CN219124212U - Network security protection system - Google Patents

Network security protection system Download PDF

Info

Publication number
CN219124212U
CN219124212U CN202223524792.1U CN202223524792U CN219124212U CN 219124212 U CN219124212 U CN 219124212U CN 202223524792 U CN202223524792 U CN 202223524792U CN 219124212 U CN219124212 U CN 219124212U
Authority
CN
China
Prior art keywords
network
protection system
security protection
network security
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202223524792.1U
Other languages
Chinese (zh)
Inventor
窄秋苹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin Binhai New Area Network Security Emergency Command Center Tianjin Binhai New Area Internet Illegal And Adverse Information Reporting Center Tianjin Binhai New Area Internet News Research Center
Original Assignee
Tianjin Binhai New Area Network Security Emergency Command Center Tianjin Binhai New Area Internet Illegal And Adverse Information Reporting Center Tianjin Binhai New Area Internet News Research Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin Binhai New Area Network Security Emergency Command Center Tianjin Binhai New Area Internet Illegal And Adverse Information Reporting Center Tianjin Binhai New Area Internet News Research Center filed Critical Tianjin Binhai New Area Network Security Emergency Command Center Tianjin Binhai New Area Internet Illegal And Adverse Information Reporting Center Tianjin Binhai New Area Internet News Research Center
Priority to CN202223524792.1U priority Critical patent/CN219124212U/en
Application granted granted Critical
Publication of CN219124212U publication Critical patent/CN219124212U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The utility model discloses a network security protection system, which comprises at least one client, a firewall, an intrusion prevention system, a three-layer switch, an intranet mirror image device and a server, wherein the client and the server are connected with the three-layer switch and are mutually connected by an intranet to form a local area network, the local area network is connected with the Internet through the intrusion prevention system and the firewall, and the intranet mirror image device is connected with the switch. The network security protection system can monitor the network security condition in an omnibearing and real-time manner, discover the network security problem in time and take defending measures to prevent invasion, effectively enhance the network attack defending capability and ensure the network security.

Description

Network security protection system
Technical Field
The utility model belongs to the technical field of network security, and particularly relates to a network security protection system.
Background
With the rapid development of computer technology, the business processed on the computer is also developed from single-machine-based mathematical operation, file processing, internal business processing based on a simple connected internal network, office automation, etc. to complex internal network (Intranet), enterprise external network (Extranet), global Internet (Internet), and worldwide information sharing and business processing, and the information network has become an important guarantee of social development. The network security protection system has important significance in designing the network security protection system because the network security and efficiency can be improved only by ensuring the security of the computer network under the Internet age background and meeting the age development requirements.
Disclosure of Invention
In view of the above, the present utility model provides a network security protection system, which is configured to implement real-time monitoring and analysis of internet traffic by installing an intranet mirror device at a switch, thereby effectively protecting the network security of a computer terminal.
In order to achieve the above purpose, the technical scheme of the utility model is realized as follows:
the network security protection system comprises at least one client, a firewall, an intrusion prevention system, a three-layer switch, an intranet mirror image device and a server, wherein the client and the server are connected with the three-layer switch and are mutually connected by an intranet to form a local area network, the local area network is connected with the Internet through the intrusion prevention system and the firewall, and the intranet mirror image device is connected with the switch.
Further, the three-layer switch comprises a core switch, a convergence switch and an access switch which are sequentially connected, and is used for realizing the data exchange and routing functions in the local area network.
Further, the intranet mirror image equipment comprises a collector, a storage server and a management control center, and is used for monitoring network flow, judging abnormal conditions of the network flow, and protecting network safety of the computer terminal in combination with a firewall and an intrusion prevention system.
Further, the collector comprises a CPU, a data collection module and a power supply, wherein the data collection module comprises a network card interface, an FPGA chip, a FIFO memory and a memory bank.
Furthermore, the capacity of the memory bank is 32GB, the FPGA chip is AlteraArria IIGXEP AGX45DF25C5, the network card interface is an RJ45 electric interface, and the CPU adopts an Intel Kuri 9 processor.
Further, the data acquisition module of the collector is connected with the monitored network through a network card interface to monitor the network flow.
Further, the FPGA chip is connected with the network card interface for network data acquisition, and after a complete network data packet is acquired, the data packet is stored in the FIFO memory and then is transmitted to the memory bank for storage.
Further, the data acquisition module stores the acquired request data of the network traffic and log records generated according to the request data of the network traffic in a corresponding storage server, the storage server transmits the data to a management control center, and the management control center judges the network traffic data and warns about abnormal network behaviors.
Compared with the prior art, the network security protection system has the following advantages: the intranet mirror image equipment in the network security protection system can be used for widely detecting various attacks, identifying threats, analyzing and judging network behaviors, timely early warning harmful network attack behaviors, timely processing the network attack behaviors, further detecting the network traffic data on the basis of a firewall and an intrusion protection system, monitoring the network attack behaviors, protecting a computer terminal network more effectively, effectively avoiding network security events, avoiding the occurrence of router participation, having little influence on the router, occupying little bandwidth, not needing additional network overhead, having flexible and effective insertion positions, large data acquisition quantity and having the characteristics of high efficiency, high reliability and no packet loss in high-speed operation.
Drawings
The accompanying drawings, which are included to provide a further understanding of the utility model and are incorporated in and constitute a part of this specification, illustrate embodiments of the utility model and together with the description serve to explain the utility model. In the drawings:
FIG. 1 is a schematic diagram of a network security protection system of the present utility model;
fig. 2 is a schematic diagram of a three-layer switch of the present utility model.
Detailed Description
It should be noted that, without conflict, the embodiments of the present utility model and features of the embodiments may be combined with each other.
In the description of the present utility model, it should be understood that the terms "center", "longitudinal", "lateral", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", etc. indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present utility model and simplifying the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present utility model. Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", etc. may explicitly or implicitly include one or more such feature. In the description of the present utility model, unless otherwise indicated, the meaning of "a plurality" is two or more.
In the description of the present utility model, it should be noted that, unless explicitly specified and limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be either fixedly connected, detachably connected, or integrally connected, for example; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the above terms in the present utility model can be understood by those of ordinary skill in the art in a specific case.
The utility model will be described in detail below with reference to the drawings in connection with embodiments.
1-2, a network security protection system comprises at least one client, a firewall, an intrusion prevention system, a three-layer switch, an intranet mirror device and a server, wherein the client and the server are connected with the three-layer switch and are mutually connected by the intranet to form a local area network, the local area network is connected with the Internet through the intrusion prevention system and the firewall, and the intranet mirror device is connected with the switch.
Specifically, the three-layer switch is a switch with partial router function, and comprises a core switch, a convergence switch and an access switch which are connected in sequence, wherein the three-layer switch is used for accelerating data exchange in a large local area network, and the routing function is also used for serving the purpose, can realize one-time routing and multiple forwarding, and has the advantages of high expandability, high cost performance, built-in safety mechanism and suitability for multimedia transmission.
Specifically, the intrusion prevention system is used for preventing various deep attack behaviors such as vulnerability attack, worm virus, spyware, trojan backdoor, overflow attack, database attack, advanced threat attack, brute force attack and the like, so that the defect of the firewall prevention effect of a network layer is effectively overcome, and the intrusion prevention system is deployed with a Tianqing intrusion prevention system NIPS860.
Specifically, the intranet mirror image equipment comprises a collector, a storage server and a management control center, wherein the collector comprises a CPU, a data acquisition module and a power supply, the data acquisition module comprises a network card interface, an FPGA chip, a FIFO memory and a memory bank, wherein the capacity of the memory bank is 32GB, the FPGA chip is AlteraArriaIIGXEP2AGX45DF25C5, the network card interface is an RJ45 electric port, and the CPU adopts an Intel cool Rui 9 processor.
Specifically, the working principle of the intranet mirror image equipment is that a data acquisition module of a collector is connected with a monitored network through a network card interface, an FPGA chip is connected with the network card interface for network data acquisition, after the FPGA chip acquires a complete network data packet, the data packet is stored in a FIFO memory and then is transmitted to a memory bank for storage, the data acquisition module stores acquired request data of network flow and log records generated according to the request data of the network flow in a corresponding storage server, the storage server transmits the data to a management control center, the management control center judges the network flow data and gives an alarm on abnormal network behaviors, timely processing on the harmful network behaviors is achieved, and the network security attack behavior is effectively supplemented for a firewall and an intrusion protection system.
The Internet of the utility model helps a computer network to construct a relatively isolated protection barrier between an internal network and an external network through a firewall, then defends various deep attack behaviors such as vulnerability attack, worm virus, spyware, trojan back door, overflow attack, database attack, advanced threat attack, brute force cracking and the like through an intrusion defending system, effectively makes up the defect of the firewall defending effect of a network layer, the intrusion defending system is deployed with a Tianqing intrusion defending system NIPS860, a client and a server are connected with the Internet through a switch, a set of internal network mirror image equipment is deployed at the switch position for monitoring network flow in real time and judging abnormal conditions of the network flow, and the network defending system and the firewall protect the network security of a computer terminal together.
The foregoing description of the preferred embodiments of the utility model is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the utility model.

Claims (8)

1. A network security protection system, characterized by: the system comprises at least one client, a firewall, an intrusion prevention system, a three-layer switch, intranet mirror image equipment and a server, wherein the client and the server are connected with the three-layer switch and are mutually connected by an intranet to form a local area network, the local area network is connected with the Internet through the intrusion prevention system and the firewall, and the intranet mirror image equipment is connected with the switch.
2. A network security protection system according to claim 1, wherein: the three-layer switch comprises a core switch, a convergence switch and an access switch which are sequentially connected, and is used for realizing the data exchange and routing functions in the local area network.
3. A network security protection system according to claim 1, wherein: the intranet mirror image equipment comprises a collector, a storage server and a management control center, and is used for monitoring network flow, judging abnormal conditions of the network flow and protecting network safety of the computer terminal in combination with a firewall and an intrusion prevention system.
4. A network security protection system according to claim 3, wherein: the collector comprises a CPU, a data collection module and a power supply, wherein the data collection module comprises a network card interface, an FPGA chip, a FIFO memory and a memory bank.
5. A network security protection system according to claim 4, wherein: the capacity of the memory bank is 32GB, the FPGA chip is AlteraArriaIIGX EP2AGX45DF25C5, the network card interface is an RJ45 electric interface, and the CPU adopts an Intel Kui 9 processor.
6. A network security protection system according to claim 4, wherein: the data acquisition module of the collector is connected with the monitored network through a network card interface to monitor the network flow.
7. A network security protection system according to claim 4, wherein: the FPGA chip is connected with the network card interface for network data acquisition, and after a complete network data packet is acquired, the data packet is stored in the FIFO memory and then is transmitted to the memory bank for storage.
8. A network security protection system according to claim 4, wherein: the data acquisition module stores the acquired request data of the network flow and log records generated according to the request data of the network flow in a corresponding storage server, the storage server transmits the data to a management control center, and the management control center judges the network flow data and warns about abnormal network behaviors.
CN202223524792.1U 2022-12-29 2022-12-29 Network security protection system Active CN219124212U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202223524792.1U CN219124212U (en) 2022-12-29 2022-12-29 Network security protection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202223524792.1U CN219124212U (en) 2022-12-29 2022-12-29 Network security protection system

Publications (1)

Publication Number Publication Date
CN219124212U true CN219124212U (en) 2023-06-02

Family

ID=86526788

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202223524792.1U Active CN219124212U (en) 2022-12-29 2022-12-29 Network security protection system

Country Status (1)

Country Link
CN (1) CN219124212U (en)

Similar Documents

Publication Publication Date Title
EP2080317B1 (en) Apparatus and a security node for use in determining security attacks
Ganame et al. A global security architecture for intrusion detection on computer networks
US20050182950A1 (en) Network security system and method
CN105493060A (en) Honeyport active network security
EP1081894A1 (en) System for monitoring network for cracker attack
CN109558366A (en) A kind of firewall based on multiple processor structure
SE524963C2 (en) Node and mobile device for a mobile telecommunications network providing intrusion detection
Bidou Security operation center concepts & implementation
CN105516189B (en) Network security enforcement system and method based on big data platform
CN109479013A (en) The log recording of business in computer network
CN109495448A (en) Information safety system based on nuclear power emergency flight control
Berthier et al. On the practicality of detecting anomalies with encrypted traffic in AMI
CN113329017A (en) Network security risk detection system and method
KR20220081145A (en) AI-based mysterious symptom intrusion detection and system
Patidar et al. Information theory-based techniques to detect DDoS in SDN: A survey
CN219124212U (en) Network security protection system
CN116800469A (en) Honeypot anti-attack method, device, equipment and storage medium
CN115150140B (en) Distributed attack trapping system based on centralized unified defense arrangement
CN101300807B (en) Network access node computer for a communication network, communication system and method for operating a communications system
CN115643096A (en) Linkage analysis system and method capable of carrying out situation awareness security threat early warning
CN106878338B (en) Telecontrol equipment gateway firewall integrated machine system
KR20130033161A (en) Intrusion detection system for cloud computing service
CN203911973U (en) Expansible network system suitably used for large-scale local area network security
CN114710360A (en) Audit-based inside-out data secure transmission method and system and electronic equipment
CN107979610A (en) The safety protecting method that a kind of fire wall communicates in big data

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant