CN117834227A - Method and device for batch online of IP-free firewalls, electronic equipment and storage medium - Google Patents
Method and device for batch online of IP-free firewalls, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN117834227A CN117834227A CN202311789466.XA CN202311789466A CN117834227A CN 117834227 A CN117834227 A CN 117834227A CN 202311789466 A CN202311789466 A CN 202311789466A CN 117834227 A CN117834227 A CN 117834227A
- Authority
- CN
- China
- Prior art keywords
- firewall
- free
- management center
- serial number
- protected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003860 storage Methods 0.000 title claims abstract description 91
- 238000000034 method Methods 0.000 title claims abstract description 74
- 230000006870 function Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 11
- 238000004891 communication Methods 0.000 abstract description 19
- 238000000926 separation method Methods 0.000 abstract 1
- 230000008569 process Effects 0.000 description 14
- 238000010586 diagram Methods 0.000 description 10
- 230000004044 response Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 238000012790 confirmation Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000002360 preparation method Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application provides a method and a device for batch online of a I P-free firewall, electronic equipment and a storage medium, and belongs to the technical fields of network communication and firewalls. The method comprises the following steps: the I P of the firewall serial number without I P and the protected equipment are input into a management center to obtain a data file; ferrying the data file to a I P-free firewall through USB; reading the data file by the firewall without I P according to the firewall serial number without I P to obtain I P and a management center I P of the protected equipment; the I P of the protected equipment is connected with the management center through the no I P firewall, if the connection is successful, the no I P firewall serial number and the I P of the protected equipment are returned to the management center, and the no I P firewall is connected through the management center. According to the embodiment of the application, the firewall without I P can be efficiently finished to be online in batches, the separation of management personnel and implementation personnel is realized, the correctness and the safety of information are ensured, manual configuration is not needed, and the online efficiency of the firewall without I P is improved.
Description
Technical Field
The application relates to the technical field of network communication and firewalls, in particular to an IP-free firewall batch online method, an IP-free firewall batch online device, electronic equipment and a storage medium.
Background
At present, in the process of connecting wires on IP-free fireproof walls, parameters of each IP-free fireproof wall equipment need to be manually configured on site, so that the method is low in efficiency and easy to make mistakes, and related technicians are required to operate the method, so that the cost is high. Meanwhile, the online process of each IP-free firewall device may be different, so that the operation process is complex, the efficiency is low, and the online difficulty is increased. Moreover, configuration personnel and implementation personnel are mixed together in the process of connecting the IP-free firewall, so that information of the IP-free firewall equipment can be leaked carelessly, and safety risks exist. In addition, the field network is complex, and all network communication can not be initiated from the management center, so that the existing online mode of initiating communication from the management center is low in efficiency.
Therefore, the above technical problems are to be solved in industry.
Disclosure of Invention
The main purpose of the embodiments of the present application is to provide a method, an apparatus, an electronic device and a storage medium for batch online of an IP-free firewall, so as to overcome the defects in the prior art.
The embodiment of the application discloses the following technical scheme:
in one aspect, an embodiment of the present application provides a method for batch online of IP-free firewalls, where the method includes:
The IP firewall serial number without IP and the IP of the protected equipment are input into a management center;
generating and encrypting a data file by the management center according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center;
transmitting the data file to a USB storage medium through the management center, and ferrying the data file to the IP-free firewall through the USB storage medium;
reading the data file according to the serial number of the IP-free firewall through the IP-free firewall to obtain the IP of the protected equipment and the IP of the management center, and learning through the IP-free firewall to obtain the IP of the protected equipment if the IP of the protected equipment is empty;
and connecting the IP of the protected equipment with the management center through the IP-free firewall, returning the IP-free firewall serial number and the IP of the protected equipment to the management center through the IP-free firewall if the connection is successful, and connecting the IP of the protected equipment to the IP-free firewall through the management center according to the IP-free firewall serial number and the IP of the protected equipment.
In some embodiments, said transferring, by said management center, said data file to a USB storage medium, said ferrying, by said USB storage medium, said data file to said IP-free firewall comprises:
Inserting the USB storage medium into the management center, and formatting the USB storage medium through the management center;
storing the data file through the USB storage medium;
the USB storage medium is inserted into the IP-free firewall.
In some embodiments, when the IP of the protected device includes a plurality of IPs, the connecting the management center with the IP of the protected device through the IP-less firewall includes:
connecting the management center through the IP-free firewall by adopting each IP of the protected equipment;
if all the IPs of the protected equipment are failed to be connected with the management center, determining that the connection is failed;
and if at least one IP in the IP of the protected equipment is successfully connected with the management center, determining that the connection is successful, and acquiring the IP of the protected equipment which is successfully connected.
In some embodiments, if the connection is successful, returning, through the IP-less firewall, the IP of the protected device and the IP of the IP-less firewall serial number to the management center, including:
and if the connection is successful, returning the serial number of the IP-free firewall and the IP of the equipment to be protected which is successfully connected to the management center through the IP-free firewall.
In some embodiments, the management center includes a bulk deployment page including an asset object area including an asset address sub-area and a secondary IP address sub-area; when the IP of the protected device includes a plurality of IPs, the step of accessing, by the management center, the IP-free firewall according to the IP-free firewall serial number and the IP of the protected device includes:
in response to the first instruction, the IP of the selected protected device is displayed in the asset address sub-region of the asset object region, and the IP of the unselected protected device is displayed in the secondary IP address sub-region of the asset object region.
In some embodiments, the management center includes a batch deployment page, the batch deployment page includes a deployment list area and a selection terminal area, the generating and encrypting, by the management center, a data file according to the IP-free firewall serial number, the IP of the protected device, and the management center IP includes:
responding to a second instruction, and displaying the IP-free firewall serial number, the IP of the protected equipment and the IP of the management center in a deployment list area;
responding to the third instruction, displaying an unselected IP-free firewall serial number and a management center IP in a first display area of the selected terminal area, and displaying the selected IP-free firewall serial number and the management center IP in a second display area of the selected terminal area;
And responding to a fourth instruction, and generating and encrypting a data file according to the selected IP-free firewall serial number and the management center IP.
In some embodiments, after the step of connecting the management center through the IP-less firewall using IP of the protected device, the method further includes:
if the connection fails, starting a self-learning function through the IP-free firewall, continuously and automatically learning to obtain the IP of the protected equipment until the IP of the protected equipment obtained by learning is successfully connected with the management center, returning the IP-free firewall serial number and the IP of the protected equipment to the management center through the IP-free firewall, and uploading the IP-free firewall according to the IP-free firewall serial number and the IP of the protected equipment through the management center.
