CN112073231A - Local area network linkage protection method and device, computer equipment and storage medium - Google Patents
Local area network linkage protection method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN112073231A CN112073231A CN202010894003.XA CN202010894003A CN112073231A CN 112073231 A CN112073231 A CN 112073231A CN 202010894003 A CN202010894003 A CN 202010894003A CN 112073231 A CN112073231 A CN 112073231A
- Authority
- CN
- China
- Prior art keywords
- area network
- local area
- terminal
- edge manager
- abnormal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
- H04L41/0609—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time based on severity or priority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to a local area network linkage protection method, a local area network linkage protection device, computer equipment and a storage medium, wherein the method comprises the following steps: acquiring each terminal in the built local area network, and determining an edge manager in the local area network; reporting the abnormal information to an edge manager under the condition that the terminal in the local area network finds the abnormal information; the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information; determining an abnormal grade according to a linkage voting result of a terminal in a local area network; and under the condition that the abnormal level is determined to be the preset first level, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information and issues the safety protection rule to the terminals in the local area network for execution, and the temporary safety protection rule is established by voting together through a plurality of terminals in the local area network, so that the accuracy, consistency and effectiveness of the rule are guaranteed.
Description
Technical Field
The invention relates to the field of local area network security, in particular to a local area network linkage protection method and device, computer equipment and a storage medium.
Background
A Local Area Network (LAN) refers to a group of computers that are interconnected by a plurality of computers in a certain Area. Generally within several kilometers of a square circle. Local area networks may implement file management, application sharing, printer sharing, scheduling within workgroups, email and fax communication services, etc. With the coming of the 5G era and the rapid development of the Internet of things industry, the application of the local area network is more and more extensive, and the problem of safety protection in the application of the local area network is more and more emphasized. The massive deployment of the terminal equipment of the internet of things has increasingly urgent requirements on the safety monitoring and cooperative protection of the terminal.
In the conventional technology, most of the adopted protection mechanisms are based on cloud cooperation, once the terminal is disconnected with a cloud network, the terminal loses protection guidance of the cloud, cannot meet related functional requirements of monitoring and protection, and seriously influences the terminal safety monitoring and protection effects.
Disclosure of Invention
The invention aims to overcome the problem of protection safety in the prior art and provides a local area network linkage protection method, a local area network linkage protection device, computer equipment and a storage medium.
In order to achieve the above object, a first aspect of the present invention provides a local area network linkage protection method, where the local area network linkage protection method includes:
acquiring each terminal in the built local area network, and determining an edge manager in the local area network;
reporting the abnormal information to the edge manager under the condition that the terminal in the local area network finds the abnormal information;
the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information;
determining an abnormal grade according to a linkage voting result of the terminal in the local area network;
and under the condition that the abnormal grade is determined to be a preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, and issues the safety protection rule to a terminal in the local area network for execution.
Preferably, the method further comprises determining an edge manager in the local area network, including: and under the condition that the terminal in the local area network is successfully connected with the cloud end, taking the terminal appointed by the cloud end as an edge manager in the local area network.
Preferably, the method further comprises determining an edge manager in the local area network, including: and the terminals in the local area network respectively initiate votes, and the terminal which obtains the maximum number of votes within the preset time is determined as an edge manager in the local area network.
Preferably, before acquiring each terminal in the assembled local area network, the method further includes: distributing a preset IP for a terminal disconnected with the cloud end; and broadcasting to the preset IP section to search for the routing nodes, and forming a corresponding local area network with the searched routing nodes.
Preferably, before acquiring each terminal in the assembled local area network, the method further includes: and under the condition that the routing node is not found or cannot be added, converting the preset IP into the routing node and initiating a local area network establishment event.
Preferably, the method further comprises: under the condition that the abnormal level is determined to be a preset second level, the edge manager records the abnormal information; and under the condition that the abnormal grade is a preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, issues the safety protection rule to a terminal in the local area network, initiates voting, and adds the safety protection rule to a local temporary rule base according to a terminal voting result in the local area network.
Preferably, the method further comprises: the edge manager uploads a terminal log of the terminal in the local area network in an offline period to a cloud; and acquiring a confirmation result of the temporary safety protection rule updated by the cloud according to the terminal log, and issuing the permanent safety protection rule to the terminal in the local area network by the edge manager under the condition that the confirmation result is that the temporary safety protection rule is updated to the permanent safety protection rule.
A second aspect of the present invention provides a lan interlock protection apparatus, including:
the manager confirming module is used for acquiring each terminal in the built local area network and determining an edge manager in the local area network;
an abnormal grade confirmation module, configured to report abnormal information to the edge manager when the terminal in the local area network finds the abnormal information; the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information; determining an abnormal grade according to a linkage voting result of the terminal in the local area network;
and the protection module is used for generating a corresponding temporary safety protection rule according to the abnormal information by the edge manager when the abnormal level is a preset first level, and issuing the safety protection rule to a terminal in the local area network for execution.
A third aspect of the present invention provides a computer device, including a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the above-mentioned lan linkage protection method when executing the computer program.
A fourth aspect of the present invention provides a machine-readable storage medium having stored thereon instructions for causing a machine to execute the above-mentioned lan linkage protection method.
According to the technical scheme, each terminal in the constructed local area network is obtained, an edge manager in the local area network is determined, when the terminal in the local area network finds abnormal information, the abnormal information can be reported to the edge manager by the terminal which finds the abnormal information, the edge manager can initiate linkage voting to the terminal in the local area network according to the received abnormal information, the abnormal grade is determined according to the linkage voting result of the terminal in the local area network, when the abnormal grade is determined to be a preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information and sends the safety protection rule to the terminal in the local area network for execution, the local area network linkage protection method adopts an automatic networking technology without a master-slave relationship, the terminal is guaranteed to be independent of the existing local area network and can automatically complete the construction of the local area network when losing contact with a cloud, the terminal in the local area network can be protected in a linkage way by selecting a mechanism that an edge manager manages the terminal in the local area network. When the edge manager determines that the abnormal level is the preset first level, the edge manager only allows to add the temporary safety protection rule and cannot delete the existing safety rule. In addition, the temporary safety protection rule is established by voting together through a plurality of terminals in the local area network, so that the accuracy, consistency and effectiveness of the rule are guaranteed. Meanwhile, the edge manager needs to upload the terminal log to the cloud end, and confirms whether the temporary safety protection rule can be upgraded to the permanent safety protection rule or not through the cloud end, so that the terminal protection rule in the local area network can not be tampered randomly. When the edge manager is disconnected with the cloud end, the edge manager can also acquire terminal logs of other terminals in offline time limit, and when the edge manager is successfully connected with the cloud end, the terminal logs are uploaded to the cloud end, the terminal logs are analyzed and monitored through the cloud end, and the monitoring blank caused by network disconnection is effectively filled.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the embodiments of the invention without limiting the embodiments of the invention. In the drawings:
FIG. 1 is a diagram schematically illustrating an application environment of a LAN linkage protection method according to an embodiment of the present invention;
FIG. 2 is a flow chart of a LAN linkage protection method according to an embodiment of the present invention;
fig. 3 schematically shows a schematic diagram of a local area network coordinated protection method according to an embodiment of the invention;
FIG. 4 schematically illustrates a block diagram of a local area network coordinated guard according to an embodiment of the invention;
fig. 5 schematically shows an internal structure diagram of a computer apparatus according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present invention, are given by way of illustration and explanation only, not limitation.
In the present invention, the local area network linkage protection method provided by the present application can be applied to the application environment shown in fig. 1. The local area network includes a plurality of terminals 102, and the terminals 102 may communicate with the cloud 104 through the network. The terminals 102 may also communicate with each other via a local area network, and one of the terminals may be selected as an edge manager. The terminal 102 may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the cloud 104 may be implemented by an independent server or a server cluster formed by a plurality of servers.
Fig. 2 schematically shows a flow chart of a local area network linkage protection method according to an embodiment of the present invention. In an embodiment of the present invention, a local area linkage protection method is provided, including the following steps:
step 201, acquiring each terminal in the constructed local area network, and determining an edge manager in the local area network.
The local area network is formed by jointly constructing a plurality of terminals, the constructed local area network comprises a plurality of terminals, and after the local area network is constructed, an edge manager in the local area network can be determined. The edge manager refers to a terminal having a management authority selected from a plurality of terminals in the local area network.
In one embodiment, determining an edge manager in a local area network includes: and under the condition that the terminal in the local area network is successfully connected with the cloud end, taking the terminal appointed by the cloud end as an edge manager in the local area network.
After the lan is successfully established, the edge manager in the lan may be determined. The cloud may be a server, and when at least one terminal exists in the local area network and is successfully connected with the cloud, the cloud may specify one terminal from the terminals successfully connected with the cloud as an edge manager. That is to say, any one terminal successfully connected with the cloud in the local area network can be designated by the cloud to become an edge manager of the local area network, and the determined edge manager can be used for managing other terminals in the local area network when the terminal in the local area network is disconnected from the cloud. Further, if voting is still initiated for the edge manager in the local area network, the terminal designated by the cloud as the edge manager is also weighted higher than other terminals, the terminal of the designated edge manager has higher priority, and the higher probability is still called as the edge manager in the local area network.
In one embodiment, determining an edge manager in a local area network includes: terminals in the local area network respectively initiate voting, and the terminal which obtains the maximum voting number within the preset time is determined as an edge manager in the local area network.
When the terminals are successfully connected with the cloud end in the local area network, the cloud end can randomly designate one of the successfully connected terminals as an edge manager of the local area network. When no terminal in the local area network is successfully connected with the cloud end, random voting selection can be performed through all terminals in the local area network. For example, assume that there are 5 terminals in the local area network, and these 5 terminals all have authority to participate in the edge hose manager, first the terminal will determine whether it is the edge manager designated by the cloud, if so, it can broadcast itself as an agent to the whole network; if not, the terminal broadcasts the vote of the agent to participate in the competition, other terminals can vote the terminal after receiving the broadcast, the terminal for the competition of the broadcast agent can continue to broadcast after receiving the vote, and the number of the votes obtained by the terminal and the time for obtaining the number of the votes are broadcast together until an edge manager in the local area network is determined, and the mode of the other terminals for competing the edge manager is the same as the mode. When the voting time is exceeded, the terminal with the largest number of votes in the broadcast and the shortest time for obtaining the largest number of votes can be used as an agent, namely an edge manager in the local area network. The two confirmation modes of the edge managers can ensure that the managers in the local area network can be quickly determined under different conditions, and the situation that the whole local area network is out of control because the edge manager cannot be selected in time when a certain edge manager is controlled is effectively prevented.
In one embodiment, before acquiring each terminal in the constructed local area network, the method further includes: distributing a preset IP for a terminal disconnected with the cloud end; and broadcasting to a preset IP section to search for the routing nodes, and forming a corresponding local area network with the searched routing nodes.
In one embodiment, in the case that no routing node is found or cannot join the found routing node, the preset IP is converted into the routing node, and the local area network establishment event is initiated.
In this embodiment, the method further includes a step of establishing the local area network. Specifically, when there is a terminal disconnected from the cloud, the terminal cannot become a designated edge manager through the cloud, and the terminal can construct a local area network by itself or join a local area network being constructed by other terminals. First, a preset IP may be allocated to the terminal, a route node may be searched for by broadcasting to a preset IP segment, and a corresponding local area network may be formed with the searched route node. If no other routing node is found or can not be added, the terminal can convert the network into the routing node, initiate a local area network building event, wait for the addition of other terminals, and build a new local area network. The preset IP is a preset IP address, and after the local area network is built, the terminal can communicate with the terminal through the corresponding IP address. And the routing node is the IP address corresponding to the router.
And step 203, the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information.
And step 204, determining an abnormal grade according to the linkage voting result of the terminals in the local area network.
After the terminal group is built into the local area network, the terminals in the local area network can form linkage protection, and when the terminals in the local area network find abnormal conditions, the found abnormal information can be reported to an edge manager. The edge manager can initiate linkage voting to the terminal in the local area network according to the received abnormal information. The abnormal conditions comprise network attack, port abnormal starting, abnormal process starting, software installation, software uninstallation and the like. The hook function is a part of the message processing mechanism of the operating system, and by setting the hook, the application program can filter all messages and events at a system level and access the messages which cannot be accessed under normal conditions. When the program triggers the abnormity, the set hook function can find the abnormal condition, and the terminal can report the information of the abnormal condition to the edge manager. After receiving the abnormal information, the edge manager can initiate linkage voting to the terminal in the local area network. The terminal initiating the linkage voting may be a terminal reporting the same abnormal condition, or may be all terminals in the local area network, and in general, in order to save resources such as CPU, memory, GPU, and the like, the terminals participating in the linkage voting may be limited to the terminals reporting the same condition. And after receiving the reported abnormal information, the linkage voting finger edge manager can calculate the received abnormal condition according to a local storage rule, then send the calculated abnormal problem to other terminals, and can require other terminals to calculate the abnormal problem according to the own storage rule, judge the influence possibly caused when the abnormal problem is encountered, and vote on the severity of the influence caused by the abnormal problem. The edge manager can obtain the voting result and classify the abnormal conditions according to the voting result.
Specifically, the edge manager may divide the abnormal level into three preset levels, namely a preset first level, a preset second level and a preset third level, according to the degree of influence of the abnormal condition. When the edge manager judges that the abnormal level is the preset first level, the edge manager generates a corresponding temporary safety protection rule according to the abnormal condition, wherein the temporary safety protection rule is mainly used for setting a white list and a black list, namely, the execution of abnormal behaviors in the terminal is allowed or forbidden. And issuing the generated temporary safety protection rule to terminals in the local area network, and voting through all the terminals to determine whether the temporary safety protection rule needs to be added into a local temporary rule base.
In one embodiment, under the condition that the abnormal level is determined to be a preset second level, the edge manager records the abnormal information; and under the condition that the abnormal level is determined to be the preset first level, the edge manager can generate a corresponding temporary safety protection rule according to the abnormal information, issue the safety protection rule to a terminal in the local area network, initiate voting, and determine whether the safety protection rule can be added into a local temporary rule base according to a terminal voting result in the local area network.
The edge manager presets the anomaly level to three levels according to the degree of influence of the anomaly: the method includes the steps of presetting a first grade, presetting a second grade and presetting a third grade. Specifically, the highest abnormal severity level is a preset first level, the medium abnormal severity level is a preset second level, and the lightest abnormal severity level is a preset third level. When the edge manager determines that the level corresponding to the abnormal condition is the preset second level, the edge manager may record the occurred abnormal information so as to trace the source subsequently. When the edge manager determines that the level corresponding to the abnormal condition is the preset third level yes, the edge manager may not perform processing.
Further, when the edge manager determines that the abnormal level is the preset first level, the edge manager may generate a corresponding temporary security rule according to the abnormal condition, and issue the generated temporary security rule to each terminal in the local area network for voting. And voting the formed temporary safety protection rule by each terminal in the local area network according to the local storage rule of the terminal, finally determining the final safety protection rule according to the voting result of the terminal in the local area network, and adding the confirmed safety protection rule into a local temporary rule base of the local area network terminal. Therefore, the local temporary rule base can be more perfect, and when a terminal which does not encounter an abnormal condition encounters a similar abnormal condition, the terminal can timely react to the abnormal condition according to the perfect local temporary rule base.
In one embodiment, an edge manager uploads a terminal log of a terminal in a local area network during an offline period to a cloud; and acquiring a confirmation result of upgrading the temporary safety protection rule by the cloud according to the terminal log, and issuing the permanent safety protection rule to the terminal in the local area network by the edge manager under the condition of determining that the confirmation result is that the temporary safety protection rule is upgraded to the permanent safety protection rule.
And the edge manager uploads a terminal log of the terminal in the local area network to the cloud end in an offline period, wherein the terminal log comprises time, a voting condition, a reporting record of a terminal abnormal condition, a terminal running condition, a terminal voting result, a temporary safety protection rule and the like. The cloud end can upgrade and confirm the temporary safety protection rule formed by voting according to the terminal log uploaded by the edge manager, when the edge manager obtains the confirmation result of the cloud end on the temporary safety protection rule, and when the confirmation result is that the temporary safety protection rule is upgraded to the permanent safety protection rule, the edge manager can issue the permanent safety protection rule to all terminals in the local area network, and the terminals can execute the permanent safety protection rule. Further, the permanent security protection rule may be a white list and a black list, the behavior added to the white list is allowed to be executed, and the behavior added to the black list is prohibited from being executed.
In one embodiment, as shown in fig. 3, when a terminal disconnects from the cloud when a lan is established, the terminal may broadcast to find other terminals to establish the lan. After the LAN is built, the agent, namely the edge manager, can be selected by voting. The terminal which finds the abnormity can report the security event to the edge manager, and the edge manager can initiate linkage voting to the terminal in the local area network according to the received abnormity information to determine the abnormity level. Meanwhile, the edge manager can be connected with the cloud end, abnormal information data uploaded by other terminals are uploaded to the cloud end for data synchronization, and under the condition that the abnormal level is determined to be a preset first level, the edge manager can generate a corresponding temporary safety protection rule according to the abnormal information and issue the safety protection rule to the terminals in the local area network for execution.
The LAN linkage protection method comprises the steps of acquiring each terminal in the constructed LAN, determining an edge manager in the LAN, reporting abnormal information to the edge manager by the terminal which finds the abnormal information under the condition that the terminal in the LAN finds the abnormal information, initiating linkage voting to the terminal in the LAN by the edge manager according to the received abnormal information, determining the abnormal grade according to the linkage voting result of the terminal in the LAN, generating a corresponding temporary safety protection rule by the edge manager according to the abnormal information under the condition that the abnormal grade is determined to be a preset first grade, and sending the safety protection rule to the terminal in the LAN for execution, wherein the LAN linkage protection method adopts an automatic networking technology without a master-slave relationship, ensures that the terminal can automatically finish the construction of the LAN without depending on the existing LAN when losing contact with a cloud, the terminal in the local area network can be protected in a linkage way by selecting a mechanism that an edge manager manages the terminal in the local area network. When the edge manager determines that the abnormal level is the preset first level, the edge manager only allows to add the temporary safety protection rule and cannot delete the existing safety rule. Moreover, the temporary safety protection rule is established by voting together through a plurality of terminals in the local area network, so that the accuracy, consistency and effectiveness of the rule are guaranteed. Meanwhile, the edge manager needs to upload the terminal log to the cloud end, and confirms whether the temporary safety protection rule can be upgraded to the permanent safety protection rule or not through the cloud end, so that the terminal protection rule in the local area network can not be tampered randomly. When the edge manager is disconnected with the cloud end, the edge manager can also acquire terminal logs of other terminals in offline time limit, and when the edge manager is successfully connected with the cloud end, the terminal logs are uploaded to the cloud end, the terminal logs are analyzed and monitored through the cloud end, and the monitoring blank caused by network disconnection is effectively filled.
In one embodiment, as shown in FIG. 4, there is provided a local area network ganged guard, comprising: manager confirms module, unusual grade and confirms module and protection module, wherein:
the manager confirming module 401 is configured to obtain each terminal in the assembled local area network, and determine an edge manager in the local area network.
An abnormal level confirmation module 402, configured to report abnormal information to an edge manager when a terminal in the local area network finds the abnormal information; the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information; and determining the abnormal grade according to the linkage voting result of the terminal in the local area network.
The protection module 403 is configured to, when the abnormal level is the preset first level, generate a corresponding temporary security rule according to the abnormal information by the edge manager, and issue the security rule to a terminal in the local area network for execution.
In one embodiment, the administrator confirmation module 401 is further configured to, in a case that it is determined that a terminal in the local area network is successfully connected to the cloud, take the terminal specified by the cloud as an edge administrator in the local area network.
In an embodiment, the administrator confirmation module 401 is further configured to, when it is determined that a terminal in the local area network is successfully connected to the cloud, but a terminal specified by the cloud is not in the local area network, initiate a vote by each terminal in the local area network, and determine the terminal that obtains the maximum number of votes within a preset time as an edge administrator in the local area network.
In one embodiment, the protection module 403 is further configured to, in a case that it is determined that the anomaly level is a preset second level, record anomaly information by an edge manager; under the condition that the abnormal grade is determined to be a preset third grade, the edge manager issues the terminal record in the local area network; and under the condition that the abnormal grade is determined to be the preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, issues the safety protection rule to a terminal in the local area network, initiates voting, and adds the safety protection rule to a local temporary rule base according to a terminal voting result in the local area network.
In one embodiment, the protection module 403 is further configured to upload, by the edge manager, a terminal log of a terminal in the local area network during an offline period to the cloud; and acquiring a confirmation result of upgrading the temporary safety protection rule by the cloud according to the terminal log, and issuing the permanent safety protection rule to the terminal in the local area network by the edge manager under the condition of determining that the confirmation result is that the temporary safety protection rule is upgraded to the permanent safety protection rule.
In an embodiment, the lan linkage protection device further includes a lan construction module (not shown in the figure) configured to allocate a preset IP to a terminal disconnected from the cloud; and broadcasting to a preset IP section to search for the routing nodes, and forming a corresponding local area network with the searched routing nodes.
In an embodiment, the local area network configuration module is further configured to convert the preset IP into the routing node and initiate the local area network configuration event when the routing node is not found or cannot join the found routing node.
The local area network linkage protection device comprises a processor and a memory, wherein the manager confirmation module, the abnormal grade confirmation module, the protection module and the like are stored in the memory as program units, and the processor executes the program modules stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and linkage protection of the local area network is realized by adjusting kernel parameters.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
An embodiment of the present invention provides a storage medium, on which a program is stored, where the program, when executed by a processor, implements the above-mentioned local area network linkage protection method.
The embodiment of the invention provides a processor, which is used for running a program, wherein the local area network linkage protection method is executed when the program runs.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 5. The computer apparatus includes a processor a01, a network interface a02, a display screen a04, an input device a05, and a memory (not shown in the figure) connected through a system bus. Wherein processor a01 of the computer device is used to provide computing and control capabilities. The memory of the computer device comprises an internal memory a03 and a non-volatile storage medium a 06. The nonvolatile storage medium a06 stores an operating system B01 and a computer program B02. The internal memory a03 provides an environment for the operation of the operating system B01 and the computer program B02 in the nonvolatile storage medium a 06. The network interface a02 of the computer device is used for communication with an external terminal through a network connection. The computer program when executed by the processor a01 is operable to implement a method of local area network interlock prevention. The display screen a04 of the computer device may be a liquid crystal display screen or an electronic ink display screen, and the input device a05 of the computer device may be a touch layer covered on the display screen, a button, a trackball or a touch pad arranged on a casing of the computer device, or an external keyboard, a touch pad or a mouse.
Those skilled in the art will appreciate that the architecture shown in fig. 5 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
The embodiment of the invention provides equipment, which comprises a processor, a memory and a program which is stored on the memory and can run on the processor, wherein the processor executes the program and realizes the following steps: acquiring each terminal in the built local area network, and determining an edge manager in the local area network; reporting the abnormal information to an edge manager under the condition that the terminal in the local area network finds the abnormal information; the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information; determining an abnormal grade according to a linkage voting result of a terminal in a local area network; and under the condition that the abnormal grade is determined to be the preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, and issues the safety protection rule to a terminal in the local area network for execution.
In one embodiment, determining an edge manager in a local area network includes: and under the condition that the terminal in the local area network is successfully connected with the cloud end, taking the terminal appointed by the cloud end as an edge manager in the local area network.
In one embodiment, determining an edge manager in a local area network includes: terminals in the local area network respectively initiate voting, and the terminal which obtains the maximum voting number within the preset time is determined as an edge manager in the local area network.
In one embodiment, before acquiring each terminal in the constructed local area network, the method further includes: distributing a preset IP for a terminal disconnected with the cloud end; and broadcasting to a preset IP section to search for the routing nodes, and forming a corresponding local area network with the searched routing nodes.
In one embodiment, the method further comprises: and under the condition that the routing node is not found or cannot be added, converting the preset IP into the routing node and initiating a local area network building event.
In one embodiment, the method further comprises: under the condition that the abnormal level is determined to be a preset second level, the edge manager records the abnormal information; and under the condition that the abnormal grade is determined to be the preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, issues the safety protection rule to a terminal in the local area network, initiates voting, and adds the safety protection rule to a local temporary rule base according to a terminal voting result in the local area network.
In one embodiment, the method further comprises: an edge manager uploads a terminal log of a terminal in a local area network in an offline period to a cloud; and acquiring a confirmation result of upgrading the temporary safety protection rule by the cloud according to the terminal log, and issuing the permanent safety protection rule to the terminal in the local area network by the edge manager under the condition of determining that the confirmation result is that the temporary safety protection rule is upgraded to the permanent safety protection rule.
The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device: acquiring each terminal in the built local area network, and determining an edge manager in the local area network; reporting the abnormal information to an edge manager under the condition that the terminal in the local area network finds the abnormal information; the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information; determining an abnormal grade according to a linkage voting result of a terminal in a local area network; and under the condition that the abnormal grade is determined to be the preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, and issues the safety protection rule to a terminal in the local area network for execution.
In one embodiment, determining an edge manager in a local area network includes: and under the condition that the terminal in the local area network is successfully connected with the cloud end, taking the terminal appointed by the cloud end as an edge manager in the local area network.
In one embodiment, determining an edge manager in a local area network includes: terminals in the local area network respectively initiate voting, and the terminal which obtains the maximum voting number within the preset time is determined as an edge manager in the local area network.
In one embodiment, before acquiring each terminal in the constructed local area network, the method further includes: distributing a preset IP for a terminal disconnected with the cloud end; and broadcasting to a preset IP section to search for the routing nodes, and forming a corresponding local area network with the searched routing nodes.
In one embodiment, the method further comprises: and under the condition that the routing node is not found or cannot be added, converting the preset IP into the routing node and initiating a local area network building event.
In one embodiment, the method further comprises: under the condition that the abnormal level is determined to be a preset second level, the edge manager records the abnormal information; and under the condition that the abnormal grade is determined to be the preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, issues the safety protection rule to a terminal in the local area network, initiates voting, and adds the safety protection rule to a local temporary rule base according to a terminal voting result in the local area network.
In one embodiment, the method further comprises: an edge manager uploads a terminal log of a terminal in a local area network in an offline period to a cloud; and acquiring a confirmation result of upgrading the temporary safety protection rule by the cloud according to the terminal log, and issuing the permanent safety protection rule to the terminal in the local area network by the edge manager under the condition of determining that the confirmation result is that the temporary safety protection rule is upgraded to the permanent safety protection rule.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A local area network linkage protection method is characterized by comprising the following steps:
acquiring each terminal in the built local area network, and determining an edge manager in the local area network;
reporting the abnormal information to the edge manager under the condition that the terminal in the local area network finds the abnormal information;
the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information;
determining an abnormal grade according to a linkage voting result of the terminal in the local area network;
and under the condition that the abnormal grade is determined to be a preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, and issues the safety protection rule to a terminal in the local area network for execution.
2. The method of claim 1, wherein determining an edge manager in the local area network comprises:
and under the condition that the terminal in the local area network is successfully connected with the cloud end, taking the terminal appointed by the cloud end as an edge manager in the local area network.
3. The method of claim 1, wherein determining an edge manager in the local area network comprises:
and the terminals in the local area network respectively initiate votes, and the terminal which obtains the maximum number of votes within the preset time is determined as an edge manager in the local area network.
4. The method according to claim 1, further comprising, before the acquiring each terminal in the constructed local area network:
distributing a preset IP for a terminal disconnected with the cloud end;
and broadcasting to the preset IP section to search for the routing nodes, and forming a corresponding local area network with the searched routing nodes.
5. The method of claim 4, further comprising:
and under the condition that the routing node is not found or cannot be added, converting the preset IP into the routing node and initiating a local area network establishment event.
6. The method of claim 1, further comprising:
under the condition that the abnormal level is determined to be a preset second level, the edge manager records the abnormal information;
and under the condition that the abnormal grade is determined to be a preset first grade, the edge manager generates a corresponding temporary safety protection rule according to the abnormal information, issues the safety protection rule to a terminal in the local area network, initiates voting, and adds the safety protection rule to a local temporary rule base according to a terminal voting result in the local area network.
7. The method of claim 1, further comprising:
the edge manager uploads a terminal log of the terminal in the local area network in an offline period to a cloud;
and acquiring a confirmation result of the temporary safety protection rule updated by the cloud according to the terminal log, and issuing the permanent safety protection rule to the terminal in the local area network by the edge manager under the condition that the confirmation result is that the temporary safety protection rule is updated to the permanent safety protection rule.
8. A local area network interlock protection device, the device comprising:
the manager confirming module is used for acquiring each terminal in the built local area network and determining an edge manager in the local area network;
an abnormal grade confirmation module, configured to report abnormal information to the edge manager when the terminal in the local area network finds the abnormal information; the edge manager initiates linkage voting to the terminal in the local area network according to the received abnormal information; determining an abnormal grade according to a linkage voting result of the terminal in the local area network;
and the protection module is used for generating a corresponding temporary safety protection rule according to the abnormal information by the edge manager when the abnormal level is a preset first level, and issuing the safety protection rule to a terminal in the local area network for execution.
9. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program implements the steps of the local area network interlock protection method of any one of claims 1 to 7.
10. A machine-readable storage medium having stored thereon instructions for causing a machine to perform the method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010894003.XA CN112073231B (en) | 2020-08-31 | 2020-08-31 | Local area network linkage protection method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010894003.XA CN112073231B (en) | 2020-08-31 | 2020-08-31 | Local area network linkage protection method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112073231A true CN112073231A (en) | 2020-12-11 |
| CN112073231B CN112073231B (en) | 2023-08-18 |
Family
ID=73664734
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010894003.XA Active CN112073231B (en) | 2020-08-31 | 2020-08-31 | Local area network linkage protection method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112073231B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106325243A (en) * | 2016-08-15 | 2017-01-11 | 宁波舜宇智能科技有限公司 | Operation rate determining method and terminal |
| CN106817250A (en) * | 2016-12-23 | 2017-06-09 | 东软集团股份有限公司 | A kind of dynamic electoral machinery and system |
| WO2017096968A1 (en) * | 2015-12-10 | 2017-06-15 | 乐视控股(北京)有限公司 | Log uploading method and apparatus |
| CN111355610A (en) * | 2020-02-25 | 2020-06-30 | 网宿科技股份有限公司 | Exception handling method and device based on edge network |
-
2020
- 2020-08-31 CN CN202010894003.XA patent/CN112073231B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017096968A1 (en) * | 2015-12-10 | 2017-06-15 | 乐视控股(北京)有限公司 | Log uploading method and apparatus |
| CN106325243A (en) * | 2016-08-15 | 2017-01-11 | 宁波舜宇智能科技有限公司 | Operation rate determining method and terminal |
| CN106817250A (en) * | 2016-12-23 | 2017-06-09 | 东软集团股份有限公司 | A kind of dynamic electoral machinery and system |
| CN111355610A (en) * | 2020-02-25 | 2020-06-30 | 网宿科技股份有限公司 | Exception handling method and device based on edge network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112073231B (en) | 2023-08-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11108859B2 (en) | Intelligent backup and recovery of cloud computing environment | |
| EP3793166B1 (en) | Methods and systems for ranking, filtering and patching detected vulnerabilities in a networked system | |
| CN110661658B (en) | Node management method and device of block chain network and computer storage medium | |
| CN108551399B (en) | Service deployment method, system and related device in cloud environment | |
| CN111258851B (en) | Cluster alarm method, device, setting and storage medium | |
| CN112989330B (en) | Container intrusion detection method, device, electronic equipment and storage medium | |
| US10425475B2 (en) | Distributed data management | |
| CN111639314B (en) | Container login system, method, server and storage medium | |
| WO2019153532A1 (en) | Deployment method and apparatus for monitoring system, and computer device and storage medium | |
| US20090070425A1 (en) | Data processing system, method of updating a configuration file and computer program product | |
| CN112965817B (en) | Resource management method and device and electronic equipment | |
| WO2020211362A1 (en) | Method and apparatus for improving availability of trunking system, and computer device | |
| CN108390786B (en) | Business operation and maintenance method and device and electronic equipment | |
| CN113849266A (en) | Service deployment method and device for multiple Kubernetes clusters | |
| CN110730095B (en) | Cloud computing platform-oriented data security emergency drilling method and system | |
| US20220244950A1 (en) | Method and system for graph-based application modeling | |
| CN114706690A (en) | Method and system for sharing GPU (graphics processing Unit) by Kubernetes container | |
| CN111131131B (en) | Vulnerability scanning method and device, server and readable storage medium | |
| EP3591530A1 (en) | Intelligent backup and recovery of cloud computing environment | |
| CN111935195B (en) | Distributed system management method, device, storage medium and distributed management system | |
| EP2887703B1 (en) | Application protection in a mobile telecommunication device | |
| CN112306640A (en) | Container dispensing method, apparatus, device and medium therefor | |
| CN112073231B (en) | Local area network linkage protection method, device, computer equipment and storage medium | |
| CN115580522A (en) | Method and device for monitoring running state of container cloud platform | |
| CN116820686B (en) | Physical machine deployment method, virtual machine and container unified monitoring method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |