPE terminal equipment serving as an enterprise access gateway at an enterprise networking outlet, for example, the plurality of edge network access modes can be a 5G wireless network, a WIFI wireless network and a wired broadband network, so as to convert a 5G wireless signal, a Wi-Fi wireless signal or a wired broadband signal into a local area network signal for enterprise users to use; specifically, an optical fiber access metropolitan area network (WAN) port, an integrated WIFI wireless network access module and a multi-operator 5G SIM card access network module can be arranged in CPE terminal equipment serving as an enterprise access gateway to provide various edge network access modes, so that the rich high-availability is provided, reliability guarantee measures such as BYPASS (hardware, software) and HA (home agent) are provided, and the CPE terminal equipment becomes a multi-edge CPE terminal.
Meanwhile, in order to realize the free switching of the routes of various edge network access modes, the automatic switching of the routes of the enterprise access gateway for data transmission in various edge network access modes is also provided according to the network state of each network, and the function can be realized on a CPE controller. For example, when a CPE terminal device serving as an enterprise access gateway accesses a Wi-Fi5/Wi-Fi6, a 5G network, a conventional Wi-Fi network, or a wired network, multiple IP routes may be acquired, so as to implement multiple IP management, where normal service forwarding is performed according to a normal route, and other secure forwarding and control forwarding may be performed through multiple paths. The multi-IP management can judge the network state through periodic heartbeat detection, when a certain network is detected to be congested or a certain IP route is interrupted, a route switching instruction is automatically sent to the terminal equipment and the route switching is carried out, the uninterrupted service can be ensured without manual intervention, and the service transmission quality and reliability are obviously improved. And the traditional CPE deployment adopts a single-network single-route mode, if the main route fails, the backup route needs manual intervention, and the backup route is manually switched to the backup route mode. The traditional CPE has a simple working principle, if the Wi-Fi network is used as a main use, the wired network is used as a standby route, and at the moment, the Wi-Fi signal is converted into the wired network to be provided for equipment with only a wired interface for use. If the wired network is used as a master, the Wi-Fi is required to be closed and the wired network is started.
Specifically, for example, the traditional CPE can implement monitoring and traditional log return analysis, and the multi-edge CPE terminal serving as an enterprise access gateway can complete parsing, storage, and real-time transmission of an XML ticket log, and meanwhile, the 5G large bandwidth characteristic can be utilized to transmit original traffic of other access networks from a 5G channel mirror image back to an internet supervision system when a network fails or is attacked.
In this embodiment, according to characteristics of multiple edge network access modes, a route for issuing different control instructions to the enterprise access gateway is determined from the multiple edge network access modes. In particular, as shown in fig. 4, this function may be implemented by the CPE controller.
For example, the control instruction with a low timeliness requirement may be issued through a WIFI wireless network or a wired broadband network, and the control instruction with a high timeliness requirement may be issued through a 5G wireless network with a low network delay characteristic. Specifically, when a traditional CPE encounters a network attack, and a blocking instruction or a policy issued by a CPE controller is unsuccessfully issued or repeatedly issued when a network fault or congestion packet loss occurs, the interception success rate is low. In this embodiment, multiple IP routes may be selected for delivery, so that the blocking time efficiency may be greatly improved through the 5G low network delay characteristic, and meanwhile, the blocking instruction may be placed at the multi-edge CPE terminal side by using the 5G air interface high-rate bandwidth characteristic. When a TCP Reset or masquerading package such as a web page open, mail send or download file is initiated before an application session is not ended, the attack is blocked outside the enterprise network for the first time.
In specific implementation, the control instruction may include a flow control instruction, a blocking instruction, a monitoring control instruction, and the like.
In specific implementation, in order to further improve the security of data transmission, in this embodiment, the data transmitted at the enterprise networking outlet is compressed and encrypted, and the data transmission is performed through a VPN channel.
Specifically, the data transmitted by the enterprise networking outlet and other devices or platforms is encrypted and compressed data, and the data transmission is performed by establishing a VPN channel. For example, after encrypting and compressing the enterprise networking related call ticket log data and the original traffic, the enterprise networking exit transmits the encrypted and compressed call ticket log data and the original traffic to a traffic acquisition and analysis system through a VPN channel, and a control instruction received by a CPE terminal serving as an enterprise access gateway at the enterprise networking exit is also encrypted and compressed and is received through the VPN channel.
Therefore, compared with the traditional enterprise gateway equipment, the internet security supervision method has the capabilities of rapid deployment and rapid service opening, can obviously shorten the opening period and improve the service issuing efficiency compared with the conventional service opening time period, and has the capability of intelligently optimizing the route.
The following describes a process for implementing the above-mentioned internet security supervision method with reference to fig. 5, where the process includes the following steps:
the CPE controller issues a control instruction for updating the feature library of the recognition engine, the enterprise network flow is matched and recognized in the internet data of the enterprise networking outlet through an internet flow recognition engine arranged in a CPE terminal of the enterprise networking outlet, and if the matching fails, no processing is performed; if the matching is successful, a security supervision and application processing engine in the CPE terminal can be adopted to issue a security policy and a blocking instruction according to the CPE controller through an API interface and the like, a network access mode is selected according to the service characteristics, then the enterprise network flow is identified, analyzed, restored, extracted, generated and the like according to the information of the ticket format and the like issued by the CPE controller, the enterprise networking related ticket log data and the specific original flow are generated, the enterprise networking related ticket log data and the specific original flow are compressed according to the data compression mode issued by the CPE controller, the enterprise networking related ticket log data and the specific original flow are encrypted according to the encryption mode issued by the CPE controller, a VPN channel is established, the encrypted and compressed enterprise networking related ticket log data and the specific original flow are sent to an Internet big data processing platform, and then the big data processing platform carries out data processing, analysis, modeling and other processing and then sends the processed data to the Internet application system.
In this embodiment, a computer device is provided, as shown in fig. 6, and includes a memory 602, a processor 604, and a computer program stored on the memory and executable on the processor, and the processor implements any of the above-mentioned internet security supervision methods when executing the computer program.
In particular, the computer device may be a computer terminal, a server or a similar computing device.
In the present embodiment, there is provided a computer-readable storage medium storing a computer program for executing any of the above-described internet security supervision methods.
In particular, computer-readable storage media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer-readable storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. Computer readable storage media, as defined herein, does not include transitory computer readable media (transient media), such as modulated data signals and carrier waves.
Based on the same inventive concept, the embodiment of the invention also provides an internet security supervision system, as described in the following embodiments. Because the principle of the internet security supervision system for solving the problems is similar to that of the internet security supervision method, the implementation of the internet security supervision system can refer to the implementation of the internet security supervision method, and repeated parts are not described again. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 7 is a block diagram of an internet security supervision system according to an embodiment of the present invention, and as shown in fig. 7, the system includes:
a CPE controller 702 for issuing an instruction identifying an enterprise network traffic;
the CPE terminal 704 is arranged at the enterprise networking outlet and used for receiving the instruction and identifying enterprise network flow in the internet data at the enterprise networking outlet according to the instruction; generating enterprise networking related call ticket log data and original flow according to the enterprise network flow; and sending the enterprise networking related call ticket log data and the original flow.
In one embodiment, the CPE terminal acts as an enterprise access gateway, and the CPE terminal includes:
the optical fiber is accessed to a metropolitan area network port and is used for providing a wired broadband network access mode;
the WIFI wireless network access module is used for providing a WIFI wireless network access mode;
the 5G access network module is used for providing a 5G wireless network access mode;
the CPE controller is also used for automatically switching the enterprise access network gateway to carry out the routing of data transmission in various edge network access modes according to the network state of each network.
In an embodiment, the CPE controller is further configured to determine, according to characteristics of multiple edge network access manners, a route to issue different control instructions to the enterprise access gateway from the multiple edge network access manners.
In one embodiment, the CPE terminal is further configured to compress and encrypt transmission data, and transmit the data through a VPN channel.
The embodiment of the invention realizes the following technical effects: the method has the advantages that enterprise network flow is identified in the internet data at the enterprise networking outlet, enterprise networking related call ticket log data and original flow are generated, namely the internet data is collected, identified and generated at the enterprise networking outlet, and compared with the scheme of identifying the enterprise network flow on a link in the prior art, the method avoids identifying the enterprise network flow in mass data, meanwhile, because compressed and/or encrypted data are arranged on the link, the internet safety supervision method can avoid collecting the compressed and/or encrypted data to identify the enterprise network flow, so that the method is favorable for accurately identifying the enterprise network flow, realizing accurate management, reducing technical risks and realizing supervision flexibility; meanwhile, the resource investment of the flow acquisition equipment is favorably reduced, and the construction difficulty and the construction cost are favorably reduced.
It will be apparent to those skilled in the art that the modules or steps of the embodiments of the invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that shown or described herein, or separately fabricated into individual integrated circuit modules, or multiple ones of them fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and it will be apparent to those skilled in the art that various modifications and variations can be made in the embodiment of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An internet security supervision method, comprising:
receiving an instruction identifying enterprise network traffic;
identifying enterprise network traffic in the internet data at the enterprise networking outlet according to the instruction;
generating enterprise networking related call ticket log data and original flow according to the enterprise network flow;
and sending the related call ticket log data of the enterprise networking and the original flow.
2. The internet security administration method of claim 1, further comprising:
setting a plurality of edge network access modes in an enterprise access gateway at an enterprise networking outlet, wherein the plurality of edge network access modes comprise a 5G wireless network, a WIFI wireless network and a wired broadband network;
and automatically switching the enterprise access network gateway to carry out the routing of data transmission in a plurality of edge network access modes according to the network state of each network.
3. The internet security administration method of claim 2, further comprising:
and determining the route for issuing different control instructions to the enterprise access gateway from the various edge network access modes according to the characteristics of the various edge network access modes.
4. Internet security supervision method according to any of the claims 1 to 3,
and transmitting the data at the enterprise networking outlet as compressed and encrypted data, and transmitting the data through the VPN channel.
5. An internet security surveillance system, comprising:
the CPE controller is used for issuing an instruction for identifying the enterprise network flow;
the CPE terminal is arranged at the enterprise networking outlet and used for receiving the instruction and identifying enterprise network flow in the internet data at the enterprise networking outlet according to the instruction; generating enterprise networking related call ticket log data and original flow according to the enterprise network flow; and sending the related call ticket log data of the enterprise networking and the original flow.
6. The internet security supervision system of claim 5, wherein the CPE terminal acts as an enterprise access gateway, the CPE terminal comprising:
the optical fiber is accessed to a metropolitan area network port and is used for providing a wired broadband network access mode;
the WIFI wireless network access module is used for providing a WIFI wireless network access mode;
the 5G access network module is used for providing a 5G wireless network access mode;
the CPE controller is also used for automatically switching the routing of the data transmission of the enterprise access network gateway in various edge network access modes according to the network state of each network.
7. The internet security supervision system of claim 6, wherein the CPE controller is further configured to determine a route for issuing different control commands to the enterprise access gateway from among a plurality of edge network access manners according to characteristics of the plurality of edge network access manners.
8. Internet security supervision system according to any of the claims 5 to 7,
and the CPE terminal is also used for compressing and encrypting the transmission data and transmitting the data through the VPN channel.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the internet security supervision method according to any one of claims 1 to 4 when executing the computer program.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for executing the internet security supervision method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011634649.0A CN112769804A (en) | 2020-12-31 | 2020-12-31 | Internet security supervision method, system, computer equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011634649.0A CN112769804A (en) | 2020-12-31 | 2020-12-31 | Internet security supervision method, system, computer equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112769804A true CN112769804A (en) | 2021-05-07 |
Family
ID=75699652
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011634649.0A Pending CN112769804A (en) | 2020-12-31 | 2020-12-31 | Internet security supervision method, system, computer equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112769804A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114095314A (en) * | 2021-11-25 | 2022-02-25 | 成都中科微信息技术研究院有限公司 | Industrial Internet gateway based on 5G/TSN technology |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080244694A1 (en) * | 2007-04-02 | 2008-10-02 | Microsoft Corporation | Automated collection of forensic evidence associated with a network security incident |
| CN101702677A (en) * | 2009-11-18 | 2010-05-05 | 成都市华为赛门铁克科技有限公司 | Method for detecting data flow and device thereof |
| CN102739473A (en) * | 2012-07-09 | 2012-10-17 | 南京中兴特种软件有限责任公司 | Network detecting method using intelligent network card |
| US9516039B1 (en) * | 2013-11-12 | 2016-12-06 | EMC IP Holding Company LLC | Behavioral detection of suspicious host activities in an enterprise |
| CN108833372A (en) * | 2018-05-29 | 2018-11-16 | 深圳万发创新进出口贸易有限公司 | A kind of enterprise network security management cloud service platform system |
| CN110769067A (en) * | 2019-10-30 | 2020-02-07 | 任子行网络技术股份有限公司 | SD-WAN-based industrial internet security supervision system and method |
-
2020
- 2020-12-31 CN CN202011634649.0A patent/CN112769804A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080244694A1 (en) * | 2007-04-02 | 2008-10-02 | Microsoft Corporation | Automated collection of forensic evidence associated with a network security incident |
| CN101702677A (en) * | 2009-11-18 | 2010-05-05 | 成都市华为赛门铁克科技有限公司 | Method for detecting data flow and device thereof |
| CN102739473A (en) * | 2012-07-09 | 2012-10-17 | 南京中兴特种软件有限责任公司 | Network detecting method using intelligent network card |
| US9516039B1 (en) * | 2013-11-12 | 2016-12-06 | EMC IP Holding Company LLC | Behavioral detection of suspicious host activities in an enterprise |
| CN108833372A (en) * | 2018-05-29 | 2018-11-16 | 深圳万发创新进出口贸易有限公司 | A kind of enterprise network security management cloud service platform system |
| CN110769067A (en) * | 2019-10-30 | 2020-02-07 | 任子行网络技术股份有限公司 | SD-WAN-based industrial internet security supervision system and method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114095314A (en) * | 2021-11-25 | 2022-02-25 | 成都中科微信息技术研究院有限公司 | Industrial Internet gateway based on 5G/TSN technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230041916A1 (en) | Packet Transmission Method, Apparatus, and System | |
| CN115499230B (en) | Network attack detection method and device, equipment and storage medium | |
| US11252184B2 (en) | Anti-attack data transmission method and device | |
| US9356844B2 (en) | Efficient application recognition in network traffic | |
| CN111314179B (en) | Network quality detection method, device, equipment and storage medium | |
| US10498618B2 (en) | Attributing network address translation device processed traffic to individual hosts | |
| CN111885004B (en) | Application layer message transmission method and communication interface platform | |
| CN112350854B (en) | Flow fault positioning method, device, equipment and storage medium | |
| RU2668394C2 (en) | Packet collection method and system, network device and network management centre | |
| CN105373891A (en) | Smart grid data management and transmission system | |
| CN113225339A (en) | Network security monitoring method and device, computer equipment and storage medium | |
| US7970878B1 (en) | Method and apparatus for limiting domain name server transaction bandwidth | |
| CN119012146A (en) | CMPP protocol short message adaptation method, device, equipment and storage medium | |
| KR20220029142A (en) | Sdn controller server and method for analysing sdn based network traffic usage thereof | |
| CN112769804A (en) | Internet security supervision method, system, computer equipment and readable storage medium | |
| CN112671662A (en) | Data stream acceleration method, electronic device, and storage medium | |
| CN109195160B (en) | Tamper-proof storage system and control method for network device resource exploration information | |
| CN117014225A (en) | Message content analysis method and device, electronic equipment and storage medium | |
| JP3465183B2 (en) | Network monitoring method | |
| CN116886627A (en) | Intelligent computing network flow control method and device, electronic equipment and storage medium | |
| CN112784236A (en) | Encryption and convergence method for massive high-frequency dispersed data | |
| CN109450794B (en) | Communication method and device based on SDN network | |
| CN118158218B (en) | Communication method and system based on gateway of Internet of things | |
| CN115567430B (en) | A method and device for actively discovering missing data on a communication big data platform | |
| KR102485670B1 (en) | One-way transmission system and method for managing information thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210507 |