In some embodiments, the step of introducing, by the management center, the IP-less firewall according to the IP-less firewall serial number and the IP of the protected device includes:
receiving a current IP-free firewall serial number and the IP of the protected equipment through the management center;
acquiring an online IP-free firewall serial number through the management center;
if the online IP-free firewall serial number does not comprise the current IP-free firewall serial number, the management center is used for online the IP-free firewall according to the current IP-free firewall serial number and the IP of the protected equipment;
If the online IP-free firewall serial number comprises the current IP-free firewall serial number, prompting the user that the current IP-free firewall is online through the management center, wherein the online operation fails.
On the other hand, the embodiment of the application provides an IP-free firewall batch online device, which comprises:
the information input module is used for inputting the serial number of the firewall without the IP and the IP of the protected equipment into the management center;
the data file generation module is used for generating and encrypting a data file according to the IP-free firewall serial number, the IP of the protected equipment and the IP of the management center through the management center;
the USB management module is used for transmitting the data file to a USB storage medium through the management center and ferrying the data file to the IP-free firewall through the USB storage medium;
the data acquisition module is used for reading the data file through the IP-free firewall according to the IP-free firewall serial number to obtain the IP of the protected equipment and the IP of the management center, and if the IP of the protected equipment is empty, learning through the IP-free firewall to obtain the IP of the protected equipment;
the connection module is used for connecting the IP of the protected equipment with the management center through the IP-free firewall, returning the IP-free firewall serial number and the IP of the protected equipment to the management center through the IP-free firewall if the connection is successful, and uploading the IP of the protected equipment to the IP-free firewall through the management center according to the IP-free firewall serial number and the IP of the protected equipment.
On the other hand, the embodiment of the application provides electronic equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor executes the IP-free firewall batch online method.
On the other hand, the embodiment of the application provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the IP-free firewall batch online method when being executed by a processor.
According to the method, the device, the electronic equipment and the storage medium for online batch of the IP-free firewalls, the IP of the protected equipment can be empty by inputting the serial numbers of the IP-free firewalls and the IP of the protected equipment into the management center, and management staff can intensively manage all IP-free firewall information; generating and encrypting a data file according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center through the management center; the data file is transmitted to the USB storage medium through the management center, and the data file is ferred to the IP-free firewall through the USB storage medium, so that the integrity and the safety of the data in the transmission process are ensured; the IP of the protected equipment and the IP of the management center are obtained by reading the data file according to the serial number of the IP-free firewall through the IP-free firewall, the automatic connection of the IP-free firewall is realized, the efficiency is improved, manual operation is not needed, if the IP of the protected equipment is empty, the IP of the protected equipment is obtained through learning from the network data stream through the IP-free firewall, and the dynamic change of the IP of the protected equipment can be adapted; the IP firewall is used for connecting the IP of the protected equipment to the management center, if the connection is successful, the IP firewall serial number and the IP of the protected equipment are returned to the management center through the IP firewall, and the management center is used for realizing high-efficiency and large-batch quick online of the IP firewall according to the IP firewall serial number and the IP of the protected equipment.
Drawings
Fig. 1 is a flowchart of an IP-less firewall batch online method provided in an embodiment of the present application;
fig. 2 is a flowchart of step S103 in fig. 1;
fig. 3 is a flowchart of step S105 in fig. 1;
fig. 4 is another flowchart of step S105 in fig. 3;
FIG. 5 is a schematic diagram of a batch deployment page when information is entered according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a batch deployment page after entry provided by an embodiment of the present application;
FIG. 7 is a schematic diagram of a batch deployment page for generating data files provided by an embodiment of the present application;
FIG. 8 is a schematic diagram of a batch deployment page to be online according to an embodiment of the present application;
FIG. 9 is a schematic diagram of a batch deployment page with confirmation of online provided by an embodiment of the present application;
fig. 10 is a schematic structural diagram of an IP-less firewall batch online device according to an embodiment of the present disclosure;
fig. 11 is a schematic hardware structure of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
It should be noted that although functional block division is performed in a device diagram and a logic sequence is shown in a flowchart, in some cases, the steps shown or described may be performed in a different order than the block division in the device, or in the flowchart. The terms first, second and the like in the description and in the claims and in the above-described figures, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of the present application only and is not intended to be limiting of the present application.
First, several nouns referred to in this application are parsed:
strategy: the method is a strategy for controlling equipment to forward the flow and perform content security integrated detection on the flow. The policy verifies that the data flow passing through the firewall is valid for the data flow conforming to the security policy to pass through the firewall.
IP-free firewall: is a network security device deployed in front of a protected device, and its primary purpose is to protect the device from unauthorized access and attacks. The IP-less firewall does not need to configure or use an IP address to perform its function, and can borrow IP of the protected device for communication when the IP-less firewall needs to communicate.
Protected device: refers to any electronic device, computer system, network device, or other type of hardware that needs to be protected, located behind an IP-less firewall, protected by the IP-less firewall.
Management center: is a platform for centralized management and control of IP-free firewalls and protected devices.
At present, in the process of connecting wires on IP-free fireproof walls, parameters of each IP-free fireproof wall equipment need to be manually configured on site, so that the method is low in efficiency and easy to make mistakes, and related technicians are required to operate the method, so that the cost is high. Meanwhile, the online process of each IP-free firewall device may be different, so that the operation process is complex, the efficiency is low, and the online difficulty is increased. Moreover, configuration personnel and implementation personnel are mixed together in the process of connecting the IP-free firewall, so that information of the IP-free firewall equipment can be leaked carelessly, and safety risks exist. In addition, the field network is complex, and all network communication can not be initiated from the management center, so that the existing online mode of initiating communication from the management center is low in efficiency.
Therefore, the above technical problems are to be solved in industry.
Based on this, the embodiment of the application provides a method, a device, electronic equipment and a storage medium for online of IP-free firewalls in batches, aiming at improving the online efficiency of the IP-free firewalls.
The method, the device, the electronic equipment and the storage medium for batch online of the IP-free firewalls provided by the embodiment of the application are specifically described through the following embodiment, and the method for batch online of the IP-free firewalls in the embodiment of the application is described first.
The embodiment of the application provides a batch online method for IP-free firewalls, which relates to the technical fields of network communication and firewalls. The method for batch online of the IP-free firewalls provided by the embodiment of the application can be applied to a terminal, a server and software running in the terminal or the server. In some embodiments, the terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, a vehicle-mounted terminal, and the like; the server side can be configured as an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, and can be configured as a cloud server for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligence platforms, and the server can also be a node server in a blockchain network; the software may be an application or the like that implements the IP-free firewall batch online method, but is not limited to the above form.
The subject application is operational with numerous general purpose or special purpose computer system environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like. The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
Fig. 1 is an optional flowchart of an IP-free firewall batch online method provided in an embodiment of the application, where the method in fig. 1 may include, but is not limited to, steps S101 to S105.
Step S101, inputting the serial number of the firewall without the IP and the IP of the protected equipment into a management center;
specifically, the IP of the IP protected device of the protected device may be null, may be a single IP, or may be multiple IPs, which is not specifically limited in the present application, and the no IP firewall serial number is no IP firewall serial number, that is, no IP firewall ID, which is a unique identification code of the no IP firewall.
The data input into the management center is not particularly limited, and the data can be flexibly selected according to actual online requirements. Illustratively, the data entered into the management center may include protection policies of the IP-less firewall, may include names of the IP-less firewall, and may include location information of the IP-less firewall.
It will be appreciated that when the data entered into the management center includes protection policies without an IP firewall, the protection policies without an IP firewall need to be entered into the management center.
In some embodiments, a default name may be preset, and if the name of the non-IP firewall is not entered into the management center or the name of the non-IP firewall is null, the default name is used as the name of the non-IP firewall.
In some embodiments, when the data entered into the management center includes a name of the IP-less firewall, the name of the IP-less firewall needs to be entered into the management center.
Further, a default name may be preset, and if the name of the non-IP firewall is not entered into the management center or the name of the non-IP firewall is null, the default name is used as the name of the non-IP firewall.
In some embodiments, when the data entered into the management center includes location information for the IP-less firewall, the location information for the IP-less firewall needs to be entered into the management center.
Further, default location information may be preset, and if the location information of the non-IP firewall is not entered into the management center or the location information of the non-IP firewall is null, the default location information is used as the location information of the non-IP firewall.
In this embodiment, the IP entry management center without the IP firewall serial number and the protected device prepares for subsequent generation of the data file.
Step S102, generating and encrypting a data file according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center through the management center;
specifically, the data file contains the information required for the IP-less firewall to establish the connection and communicate and for the IP-less firewall configuration to take place.
In some embodiments, the encryption method of the data file is not specifically limited, and flexible selection can be performed in combination with actual online requirements. Illustratively, the data file may be encrypted symmetrically, asymmetrically, or hashed.
It will be appreciated that the data file must include the IP-less firewall serial number and the management center IP, and that the IP of the protected device may be null. In addition, the content of the data file is not particularly limited, and the data file can be flexibly selected in combination with actual online requirements. Illustratively, the data file may further include a protection policy without an IP firewall, a name without an IP firewall, and location information without an IP firewall.
In some embodiments, the management center includes a bulk deployment page including a deployment list area and a select terminal area
Further, in response to the second instruction, the IP-free firewall serial number and the IP and management center IP of the protected device are displayed in the deployment list area. The second instruction may include a display instruction of a batch deployment page.
In some embodiments, in response to the third instruction, the unselected no-IP firewall serial number and the management center IP are displayed in a first display area of the selected terminal area, and the selected no-IP firewall serial number and the management center IP are displayed in a second display area of the selected terminal area. The third instruction may include a make flash instruction for deploying pages in batches. And the flash disk manufacturing instruction is used for generating a data file, formatting the flash disk and storing the data file into the flash disk.
For example, as shown in fig. 7, the first display area may be a left display frame of the selection terminal area, and the second display area may be a right display frame of the selection terminal area, and the content of the display frame is changed by triggering a button between the left display frame and the right display frame.
In some embodiments, in response to the fourth instruction, a data file is generated and encrypted based on the selected IP-less firewall serial number and the management center IP. The fourth instruction may include a confirmation preparation instruction of the mass deployment page.
It should be noted that, the selection mode is not specifically limited in the present application, and the selection mode can be flexibly selected in combination with the actual online requirement. The selection mode may be drag selection, drop-down selection, or input selection.
Furthermore, the format of the data file is not particularly limited, and the data file can be flexibly selected according to actual online requirements. The data file may be in a text file format, a binary file format, or a tabular file format, for example.
In this embodiment, the management center generates the data file according to the serial number of the firewall without IP, the IP of the protected device, and the IP of the management center, so as to prepare for the subsequent transmission of the data file to the firewall without IP, and the online firewall without IP.
Step S103, transmitting the data file to a USB storage medium through a management center, and ferrying the data file to an IP-free firewall through the USB storage medium;
specifically, the data file is saved through the USB and connected to the IP-free firewall, the data file is transmitted to the IP-free firewall, and ferrying refers to the process of transmitting the data from the management center to the IP-free firewall through the USB storage medium.
In some embodiments, the USB storage media is inserted into a management center, the USB storage media is formatted by the management center, the data files are saved by the USB storage media, and the USB storage media is inserted into the IP-less firewall.
The USB storage medium is formatted when being inserted into the management center system, and the generated data file is written into the USB medium only after the formatting is successful, so that the data integrity and the safety are ensured.
In the embodiment, the data file is transmitted to the USB storage medium through the management center, and the data file is ferred to the IP-free firewall through the USB storage medium, so that the integrity and the safety of the data in the transmission process are ensured, and the preparation is made for the subsequent IP-free firewall connection management center and the online IP-free firewall.
Step S104, the IP of the protected equipment and the IP of the management center are obtained by reading the data file through the IP-free firewall according to the IP-free firewall serial number, and if the IP of the protected equipment is empty, the IP of the protected equipment is learned from the network data stream through the IP-free firewall;
In some embodiments, the IP-less firewall obtains the data file from the USB storage media and decrypts the data file.
Further, the IP-less firewall decrypts the data file by the decryption key.
The method and the device do not limit the acquisition mode of the decryption key, and can be flexibly selected according to actual online requirements. The decryption key may be a key that is preset and stored in the IP-free firewall, or may be a key that is transcended by the management center through the USB medium, for example.
In some embodiments, the IP-less firewall decrypts the data file and obtains the IP of the protected device and the management center IP from the decrypted data file based on the IP-less firewall serial number.
In some embodiments, if the IP of the protected device is null, learning the IP of the protected device through the IP-free firewall. Illustratively, the IP-free firewall learns the IP of the protected device and the gateway IP of the protected device through the MAC code of the protected device, and when the protected device communicates, the IP-free firewall records the MAC address of the protected device. The IP-less firewall will associate the MAC address with the IP of the protected device, the gateway IP and the subnet mask and store this information in the MAC address table. When the IP address of the protected equipment needs to be queried, the MAC address table can be searched through the MAC code of the protected equipment to obtain the IP of the protected equipment and the gateway IP of the protected equipment. .
In this embodiment, the IP of the protected device and the IP of the management center are obtained by reading the data file according to the serial number of the IP-free firewall through the IP-free firewall, and if the IP of the protected device is null, the IP of the protected device is learned from the network data stream through the IP-free firewall, so as to adapt to the dynamic change of the IP of the protected device, improve the real-time performance and the self-adaptability of the network, reduce the manual intervention, be helpful to improve the efficiency of network management, reduce the occurrence of human errors, and provide for the subsequent online IP-free firewall.
Step S105, the IP connection management center of the protected equipment is adopted through the IP-free firewall, if the connection is successful, the IP-free firewall serial number and the IP of the protected equipment are returned to the management center through the IP-free firewall, and the IP-free firewall is on line according to the IP-free firewall serial number and the IP of the protected equipment through the management center.
In some embodiments, when the IP of the protected device includes multiple IPs, each IP connection management center of the protected device is employed through an IP-less firewall; if all the IPs of the protected equipment fail to connect with the management center, determining that the connection fails; if at least one IP connection management center in the IP of the protected equipment is successful, the connection success is determined, and the IP of the protected equipment which is successfully connected is obtained.
In some embodiments, if the connection is successful, a connection is established with the management center by using the IP of the protected device through the IP-free firewall, success information, an IP-free firewall serial number and the IP of the protected device are returned to the management center through the IP-free firewall, the success information is identified through the management center, online data corresponding to the IP-free firewall is obtained from the management center according to the IP-free firewall serial number and the IP of the protected device, the online data is displayed in an online list area of the batch deployment page, and the online data comprises brief data of the IP-free firewall (such as the IP-free firewall serial number and the IP-free firewall default policy) and brief data of the protected device (such as the name of the protected device, the IP of the protected device and the IP of the gateway of the protected device).
Further, clicking the add object button in the online list area, as shown in fig. 9, displaying detailed data of the protected device (such as protected device name, protected device usage department, protected device usage place, protected device category, IP of the protected device and protected device gateway IP) in the asset object area of the batch deployment page, and displaying detailed data of the IP-free firewall (such as IP-free firewall placement location, IP-free firewall serial number and IP-free firewall default policy) in the SA-NAC area of the batch deployment page. Further, clicking the confirm deployment button, and uploading the IP-free firewall according to the detailed data of the protected equipment and the detailed data of the IP-free firewall.
In some embodiments, if the connection fails, the IP-free firewall automatically turns on a self-learning function, learns the IP address of the protected device that can communicate with the management center, and connects the management center with the IP address of the protected device. And continuously and automatically learning the IP address and the gateway address of the protected equipment for communicating with the management center as long as the connection cannot be successfully performed.
In some embodiments, if the connection fails, a self-learning function is started through the non-IP firewall, and the IP of the protected device is continuously and automatically learned until the IP connection management center of the protected device obtained by learning succeeds, the non-IP firewall serial number and the IP of the protected device are returned to the management center through the non-IP firewall, and the non-IP firewall is online according to the non-IP firewall serial number and the IP of the protected device through the management center.
In some embodiments, in response to the first instruction, the IP of the selected protected device is displayed in an asset address sub-region of the asset object area and the IP of the non-selected protected device is displayed in a secondary IP address sub-region of the asset object area. Wherein the first instruction comprises an IP-less firewall line instruction.
In this embodiment, the IP connection management center of the protected device is adopted through the IP-free firewall, if the connection is successful, the IP-free firewall serial number and the IP of the protected device are returned to the management center through the IP-free firewall, and the management center establishes the connection from the IP-free firewall according to the IP-free firewall serial number and the IP of the protected device, so that the application can be more suitable for the field environment, the adding and configuration process of the IP-free firewall is simplified, the expandability and the management efficiency of the network are improved, the legal IP-free firewall can be ensured to be connected through the IP-free firewall returning serial number to the management center, the unauthorized device is prevented from accessing the network, and the security of the network is improved.
In the steps S101 to S105 illustrated in the embodiment of the present application, by inputting the serial number of the firewall without IP and the IP of the protected device into the management center, the IP of the protected device may be null, and the manager may centrally manage all firewall information without IP; generating and encrypting a data file according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center through the management center; the data file is transmitted to the USB storage medium through the management center, and the data file is ferred to the IP-free firewall through the USB storage medium, so that the integrity and the safety of the data in the transmission process are ensured; the IP of the protected equipment and the IP of the management center are obtained by reading the data file according to the serial number of the IP-free firewall through the IP-free firewall, the automatic connection of the IP-free firewall is realized, the efficiency is improved, manual operation is not needed, if the IP of the protected equipment is empty, the IP of the protected equipment is obtained through learning from the network data stream through the IP-free firewall, and the dynamic change of the IP of the protected equipment is adapted; the IP firewall is used for connecting the IP of the protected equipment to the management center, if the connection is successful, the IP firewall serial number and the IP of the protected equipment are returned to the management center through the IP firewall, and the management center is used for realizing high-efficiency and large-batch quick online of the IP firewall according to the IP firewall serial number and the IP of the protected equipment.
Referring to fig. 2, in some embodiments, step S103 may include, but is not limited to, steps S201 to S203:
step S201, inserting the USB storage medium into a management center, and formatting the USB storage medium through the management center;
in step S201 of some embodiments, the USB storage media is formatted by the management center, and the management center writes the data file to the USB media only after the formatting is successful.
In this embodiment, the USB storage media are inserted into the management center, and the USB storage media are formatted by the management center, so that security is ensured, compatibility problems are avoided, and the USB storage media can be correctly read and written by the IP-free firewall.
Step S202, storing a data file through a USB storage medium;
in step S202 of some embodiments, a data file is saved from a management center via a USB storage medium.
In the present embodiment, by storing the data file by the USB storage medium, it is achieved that the USB storage medium can be used to exchange and store data even without a network connection.
In step S203, the USB storage media is inserted into the IP-less firewall.
In step S203 of some embodiments, the USB storage media is inserted into an IP-less firewall, and the data file is ferred to the IP-less firewall.
Further, the IP-free firewall holds data files from the USB storage media.
In this embodiment, the USB storage media is inserted into an IP-less firewall, ready for subsequent reading of the data file.
In the steps S201 to S203 illustrated in the embodiments of the present application, by inserting the USB storage medium into the management center, formatting the USB storage medium by the management center, storing the data file by the USB storage medium, inserting the USB storage medium into the IP-free firewall, the USB storage medium can be used to exchange and store data even without network connection, ensuring that the USB storage medium meets the file system standard of the system, helping to avoid compatibility problems, enabling the data file to be correctly read by the IP-free firewall, logically and physically isolating the data by using the USB storage medium, and ensuring the security and integrity of the data.
Referring to fig. 3, in some embodiments, the IP of the protected device includes a plurality of IPs, and step S105 may include, but is not limited to, steps S301 to S303:
step S301, each IP connection management center of the protected equipment is adopted through the IP-free firewall;
in step S301 of some embodiments, a connection management center is attempted with each IP of the protected devices through an IP-less firewall, verifying whether the IP of the plurality of protected devices is an IP of the connection-capable management center.
Step S302, if all the IPs of the protected equipment fail to connect with the management center, determining that the connection fails;
in step S302 of some embodiments, if all attempted IP addresses of the protected devices fail to connect successfully to establish a connection with the management center, a connection failure is indicated.
Further, when all IP addresses of the protected equipment cannot be communicated with the management center, a self-learning function is started through the IP-free firewall, and the IP of the protected equipment is continuously and automatically learned until the IP connection management center of the protected equipment obtained through learning is successful.
Step S303, if one or more IP connection management centers in the IP of the protected equipment succeed, the connection is successful, and the IP of the protected equipment which is successfully connected is obtained.
In step S303 of some embodiments, if the IP address of at least one protected device is successfully connected to the management center, it indicates that the connection is successful, and the IP address of the protected device that successfully established the connection is obtained.
Further, if the connection is successful, the IP firewall serial number without IP and the IP of the protected equipment which is successfully connected are returned to the management center through the firewall without IP.
In this embodiment, if one or more IP connection management centers in the IP of the protected device succeed, the IP of the protected device that is successfully connected is obtained, so as to prepare for subsequent return of the IP-free firewall serial number and the IP of the protected device that is successfully connected to the management center and the IP-free firewall line through the IP-free firewall.
In the steps S301 to S303 illustrated in the embodiment of the present application, each IP connection management center of the protected device is adopted through the IP-free firewall, if all the IPs of the protected device are failed to connect with the management center, the connection is failed, if one or more IP connection management centers in the IPs of the protected device are successful, the connection is successful, and the IPs of the protected device that are successfully connected are obtained.
Referring to fig. 4, in some embodiments, step S105 may further include, but is not limited to, steps S401 to S403:
step S401, receiving the current IP-free firewall serial number and the IP of the protected equipment through a management center;
specifically, the current no-IP firewall serial number is the no-IP firewall serial number that the management center receives and needs to be online.
In step S401 of some embodiments, a management center receives a current no-IP firewall serial number and an IP of a protected device, and prepares for subsequent verification of the no-IP firewall serial number and the online no-IP firewall.
Step S402, obtaining an online IP-free firewall serial number through a management center;
in step S402 of some embodiments, the management center stores online no-IP firewall information, where no-IP firewall information includes no-IP firewall serial number, no-IP firewall name, IP of the protected device, asset master address, default policy, control center, and placement location.
The storage mode of the IP-free firewall information is not limited, and the IP-free firewall information can be flexibly selected according to actual online requirements. The IP-free firewall information may be stored in a database, in a file system, or in a distributed cache system, for example.
It can be appreciated that by recording the online IP-free firewall serial number, devices existing in the management center can be checked at any time, providing better transparency to the network architecture, and facilitating monitoring and maintenance by the management center.
Further, the online IP-free firewall serial number is obtained from the database through the management center.
In this embodiment, the management center obtains the online serial number of the IP-free firewall, so as to prepare for subsequent judgment of whether the IP-free firewall is online.
Step S403, if the online IP-free firewall serial number does not include the current IP-free firewall serial number, the online IP-free firewall is carried out by the management center according to the current IP-free firewall serial number and the IP of the protected equipment;
in step S403 of some embodiments, if the online no-IP firewall serial number does not include the current no-IP firewall serial number, it may be understood that the no-IP firewall serial number is not online yet.
Further, the IP firewall is not on line according to the current IP firewall serial number and the IP of the protected equipment through the management center.
In this embodiment, if the online no-IP firewall serial number does not include the current no-IP firewall serial number, the management center is used to online the current no-IP firewall according to the current no-IP firewall serial number and the IP of the protected device, and the uniqueness of each no-IP firewall device in the management center is ensured by checking the serial number, so that the same no-IP firewall is prevented from repeating online, and the complexity of management and maintenance is reduced.
Step S404, if the online IP-free firewall serial number includes the current IP-free firewall serial number, the management center prompts the user that the current IP-free firewall is online, and the online operation fails.
In this embodiment, if the online no-IP firewall serial number includes the current no-IP firewall serial number, the management center prompts the user that the current no-IP firewall is online, and the online operation fails, so that the user is facilitated to understand the problem and process the problem.
In the steps S401 to S404 illustrated in the embodiments of the present application, the management center receives the current no-IP firewall serial number and the IP of the protected device, acquires the online no-IP firewall serial number, if the online no-IP firewall serial number does not include the current no-IP firewall serial number, and prompts the user to online the current no-IP firewall serial number, if the online no-IP firewall serial number includes the current no-IP firewall serial number, the management center prompts the user to online the current no-IP firewall, the online operation fails, and ensures the uniqueness of each no-IP firewall device in the management center by checking the serial number, thereby avoiding the repeated online of the same no-IP firewall, reducing the complexity of management and maintenance, prompting the user through the management center, helping the user to understand the problem, and handling the problem.
In some embodiments, the method of the present application is applied to an IP-less firewall and management center, and the method of the present application includes the steps of:
entering the IP firewall serial number without the IP and the IP of the protected equipment into a management center, wherein the IP of the protected equipment can be null;
and (3) entering an IP-free firewall serial number, an IP-free firewall name, the IP of the protected equipment, an asset master address, a default strategy, a control center and a placement position in an addition setting area of the batch deployment page.
The IP-free firewall serial number and the control center cannot be empty, the control center is the management center IP, and if the IP-free firewall serial number and the control center are not recorded, the control center defaults to the current management center IP.
For example, a schematic diagram of a batch deployment page when information is entered is shown in fig. 5, and a schematic diagram of a batch deployment page after information is entered is shown in fig. 6, where when a user triggers a save button 501, data (such as a current serial number, no IP firewall name, no IP firewall serial number, IP of a protected device, gateway IP of a protected device, no IP firewall default policy, management center IP, and no IP firewall placement position) in an addition setting area of the batch deployment page is stored in a management center, and then the batch deployment page after information is entered in fig. 6 is returned and displayed.
Wherein, when the user triggers the make flash button 607, the batch deployment page of FIG. 7 when generating the data file is displayed.
In this embodiment, centralized management and control of data can be achieved, and through a manner of triggering a button, a user can easily perform specific operations, so that convenience and operability of user operations are improved, professional technical requirements for the user are reduced, working efficiency is improved, automation and intelligence levels of a system are improved, and efficiency and accuracy of data input are improved.
Generating and encrypting a data file according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center through the management center;
the serial number of the firewall without IP and the IP of the protected device, which need to generate the data file, are selected in the selection terminal area of the batch deployment page, and the data file is generated and encrypted by clicking the confirm production button, and an exemplary schematic diagram of the batch deployment page when the data file is generated is shown in fig. 7, where when the user triggers the confirm production button 701, the data file is generated according to the content displayed on the right display frame of the selection terminal area.
Inserting the USB storage medium into a management center, and formatting the USB storage medium through the management center;
storing the data file through a USB storage medium;
inserting the USB storage medium into the IP-free firewall;
reading the data file according to the serial number of the IP-free firewall through the IP-free firewall to obtain the IP of the protected equipment and the IP of the management center, and if the IP of the protected equipment is null, obtaining the IP of the protected equipment from the network data stream through the IP-free firewall;
each IP connection management center of the protected equipment is adopted through the IP-free firewall;
if all the IPs of the protected equipment fail to connect with the management center, determining that the connection fails;
If one or more IP connection management centers in the IP of the protected equipment succeed, determining that the connection succeeds, and acquiring the IP of the protected equipment which is successfully connected;
if the connection is successful, returning the IP-free firewall serial number and the IP of the protected equipment which is successfully connected to a management center through the IP-free firewall;
receiving the IP-free firewall serial number and the IP of the protected equipment through a management center;
acquiring an online IP-free firewall serial number through a management center;
if the online IP-free firewall serial number comprises the current IP-free firewall serial number, prompting the user that the IP-free firewall is online through the management center, wherein the online operation fails;
if the online IP-free firewall serial number does not comprise the current IP-free firewall serial number, the management center is used for uploading the online IP-free firewall according to the IP-free firewall serial number and the IP of the protected equipment;
the management center acquires online data corresponding to the IP-free firewall from the management center according to the IP-free firewall serial number and the IP of the protected equipment, and displays the online data in an online list area of the batch deployment page, wherein the online data comprises brief data of the IP-free firewall (such as the IP-free firewall serial number and the IP-free firewall default strategy) and brief data of the protected equipment (such as the name of the protected equipment, the IP of the protected equipment and the gateway IP of the protected equipment).
It can be understood that corresponding online data is positioned and acquired rapidly according to the IP firewall serial number without the IP firewall and the IP of the protected equipment, so that the complicated process of manually inquiring and processing the data is avoided, the working efficiency is improved, the online data is displayed in an online list area of a batch deployment page, the online data is more visual, the user operation is convenient, the online data can be acquired and processed remotely, and the labor and time cost are saved.
As shown in fig. 8, the control center is a management center IP, the asset main address is an IP of the protected device, the name is an IP-free firewall name, the serial number is an IP-free firewall serial number, and when the user triggers the join object button 801, the batch deployment page for confirming the online is displayed.
In response to the first instruction, the IP of the selected protected device is displayed at the asset address of the asset object area, and the IP of the unselected protected device is displayed at the secondary IP address of the asset object area.
Specifically, the first instruction, i.e. the instruction triggered by clicking the add object button 801, confirms that the online batch deployment page is shown in fig. 9, displays detailed data of the protected device (such as the name of the protected device, the use department of the protected device, the use place of the protected device, the class of the protected device, the IP of the protected device and the gateway IP of the protected device) in the asset object area, and displays detailed data of the IP-free firewall (such as the location where the IP-free firewall is placed, the serial number of the IP-free firewall and the default policy of the IP-free firewall) in the SA-NAC, wherein the asset object is the protected device and the SA-NAC is the IP-free firewall. When the user triggers the confirm deployment button 901, the IP-free firewall is on-line according to the detailed data of the protected device and the detailed data of the IP-free firewall.
In the embodiment, the user can more clearly know the data of the protected equipment and the IP-free firewall, the transparency and the understandability of the data are improved, the protected equipment and the IP-free firewall can be intuitively managed on line, and the working efficiency and the accuracy are improved.
If the connection fails, a self-learning function is started through the IP-free firewall, the IP of the protected equipment is continuously and automatically learned until the IP connection management center of the protected equipment obtained through learning succeeds, the IP-free firewall serial number and the IP of the protected equipment are returned to the management center through the IP-free firewall, and the IP-free firewall is on line according to the IP-free firewall serial number and the IP of the protected equipment through the management center.
Referring to fig. 10, the embodiment of the present application further provides an IP-free firewall batch online device, which may implement the above IP-free firewall batch online method, where the device includes:
the information input module 1001 is configured to input the serial number of the firewall without IP and the IP of the protected device into the management center, where the IP of the protected device may be null;
a data file generating module 1002, configured to generate and encrypt a data file according to the IP firewall serial number without IP and the IP of the protected device and the IP of the management center;
The USB management module 1003 is configured to transmit the data file to a USB storage medium through a management center, and ferry the data file to the IP-free firewall through the USB storage medium;
a data obtaining module 1004, configured to obtain, through the IP-free firewall, an IP of the protected device and an IP of the management center by reading the data file according to the IP-free firewall serial number, and if the IP of the protected device is null, learn, through the IP-free firewall, the IP of the protected device from the network data stream;
the connection module 1005 is configured to use the IP connection management center of the protected device through the IP-free firewall, return, if the connection is successful, the IP of the IP-free firewall serial number and the IP of the protected device to the management center through the IP-free firewall, and route the IP-free firewall according to the IP-free firewall serial number and the IP of the protected device through the management center.
The specific implementation of the batch online device for the IP-free firewalls is basically the same as the specific embodiment of the batch online method for the IP-free firewalls, and is not described herein again.
The content of the method embodiment of the invention is suitable for the device embodiment, the specific function of the device embodiment is the same as that of the method embodiment, and the achieved beneficial effects are the same as those of the method.
The embodiment of the application also provides electronic equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the IP-free firewall batch online method when executing the computer program. The electronic equipment can be any intelligent terminal including a tablet personal computer, a vehicle-mounted computer and the like.
The content of the method embodiment of the invention is suitable for the electronic equipment embodiment, the functions of the electronic equipment embodiment are the same as those of the method embodiment, and the achieved beneficial effects are the same as those of the method.
Referring to fig. 11, fig. 11 illustrates a hardware structure of an electronic device according to another embodiment, the electronic device includes:
the processor 1101 may be implemented by a general purpose CPU (central processing unit), a microprocessor, an application specific integrated circuit (ApplicationSpecificIntegratedCircuit, ASIC), or one or more integrated circuits, etc. for executing related programs to implement the technical solutions provided by the embodiments of the present application;
the memory 1102 may be implemented in the form of read-only memory (ReadOnlyMemory, ROM), static storage, dynamic storage, or random access memory (RandomAccessMemory, RAM). The memory 1102 may store an operating system and other application programs, and when the technical solution provided in the embodiments of the present application is implemented by software or firmware, relevant program codes are stored in the memory 1102, and the processor 1101 invokes the batch online method for executing the IP-free firewall in the embodiments of the present application;
An input/output interface 1103 for implementing information input and output;
the communication interface 1104 is configured to implement communication interaction between the device and other devices, and may implement communication in a wired manner (e.g. USB, network cable, etc.), or may implement communication in a wireless manner (e.g. mobile network, WIFI, bluetooth, etc.);
bus 1105 transmits information between the various components of the device (e.g., processor 1101, memory 1102, input/output interface 1103, and communication interface 1104);
wherein the processor 1101, memory 1102, input/output interface 1103 and communication interface 1104 enable communication connection therebetween within the device via bus 1105.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the IP-free firewall batch online method when being executed by a processor.
The content of the method embodiment of the invention is applicable to the storage medium embodiment, the specific function of the storage medium embodiment is the same as that of the method embodiment, and the achieved beneficial effects are the same as those of the method.
The memory, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. In addition, the memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located relative to the processor, the remote memory being connectable to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
According to the method, the device, the electronic equipment and the storage medium for online batch of the IP-free firewalls, the IP of the protected equipment can be empty by inputting the serial numbers of the IP-free firewalls and the IP of the protected equipment into the management center, and management staff can manage all IP-free firewall information in a centralized mode; generating and encrypting a data file according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center through the management center; the data file is transmitted to the USB storage medium through the management center, and the data file is ferred to the IP-free firewall through the USB storage medium, so that the integrity and the safety of the data in the transmission process are ensured; the IP of the protected equipment and the IP of the management center are obtained by reading the data file according to the serial number of the IP-free firewall through the IP-free firewall, the automatic connection of the IP-free firewall is realized, the efficiency is improved, manual operation is not needed, if the IP of the protected equipment is empty, the IP of the protected equipment is obtained through learning from the network data stream through the IP-free firewall, and the dynamic change of the IP of the protected equipment is adapted; the IP firewall is used for connecting the IP of the protected equipment to the management center, if the connection is successful, the IP firewall serial number and the IP of the protected equipment are returned to the management center through the IP firewall, and the management center is used for realizing high-efficiency and large-batch quick online of the IP firewall according to the IP firewall serial number and the IP of the protected equipment. The embodiments described in the embodiments of the present application are for more clearly describing the technical solutions of the embodiments of the present application, and do not constitute a limitation on the technical solutions provided by the embodiments of the present application, and as those skilled in the art can know that, with the evolution of technology and the appearance of new application scenarios, the technical solutions provided by the embodiments of the present application are equally applicable to similar technical problems.
It will be appreciated by those skilled in the art that the technical solutions shown in the figures do not constitute limitations of the embodiments of the present application, and may include more or fewer steps than shown, or may combine certain steps, or different steps.
The above described apparatus embodiments are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
Those of ordinary skill in the art will appreciate that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof.
The terms "first," "second," "third," "fourth," and the like in the description of the present application and in the above-described figures, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that embodiments of the present application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that in this application, "at least one" means one or more, and "a plurality" means two or more. "and/or" for describing the association relationship of the association object, the representation may have three relationships, for example, "a and/or B" may represent: only a, only B and both a and B are present, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the above-described division of units is merely a logical function division, and there may be another division manner in actual implementation, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described above as separate components may or may not be physically separate, and components shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including multiple instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods of the various embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing a program.
Preferred embodiments of the present application are described above with reference to the accompanying drawings, and thus do not limit the scope of the claims of the embodiments of the present application. Any modifications, equivalent substitutions and improvements made by those skilled in the art without departing from the scope and spirit of the embodiments of the present application shall fall within the scope of the claims of the embodiments of the present application.
Claims (10)
1. The method for batch online of the IP-free firewall is characterized by comprising the following steps:
the IP firewall serial number without IP and the IP of the protected equipment are input into a management center;
generating and encrypting a data file by the management center according to the IP firewall serial number without the IP, the IP of the protected equipment and the IP of the management center;
transmitting the data file to a USB storage medium through the management center, and ferrying the data file to the IP-free firewall through the USB storage medium;
reading the data file according to the serial number of the IP-free firewall through the IP-free firewall to obtain the IP of the protected equipment and the IP of the management center, and learning through the IP-free firewall to obtain the IP of the protected equipment if the IP of the protected equipment is empty;
and connecting the IP of the protected equipment with the management center through the IP-free firewall, returning the IP-free firewall serial number and the IP of the protected equipment to the management center through the IP-free firewall if the connection is successful, and connecting the IP of the protected equipment to the IP-free firewall through the management center according to the IP-free firewall serial number and the IP of the protected equipment.
2. The method of claim 1, wherein said transferring said data file to a USB storage medium by said management center, said ferrying said data file to said IP-free firewall by said USB storage medium, comprises:
inserting the USB storage medium into the management center, and formatting the USB storage medium through the management center;
storing the data file through the USB storage medium;
the USB storage medium is inserted into the IP-free firewall.
3. The method of claim 1, wherein when the IP of the protected device includes a plurality of IPs, the connecting the management center with the IP of the protected device through the IP-less firewall comprises:
connecting the management center through the IP-free firewall by adopting each IP of the protected equipment;
if all the IPs of the protected equipment are failed to be connected with the management center, determining that the connection is failed;
and if at least one IP in the IP of the protected equipment is successfully connected with the management center, determining that the connection is successful, and acquiring the IP of the protected equipment which is successfully connected.
4. The method of claim 1, wherein the management center comprises a bulk deployment page comprising an asset object area comprising an asset address sub-area and a secondary IP address sub-area; when the IP of the protected device includes a plurality of IPs, the step of accessing, by the management center, the IP-free firewall according to the IP-free firewall serial number and the IP of the protected device includes:
And responding to the first instruction, displaying the IP of the selected protected equipment in the asset address subarea, and displaying the IP of the unselected protected equipment in the secondary IP address subarea.
5. The method of claim 1, wherein the management center includes a mass deployment page including a deployment list area and a select terminal area, wherein the generating and encrypting, by the management center, a data file based on the IP-less firewall serial number, the IP of the protected device, and a management center IP includes:
responding to a second instruction, and displaying the IP-free firewall serial number, the IP of the protected equipment and the IP of the management center in a deployment list area;
responding to the third instruction, displaying an unselected IP-free firewall serial number and a management center IP in a first display area of the selected terminal area, and displaying the selected IP-free firewall serial number and the management center IP in a second display area of the selected terminal area;
and responding to a fourth instruction, and generating and encrypting a data file according to the selected IP-free firewall serial number and the management center IP.
6. The method of claim 1, wherein after the step of connecting the management center with the IP of the protected device through the IP-less firewall, the method further comprises:
If the connection fails, starting a self-learning function through the IP-free firewall, and continuously and automatically learning to obtain the IP of the protected equipment until the IP of the protected equipment obtained by learning is successfully connected with the management center.
7. The method according to any one of claims 1 to 6, wherein said passing through the management center to the IP-less firewall according to the IP-less firewall serial number and the IP of the protected device includes:
receiving a current IP-free firewall serial number and the IP of the protected equipment through the management center;
acquiring an online IP-free firewall serial number through the management center;
if the online IP-free firewall serial number does not comprise the current IP-free firewall serial number, the management center is used for online the IP-free firewall according to the current IP-free firewall serial number and the IP of the protected equipment;
if the online IP-free firewall serial number comprises the current IP-free firewall serial number, prompting the user that the current IP-free firewall is online through the management center, wherein the online operation fails.
8. An IP-free firewall batch online device, comprising:
The information input module is used for inputting the serial number of the firewall without the IP and the IP of the protected equipment into the management center;
the data file generation module is used for generating and encrypting a data file according to the IP-free firewall serial number, the IP of the protected equipment and the IP of the management center through the management center;
the USB management module is used for transmitting the data file to a USB storage medium through the management center and ferrying the data file to the IP-free firewall through the USB storage medium;
the data acquisition module is used for reading the data file through the IP-free firewall according to the IP-free firewall serial number to obtain the IP of the protected equipment and the IP of the management center, and if the IP of the protected equipment is empty, learning through the IP-free firewall to obtain the IP of the protected equipment;
the connection module is used for connecting the IP of the protected equipment with the management center through the IP-free firewall, returning the IP-free firewall serial number and the IP of the protected equipment to the management center through the IP-free firewall if the connection is successful, and uploading the IP of the protected equipment to the IP-free firewall through the management center according to the IP-free firewall serial number and the IP of the protected equipment.
9. An electronic device comprising a memory and a processor, the memory storing a computer program, the processor implementing the IP-free firewall batch method of any one of claims 1-7 when executing the computer program.
10. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the IP-free firewall batch online method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311789466.XA CN117834227A (en) | 2023-12-22 | 2023-12-22 | Method and device for batch online of IP-free firewalls, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311789466.XA CN117834227A (en) | 2023-12-22 | 2023-12-22 | Method and device for batch online of IP-free firewalls, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117834227A true CN117834227A (en) | 2024-04-05 |
Family
ID=90510876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311789466.XA Pending CN117834227A (en) | 2023-12-22 | 2023-12-22 | Method and device for batch online of IP-free firewalls, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117834227A (en) |
-
2023
- 2023-12-22 CN CN202311789466.XA patent/CN117834227A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2863281B1 (en) | System and method to configure a field device | |
| JP6937703B2 (en) | Configuration change management device, configuration change management method, and program | |
| CN108427616A (en) | background program monitoring method and monitoring device | |
| CN112134956A (en) | Distributed Internet of things instruction management method and system based on block chain | |
| CN110875850B (en) | Firmware upgrading method and system, readable storage medium and terminal equipment | |
| CN104765621A (en) | Method and system for deploying program on cluster node | |
| WO2019036555A1 (en) | Securely transferring selective datasets between terminals | |
| CN108073823A (en) | Data processing method, apparatus and system | |
| CN111756818A (en) | File transfer method, device, equipment and storage medium | |
| CN104750524A (en) | Upgraded data package transmitting method and device and data package upgrading method and device | |
| CN110266701A (en) | Smart machine data transmission method, device, medium and electronic equipment | |
| CN116996408A (en) | Data transmission monitoring method and device, electronic equipment and storage medium | |
| US20040068575A1 (en) | Method and apparatus for achieving a high transfer rate with TCP protocols by using parallel transfers | |
| CN112788576A (en) | Equipment offline processing method and system, storage medium and electronic device | |
| CN117834227A (en) | Method and device for batch online of IP-free firewalls, electronic equipment and storage medium | |
| CN114298699B (en) | Method for generating and acquiring non-homogeneous general evidence and device | |
| JP4674479B2 (en) | Security management system, server device, client terminal, and security management method used therefor | |
| US20210304219A1 (en) | Methods, equipment and storage medium for unmanned aerial vehicle activation and unbinding | |
| WO2013179469A1 (en) | Operation process creation program, operation process creation method, and information-processing device | |
| CN103327205A (en) | Information processing apparatus and information processing method | |
| CN111090853B (en) | Account management method, system, electronic equipment and storage medium | |
| US20120110147A1 (en) | Using wireless technology to direct complex wiring configurations | |
| CN110808943A (en) | Client connection emergency management method, client and computer readable storage medium | |
| CN104040513A (en) | Display device management system, server apparatus therefor, programmable display device, and operation control method | |
| CN115499836B (en) | Communication method, communication device, electronic equipment, storage medium and vehicle |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |