CN202127422U - Fire wall virtualization treatment device - Google Patents
Fire wall virtualization treatment device Download PDFInfo
- Publication number
- CN202127422U CN202127422U CN201120226770XU CN201120226770U CN202127422U CN 202127422 U CN202127422 U CN 202127422U CN 201120226770X U CN201120226770X U CN 201120226770XU CN 201120226770 U CN201120226770 U CN 201120226770U CN 202127422 U CN202127422 U CN 202127422U
- Authority
- CN
- China
- Prior art keywords
- fire compartment
- compartment wall
- physical
- physical server
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model relates to a fire wall virtualization treatment device which comprises a physical fire wall and a plurality of physical servers. The physical fire wall is respectively connected with a plurality of physical servers. The physical fire wall is provided with Xen virtual machine software. Three physical servers are arranged and are respectively a first physical server, a second physical server and a third physical server. Each physical server is provided with a virtualization background program. Compared with the prior art, the fire wall virtualization treatment device has the advantages that the physical fire wall is logically divided into a plurality of logic fire walls by a virtualization technology; and the like.
Description
Technical field
The utility model relates to a kind of internet security correlation technique, especially relates to a kind of fire compartment wall virtualization process device.
Background technology
Be referred to as " the cloud computing development first year " in 2010, cloud computing is considered to the third technical revolution of the Internet.According to the development of cloud computing, on market, emerge a lot of cloud computing products, " cloud main frame " and " cloud storage " is the core product of cloud computing IaaS (architecture is promptly served), also is the core architecture basic-level support of cloud computing development.Its core technology is an Intel Virtualization Technology; Virtually can make the traditional server hardware device; Fictionalize many cover logic hardware, the many covers of operation operating system makes the traditional hardware utilization rate rise to 50%-70% from 5%-30% on virtual unit; The centralized stores pattern of cloud storage, the information centralization that also is.For the interconnected application that brings has been contained, resilient expansion, resource optimization, mass memory, high stability, multiple advantage such as use as required.
But its defective is also particularly evident, and cloud computing be unable to do without the Internet, does not have the Internet, and cloud computing is not known where to begin.The cloud computing basis is the extension of Internet technology so, and network security problem is undoubtedly key application property problem.But because hardware is virtual, physical network card is also by virtual.Come the on-premise network framework according to the conventional architectures theory, fire compartment wall originally, because virtual increase and cause the quantity of fire compartment wall to explode, security protection, the neither one client can be ready the mechanism accepting to share, basic demand must be fully independently to control.So the value that the virtual value of fire compartment wall embodies is thus well imagined.
The cloud computing technology is greatly developed; Will certainly cause conventional I DC trustship professional transition. my company is along with network technology is reformed, response fast, in October, 2010; The IaaS cloud host service of reaching the standard grade; Find that in the operation process cloud computing product that architecture is promptly served can substitute traditional I DC trusteeship service really.The work that all hardware server can be accomplished, the cloud main frame can be competent at, and also more reliable than traditional physical server on stability.But network security problem is one of key problem of internet, applications.Because the change of the network architecture makes that the legacy network security architecture is difficult to realize on the cloud main frame.The quick emergence of cloud computing also makes provides the enterprise of IaaS service to get more and more, how to lead over the industry average level in the IaaS field? The network security problem that solves the cloud host application becomes the core work of research and development department of company.
According to the cloud computing technological core: virtual main points, make virtualized server hardware obtain the legacy network security architecture, must realize the virtual of hardware firewall.
The utility model content
The purpose of the utility model is exactly for the defective that overcomes above-mentioned prior art existence a kind of fire compartment wall virtualization process device to be provided.
The purpose of the utility model can realize through following technical scheme:
A kind of fire compartment wall virtualization process device is characterized in that, comprises physics fire compartment wall, many physical servers, and described physics fire compartment wall is connected with many physical servers respectively.
Described physics fire compartment wall is provided with 2~100 network interfaces.
Described network interface is the gigabit networking interface.
Described physics fire compartment wall is the physics fire compartment wall that the Xen software virtual machine is housed.
Described physical server is provided with three, is respectively first physical server, second physical server, tertium quid reason server, and every physical server is the server that virtual background program is housed.
Described first physical server is the physical server that the Xen software virtual machine is housed; Described second physical server is the physical server that the VMware software virtual machine is housed, and described tertium quid reason server is the physical server that the Hyper software virtual machine is housed.
Every physical server all can fictionalize 2~10 virtual machines.
Compared with prior art; The utlity model has a physics fire compartment wall and pass through Intel Virtualization Technology; Reach a firewall logic and be divided into many logic fire compartment walls, and each virtual firewall independence control, independent architecture, independently satisfy each item network safety prevention demand.
Description of drawings
Fig. 1 is the structural representation of the utility model.
Embodiment
Below in conjunction with accompanying drawing and specific embodiment the utility model is elaborated.
Embodiment
As shown in Figure 1, a kind of fire compartment wall virtualization process device comprises physics fire compartment wall 1, many physical servers, and described physics fire compartment wall 1 is connected with many physical servers respectively.Described physics fire compartment wall 1 is provided with 3 network interfaces, and described network interface is the gigabit networking interface.Described physics fire compartment wall is the physics fire compartment wall that the Xen software virtual machine is housed.
Described physical server is provided with three, is respectively first physical server 2, second physical server 3, tertium quid reason server 4, and every physical server is the server that virtual background program is housed.Described first physical server 2 is for being equipped with the physical server of Xen software virtual machine; Described second physical server 3 is for being equipped with the physical server of VMware software virtual machine, and described tertium quid reason server 4 is the physical server that the Hyper software virtual machine is housed.Every physical server all can fictionalize 3 virtual machines.Realize the network safety prevention of virtual firewall to virtual machine.
Implementation step
A) physical topology connects: according to accompanying drawing 1, accomplish physical topology and connect.
B) the physics fire compartment wall imports the Xen software virtual machine: the fire compartment wall root backstage of entering earlier, and among Xen software virtual machine importing fire compartment wall FLASH memory device.
C) carry out the Xen software virtual machine: under fire compartment wall root pattern, carrying out the Xen software virtual machine, is a plurality of virtual machines with the firewall hardware logical partitioning.And with wall port, logical partitioning is among each virtual machine.
D) fire compartment wall IOS is imported in the virtual machine: in the virtual machine FLASH memory space of last step generation, import fire compartment wall ios program, and operation fire compartment wall IOS program, make virtual machine become virtual firewall.
E) revise fire compartment wall IOS program: revise fire compartment wall IOS program, make virtual machine in the IOS program, exist, convenient centralized configuration with the vdom form at fire compartment wall.
F) checking virtual machine logic is connected under each virtual firewall: the checking hardware server generates many virtual machines and operation system on various different virtuals backstage.In the virtual firewall of accomplishing before logic is connected to.
G) the virtual realization of checking fire compartment wall: whether the checking virtual firewall is relatively independent, and whether the checking virtual firewall can reach the network safety prevention effect of virtual machine.
Professional term is explained:
1.IaaS---(Infrastructure as a Service) infrastructure is promptly served one of developing direction of cloud computing.The consumer can obtain service from perfect computer based Infrastructure through Internet.This type service be called infrastructure promptly serve (Infrastructure asaService, IaaS).Service (like storage and database) based on Internet is the part of IaaS.
2.PaaS---(Platform-as-a-Service) platform is promptly served, one of cloud computing developing direction.The business model that server platform provides as a kind of service, corresponding server platform of cloud computing epoch or development environment provide as service just becomes PaaS (Platform as a Service).
3.SaaS---the meaning (Software-as-a-service) is that software is promptly served, and the Chinese of SaaS is soft battalion or software operation.SaaS is based on the software application pattern that the Internet provides software service.As a kind of software application pattern of the innovation that begins to rise in 21 century, SaaS is the recent tendency of software development in science and technology.
Claims (6)
1. a fire compartment wall virtualization process device is characterized in that, comprises physics fire compartment wall, many physical servers, and described physics fire compartment wall is connected with many physical servers respectively.
2. a kind of fire compartment wall virtualization process device according to claim 1 is characterized in that described physics fire compartment wall is provided with 2~100 network interfaces.
3. a kind of fire compartment wall virtualization process device according to claim 2 is characterized in that described network interface is the gigabit networking interface.
4. a kind of fire compartment wall virtualization process device according to claim 1 is characterized in that described physics fire compartment wall is the physics fire compartment wall that the Xen software virtual machine is housed.
5. a kind of fire compartment wall virtualization process device according to claim 1; It is characterized in that; Described physical server is provided with three; Be respectively first physical server, second physical server, tertium quid reason server, every physical server is the server that virtual background program is housed.
6. a kind of fire compartment wall virtualization process device according to claim 5; It is characterized in that; Described first physical server is the physical server that the Xen software virtual machine is housed; Described second physical server is the physical server that the VMware software virtual machine is housed, and described tertium quid reason server is the physical server that the Hyper software virtual machine is housed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201120226770XU CN202127422U (en) | 2011-06-29 | 2011-06-29 | Fire wall virtualization treatment device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201120226770XU CN202127422U (en) | 2011-06-29 | 2011-06-29 | Fire wall virtualization treatment device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN202127422U true CN202127422U (en) | 2012-01-25 |
Family
ID=45490482
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201120226770XU Expired - Fee Related CN202127422U (en) | 2011-06-29 | 2011-06-29 | Fire wall virtualization treatment device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN202127422U (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103685235A (en) * | 2013-11-18 | 2014-03-26 | 汉柏科技有限公司 | Three-tier network virtualization realization method and system on the basis of firewall |
-
2011
- 2011-06-29 CN CN201120226770XU patent/CN202127422U/en not_active Expired - Fee Related
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103685235A (en) * | 2013-11-18 | 2014-03-26 | 汉柏科技有限公司 | Three-tier network virtualization realization method and system on the basis of firewall |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102857475A (en) | Firewall virtualization processing system | |
US20180331896A1 (en) | Creating new cloud resource instruction set architecture | |
Zhang et al. | Cloud computing: state-of-the-art and research challenges | |
US9933956B2 (en) | Systems and methods for implementing stretch clusters in a virtualization environment | |
CN105940378B (en) | For distributing the technology of configurable computing resource | |
US10756979B2 (en) | Performing cross-layer orchestration of resources in data center having multi-layer architecture | |
US9292316B2 (en) | Cloud of virtual clouds for increasing isolation among execution domains | |
Hsu et al. | Smoothoperator: Reducing power fragmentation and improving power utilization in large-scale datacenters | |
CN102638566B (en) | BLOG system running method based on cloud storage | |
CN103281359A (en) | Cloud desktop system and operating method | |
KR20150030332A (en) | Distributed and parallel processing system on data and method of operating the same | |
WO2017080257A1 (en) | Data processing method and system based on key-value pair | |
US20160182320A1 (en) | Techniques to generate a graph model for cloud infrastructure elements | |
CN103561061A (en) | Flexible cloud data mining platform deploying method | |
CN109254836B (en) | Deadline constraint cost optimization scheduling method for priority dependent tasks of cloud computing system | |
CN103067501B (en) | The large data processing method of PaaS platform | |
WO2016054995A1 (en) | Virtual machine migration method | |
WO2015032201A1 (en) | Virtual machine placing method and device | |
CN104008012A (en) | High-performance MapReduce realization mechanism based on dynamic migration of virtual machine | |
Salapura | Cloud computing: Virtualization and resiliency for data center computing | |
CN104156257A (en) | Quick and efficient cloud service disk mirroring management method | |
CN203301532U (en) | Cloud desktop system | |
WO2020108536A1 (en) | Virtual network resource allocation method and system and electronic device | |
CN202127422U (en) | Fire wall virtualization treatment device | |
CN104484221A (en) | Method for taking over existing vCenter cluster by CloudStack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120125 Termination date: 20180629 |