CN106856481A - A kind of Network Isolation method based on lucidification disposal, system, network interface card and application - Google Patents
A kind of Network Isolation method based on lucidification disposal, system, network interface card and application Download PDFInfo
- Publication number
- CN106856481A CN106856481A CN201710161594.8A CN201710161594A CN106856481A CN 106856481 A CN106856481 A CN 106856481A CN 201710161594 A CN201710161594 A CN 201710161594A CN 106856481 A CN106856481 A CN 106856481A
- Authority
- CN
- China
- Prior art keywords
- lucidification disposal
- network
- information
- terminal
- lucidification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of Network Isolation method based on lucidification disposal, system, network interface card and application, method includes:S1. the first operation phase in lucidification disposal terminal obtain the first information, the first information for lucidification disposal terminal first operation phase transparent service device in a network information;S2. the second operation phase in lucidification disposal terminal obtain the second information, second information for lucidification disposal terminal second operation phase transparent service device in a network information;S3. when the first information is inconsistent with second information, reset the lucidification disposal terminal.The present invention with it is safe, can effectively reduce the lucidification disposal terminal risk of divulging a secret that may occur when heterogeneous networks are connected, it is ensured that the advantages of lucidification disposal terminal operating is safe.
Description
Technical field
The present invention relates to computer network control field, more particularly to a kind of Network Isolation method based on lucidification disposal,
System, network interface card and application.
Background technology
With the maturation and high speed development of Internet technology, Internet technology has incorporated production, the every aspect of life.
Internet bring fast acquisition information it is convenient while, threat that its network to user is caused safety also day
Benefit turns into the popular problem worried.Especially government, public institution, their private data are caused Yi Dan after leakage to it
Influence will be unable to the imagination.Lucidification disposal terminal has the advantages that open good, strong applicability, safe, using more and more wider
It is general.But, due to lucidification disposal it is natural there is dependence to network, it is necessary to rely on network from transparent service device load resource
(Including example operation system and runs software), can only be run on the basis of resource has been loaded when network interruption.Thus, thoroughly
Bright computing terminal needs preferably protection to network insertion situation, to ensure the safe operation of lucidification disposal terminal.And it is existing
In the lucidification disposal terminal of technology, in example operation bootstrap process, during leading into example operation system, with
And in the running of example operation system, extra protection is not carried out, only according to the characteristic of lucidification disposal, in net
When network accesses heterogeneous networks after interrupting, false alarm is sent when lucidification disposal terminal can not obtain resource from transparent service device
Alert, guiding operator recovers network.Therefore, the Network Isolation guard method to lucidification disposal field carries out research with reality
Meaning.
The content of the invention
The technical problem to be solved in the present invention is that:For the technical problem that prior art is present, the present invention provides one
It is kind safe, prevent lucidification disposal terminal run in heterogeneous networks generation divulge a secret risk the network based on lucidification disposal every
From method, system, network interface card and application.
In order to solve the above technical problems, technical scheme proposed by the present invention is:A kind of Network Isolation based on lucidification disposal
Method, it is characterised in that:Including:
S1. in the first operation phase acquisition first information of lucidification disposal terminal, the first information exists for lucidification disposal terminal
First operation phase transparent service device in a network information;
S2. in second information of the second operation phase acquisition of lucidification disposal terminal, second information exists for lucidification disposal terminal
Second operation phase transparent service device in a network information;
S3. when the first information is inconsistent with second information, reset the lucidification disposal terminal.
As a further improvement on the present invention, first operation phase and the second operation phase are according to default segmentation
Operation rank of the lucidification disposal terminal determined by Node Events after terminating with event before the spliting node event occurs
Section.
As a further improvement on the present invention, the default spliting node event leads into including lucidification disposal terminal
Node Events, the lucidification disposal terminal of example operation system network in example operation system operation disconnect the node for joining again
Event.
As a further improvement on the present invention, the information of the transparent service device includes the IP address and UUID of server
Code.
As a further improvement on the present invention, step S1, S2 and S3 are by independently of lucidification disposal terminal operating system
Computing device.
As a further improvement on the present invention, after the step S1, when the default spliting node event starts,
The connection of isolation lucidification disposal terminal and network;After the default spliting node event terminates, the step S2 is performed;
In the step S3, when the first information is consistent with second information, recover the lucidification disposal terminal with
The connection of network.
As a further improvement on the present invention, the specific steps bag of the lucidification disposal terminal that resetted described in step S3
Include:Hot reset is sent to lucidification disposal terminal to instruct, and monitor lucidification disposal terminal hot reset state, when lucidification disposal terminal exists
When hot reset is unsuccessful in the default time, cold reset signal, lucidification disposal described in forced resetting are sent to lucidification disposal terminal
Terminal.
A kind of network isolation system based on lucidification disposal, including:
Data obtaining module:The first information is obtained for the first operation phase in lucidification disposal terminal, the first information is
Lucidification disposal terminal first operation phase transparent service device in a network information;It is additionally operable in lucidification disposal terminal
The second operation phase obtain the second information, second information be lucidification disposal terminal net where second operation phase
The information of transparent service device in network;
Reset processing module:For the lucidification disposal end that when the first information is inconsistent with second information, resets
End.
As a further improvement on the present invention, the reset processing module includes hot reset unit and cold reset unit, institute
State hot reset unit to be instructed for sending hot reset to lucidification disposal terminal, and monitor lucidification disposal terminal hot reset state;Institute
Cold reset unit is stated for when hot reset is unsuccessful within the default time for bright computing terminal, sending cold to lucidification disposal terminal
Reset signal, lucidification disposal terminal described in forced resetting.
As a further improvement on the present invention, also including isolation processing module:For being opened when default spliting node event
During the beginning, the connection of isolation lucidification disposal terminal and network;When the first information is consistent with second information, recover described
The connection of lucidification disposal terminal and network.
A kind of Network Isolation network interface card based on lucidification disposal, including it is processor, memory, Network Interface Module, serial logical
Letter interface module and bus interface module;
The memory, Network Interface Module, serial communication interface module are connected with the processor respectively, the EBI
Module is connected with the Network Interface Module;
The memory is used to store the information of transparent service device and the acquisition program of the information;
The processor obtains lucidification disposal terminal and leads into example operation system by the serial communication interface module
Node Events information, obtains network and disconnects the Node Events information for joining again by monitoring network interface module state;The treatment
Device obtains the information of transparent service device by Network Interface Module, according to the transparent service by running the acquisition program
Reset instruction is sent by the serial communication interface module when device information judges to need to reset.
As a further improvement on the present invention, also including isolation controller, the processor passes through the isolation controller
It is connected with the Network Interface Module, the bus interface module is connected by the isolation controller with the Network Interface Module
Connect;The isolation controller is used to be disconnected according to the control of the processor or recovers the Network Interface Module with the bus
Connection between interface module.
As a further improvement on the present invention, also including cold reset interface module, the cold reset interface module with it is described
Processor is connected, for sending cold reset signal.
A kind of lucidification disposal mainboard, including mainboard body and isolation network interface card as described above.
A kind of lucidification disposal terminal, including mainboard as described above.
Compared with prior art, the advantage of the invention is that:
1st, partition method of the invention, system and isolation network interface card can effectively prevent lucidification disposal terminal inter-network from running, in hair
Produced during existing lucidification disposal terminal inter-network and lucidification disposal terminal is resetted, prevent lucidification disposal terminal from being run because of across a network
And produce risk of divulging a secret.
2nd, the partition method of further optimization of the invention, system and isolation network interface card can also be realized to lucidification disposal terminal
The physical isolation of across a network, so that fundamentally prevent the same operating system of lucidification disposal terminal from accessing two different networks,
The physical isolation between heterogeneous networks is realized, it is safe.
3rd, separation net card structure of the invention is simple, low cost.
4th, lucidification disposal mainboard of the invention has simple structure, and low cost effectively can isolate to heterogeneous networks, protects
The advantages of demonstrate,proving the security of system operation.
5th, lucidification disposal terminal of the invention has simple structure, low cost, effectively heterogeneous networks can be isolated,
The advantages of ensureing the security of system operation.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the partition method of the specific embodiment of the invention.
Fig. 2 is the shielding system structural representation of the specific embodiment of the invention.
Fig. 3 is the separation net card structure schematic diagram one of the specific embodiment of the invention.
Fig. 4 is the structural representation two of the isolation network interface card of the specific embodiment of the invention.
Specific embodiment
Below in conjunction with Figure of description and specific preferred embodiment, the invention will be further described, but not therefore and
Limit the scope of the invention.
Embodiment one:
As shown in figure 1, the Network Isolation method based on lucidification disposal of the present embodiment, including:S1. in lucidification disposal terminal
First operation phase obtained the first information, the first information be lucidification disposal terminal the first operation phase transparent clothes in a network
The information of business device;S2. in second information of the second operation phase acquisition of lucidification disposal terminal, the second information is lucidification disposal end
Hold the second operation phase transparent service device in a network information;S3. when the first information and inconsistent the second information,
Reset lucidification disposal terminal.
In the present embodiment, the first operation phase and the second operation phase are determined according to default spliting node event
Lucidification disposal terminal spliting node event generation before and event terminate after operation phase.Default spliting node thing
Part leads into the Node Events of example operation system, lucidification disposal terminal and is transported in example operation system including lucidification disposal terminal
Network disconnects the Node Events for joining again during row.The information of transparent service device includes the IP address of server and UUID yards.
In the present embodiment, the specific steps of reset lucidification disposal terminal include in step S3:Sent out to lucidification disposal terminal
Send hot reset to instruct, and monitor lucidification disposal terminal hot reset state, when lucidification disposal terminal within the default time hot reset
When unsuccessful, cold reset signal, forced resetting lucidification disposal terminal are sent to lucidification disposal terminal.
In the present embodiment, partition method of the invention is carried out with one complete start-up course of lucidification disposal terminal
Explanation.After the power-up of lucidification disposal terminal, super operation system is led into, super operation system is management in lucidification disposal terminal
The operating system of example operation system, it can be a Linux system, may also be with such as operating system such as Meta OS.It is transparent
After computing terminal launches into super operation system, from Network Capture IP address, and transparent service device in network can be obtained
Information, including transparent service device IP address and UUID yard(General unique identifier).In the present embodiment, due to the first operation
Stage and the second operation phase are divided according to default spliting node event, transparent before the generation of spliting node event
Computing terminal operated in for the first operation phase, and after spliting node event terminates, lucidification disposal terminal operating runs rank second
Section.Therefore, in the present embodiment, after lucidification disposal terminal launches into super operation system, operated in for the first operation phase.This
When, lucidification disposal terminal can load example operation system from transparent service device, in the process, in the event of network interruption,
I.e. default spliting node event triggering, until network recovery, the spliting node event terminates, and lucidification disposal terminal enters second
Operation phase, break in a network after recovering again, lucidification disposal terminal reacquires the information of transparent service device in network, including IP
Address and UUID yards, lucidification disposal terminal is by comparing the first operation phase and the transparent service device acquired in the second operation phase
Information, if the information for obtaining twice is consistent, then it is assumed that after network interruption is recovered again, the network that lucidification disposal terminal is accessed
The network before interrupting is remained as, the network is trusty, and lucidification disposal terminal is continued to run with, loaded from transparent service device real
Example operating system.If the information for obtaining twice is inconsistent, then it is assumed that after network interruption is recovered again, the network for being accessed becomes
Change, it is believed that the network for currently being accessed is unsafe, then terminate the loading of example operation system, reset lucidification disposal terminal.
Because lucidification disposal terminal does not possess memory, resource required for operation is all to be loaded directly into internal memory from transparent service device
In, as long as and the data dead electricity in internal memory is then irrecoverable so that pass through reset lucidification disposal terminal, it is ensured that lucidification disposal
The safety of data, resource in terminal.
In the present embodiment, by the first operation phase and the second operation phase are according to default spliting node event institute
Divide, therefore, in the present embodiment, the information of acquired transparent service device is spliting node next time after network interruption is recovered
The transparent service device information of the first operation phase when event occurs.
In the present embodiment, the super operation system of lucidification disposal terminal has loaded example operation system from transparent service device
, it is necessary to guide lucidification disposal terminal to enter example operation system after system, so as to trigger default lucidification disposal terminal lead into
The Node Events of example operation system, after lucidification disposal terminal is introduced and enters example operation system, the spliting node event knot
Beam.It it was the first operation phase before spliting node event triggering, after the spliting node event terminates, into the second operation
Stage.In the second operation phase, lucidification disposal terminal IP address again from Network Capture transparent service device and UUID addresses will
The transparent service device information of the first operation phase and the second operation phase is compared, and when both are consistent, illustrates lucidification disposal
The network that terminal is accessed before and after spliting node event be consolidated network, the network be it is trusty, lucidification disposal terminal after
Reforwarding row, when both are inconsistent, illustrates that the network accessed before and after the spliting node event is not consolidated network, current institute
The network of access may be insecure network, therefore, terminate the operation of example operation system, reset lucidification disposal terminal.
In the present embodiment, network becomes during lucidification disposal terminal leads into example operation system
Change, lucidification disposal terminal enters normally to be run in the example operation system.In the running of example operation system, it is also possible to
There is network and disconnect the Node Events for joining again, be the first operation phase before occurring with event similarly, be second after being terminated with event
Operation phase.The second operation phase obtain lucidification disposal terminal transparent service device in a network information, by first
The information of the transparent service device acquired in operation phase and the second operation phase is compared, after unanimously then explanation disconnects connection again
Network is consolidated network with the network before disconnecting, and is secure network trusty, then continue the operation of example operation system, if
It is insecure network that inconsistent then explanation disconnects the network join again after, then reset lucidification disposal terminal.
In the present embodiment, it is preferential to use hot reset mode in reset lucidification disposal terminal, i.e., entered by operating system
Row resets, and when the running status by monitoring lucidification disposal terminal, finds within the default time period, and lucidification disposal terminal heat is multiple
When position is unsuccessful, then force to reset lucidification disposal terminal by way of cold reset, so as to ensure lucidification disposal terminal
Network security.
In the present embodiment, by obtaining before and after spliting node event transparent service device in network residing for lucidification disposal terminal
Information come judge network whether safety, dangerous then reset lucidification disposal terminal, so as to ensure that lucidification disposal terminal will not
Across a network runs, it is ensured that the data safety of lucidification disposal terminal.
As shown in Fig. 2 the network isolation system based on lucidification disposal of the present embodiment, including:Data obtaining module:For
The first information is obtained in the first operation phase of lucidification disposal terminal, the first information is lucidification disposal terminal in the first operation phase
Transparent service device in a network information;It is additionally operable to obtain the second information in the second operation phase of lucidification disposal terminal, the
Two information for lucidification disposal terminal the second operation phase transparent service device in a network information;Reset processing module:With
When the first information and inconsistent the second information, reset lucidification disposal terminal.Reset processing module include hot reset unit and
Cold reset unit, hot reset unit is used to send hot reset instruction to lucidification disposal terminal, and it is multiple to monitor lucidification disposal terminal heat
Position state;Cold reset unit is used for when hot reset is unsuccessful within the default time for bright computing terminal, to lucidification disposal terminal
Send cold reset signal, forced resetting lucidification disposal terminal.
Partition method in the present embodiment, can be realized by existing network interface card.
Embodiment two:
The partition method of the present embodiment is essentially identical with embodiment one, and difference is:Step S1, S2 and S3 are by independently of saturating
The computing device of bright computing terminal operating system.After step S1, when default spliting node event starts, isolate transparent
The connection of computing terminal and network;After default spliting node event terminates, step S2 is performed;In step s3, when
When one information is consistent with the second information, recover the connection of lucidification disposal terminal and network.
In the present embodiment, the operating system of lucidification disposal terminal is not relied on due to step S1, S2 and S3, including it is super
Level operating system and example operation system, there is information of the independent processor from Network Capture transparent service device, including IP address
With UUID yards.Therefore, when there is default spliting node event to trigger, the connection of lucidification disposal terminal and network is isolated, i.e.,
The operating system of lucidification disposal terminal(Including super operation system and example operation system)Cannot access network, in segmented section
After point event terminates, such as lucidification disposal terminal has been successfully booted up into example operation system, or network interruption joins again again after,
Now, operating system still cannot access network, but obtain current by independent processor(Second operation phase)In network
The information of transparent service device, when independent processor judges that the first information is consistent with the second information, illustrates to run rank second
Section, the network that lucidification disposal terminal is accessed is identical with the network that the first operation phase was accessed, and is trusted network, then recover
The connection of lucidification disposal terminal and network, the operating system of lucidification disposal terminal can be with access network, normal operation.Otherwise dividing
After cut node event, the network being connected with lucidification disposal terminal changes, and current connected network is insecure network, then
Reset lucidification disposal terminal, the data resource stored in lucidification disposal tag memory is removed by resetting, it is ensured that lucidification disposal end
Hold the safety of operation.
In the present embodiment, step S1, S2 and S3 are performed by not relying on operating system, it is ensured that lucidification disposal end
End physical isolation between the different networks, ensure that the safe operation of lucidification disposal terminal to greatest extent, prevent wind of divulging a secret
Danger.
The network isolation system based on lucidification disposal of the present embodiment is essentially identical with embodiment one, and difference is also
Including isolation processing module:For when default spliting node event starts, isolating the connection of lucidification disposal terminal and network;
When the first information is consistent with the second information, recover the connection of lucidification disposal terminal and network.
As shown in figure 3, the Network Isolation network interface card based on lucidification disposal of the present embodiment, including processor, memory, network
Interface module, serial communication interface module and bus interface module;Memory, Network Interface Module, serial communication interface module
It is connected with processor respectively, bus interface module is connected with Network Interface Module;Memory is used to store the letter of transparent service device
The acquisition program of breath and the information;Processor obtains lucidification disposal terminal and leads into example by serial communication interface module
The Node Events information of operating system, obtains network and disconnects the Node Events for joining again letter by monitoring network interface module state
Breath;Processor obtains the information of transparent service device by Network Interface Module, according to transparent service device by running acquisition program
Information judges to need to send reset instruction by serial communication interface module when resetting.
The isolation network interface card of the present embodiment, serial communication interface is connected with the mainboard of lucidification disposal terminal, receives default
Bright computing terminal leads into the Node Events information of example operation system, and the information includes the super operation of lucidification disposal terminal
The opening flag information that system sends before example operation system is led into, and after leading into example operation system, then
The successful flag information of startup that example operation system sends, the two flag informations represent the beginning of Node Events respectively
With end.Meanwhile, isolate the processor of network interface card by the state of monitoring network interface, may thereby determine that network disconnects what is joined again
Node Events information, including network disconnects the information with network recovery.Bus interface module is pci interface module, can be with master
The pci bus connection of plate.
In the present embodiment, it can be pre- for obtaining the acquisition program of transparent service device information to be stored in memory
Be first stored in memory, or sent by serial communication interface by operating system and stored into memory.
In the present embodiment, also including cold reset interface module, cold reset interface module is connected with processor, for sending
Cold reset signal.Hot reset is sent during hot reset to lucidification disposal terminal by serial communication interface module to instruct, so as to control
Lucidification disposal terminal carries out hot reset, when lucidification disposal terminal hot reset fails, then by cold reset interface module to transparent
The mainboard of computing terminal sends cold reset signal, and pressure carries out cold reset to lucidification disposal terminal.
By the isolation network interface card of the present embodiment, can timely determine whether the network that lucidification disposal terminal is accessed occurs
Change, if accessed insecure network, when insecure network is accessed, can timely reset lucidification disposal terminal, so as to drop
The risk that low lucidification disposal terminal is divulged a secret.
The lucidification disposal mainboard of the present embodiment, including mainboard body and isolation network interface card as described above.
The lucidification disposal terminal of the present embodiment, including mainboard as described above.Specifically, lucidification disposal terminal includes display
Equipment, power supply, mainboard etc..Display device and main analysis, power supply are that mainboard and display device are powered.
Embodiment three:
The partition method of the present embodiment is identical with embodiment two, and the shielding system of the present embodiment is identical with embodiment two.This implementation
The isolation network interface card of example is substantially different with embodiment two, and difference is:As shown in figure 4, isolation network interface card also includes that isolation is controlled
Device, processor is connected by isolation controller with Network Interface Module, and bus interface module is connect by isolation controller with network
Mouth mold block is connected;Isolation controller is used to that Network Interface Module and bus interface module to be disconnected or recovered according to the control of processor
Between connection.
In the present embodiment, by isolation controller, can in time be disconnected saturating after the triggering of default spliting node event
The connection of bright computing terminal and network, and until after network recovery, isolating the processor of network interface card by obtaining transparent clothes again
Business device information, during by the network that judges currently to be accessed as safety, trusted network, recovery lucidification disposal terminal and network
Connection, when the network for being accessed is insecure network, then reset lucidification disposal terminal, so as to realize lucidification disposal terminal not
With the physical isolation between network, the data safety of lucidification disposal terminal, risk of not divulging a secret are ensured to greatest extent.
The lucidification disposal mainboard of the present embodiment includes the isolation network interface card in mainboard body and the present embodiment.In the present embodiment
Lucidification disposal terminal includes the lucidification disposal mainboard in the present embodiment.
Above-mentioned simply presently preferred embodiments of the present invention, not makees any formal limitation to the present invention.Although of the invention
It is disclosed above with preferred embodiment, but it is not limited to the present invention.Therefore, it is every without departing from technical solution of the present invention
Content, according to the technology of the present invention essence to any simple modification, equivalent variation and modification made for any of the above embodiments, all should fall
In the range of technical solution of the present invention protection.
Claims (15)
1. a kind of Network Isolation method based on lucidification disposal, it is characterised in that:Including:
S1. in the first operation phase acquisition first information of lucidification disposal terminal, the first information exists for lucidification disposal terminal
First operation phase transparent service device in a network information;
S2. in second information of the second operation phase acquisition of lucidification disposal terminal, second information exists for lucidification disposal terminal
Second operation phase transparent service device in a network information;
S3. when the first information is inconsistent with second information, reset the lucidification disposal terminal.
2. the Network Isolation method based on lucidification disposal according to claim 1, it is characterised in that:The first operation rank
Section and the second operation phase be according to determined by default spliting node event lucidification disposal terminal in the spliting node thing
Operation phase after terminating with event before part generation.
3. the Network Isolation method based on lucidification disposal according to claim 2, it is characterised in that:The default segmentation
Node Events lead into the Node Events of example operation system, lucidification disposal terminal in example operation including lucidification disposal terminal
Network disconnects the Node Events for joining again in system operation.
4. the Network Isolation method based on lucidification disposal according to claim 3, it is characterised in that:The transparent service device
Information including server IP address and UUID yards.
5. the Network Isolation method based on lucidification disposal according to claim 4, it is characterised in that:Step S1, S2
With S3 by the computing device independently of lucidification disposal terminal operating system.
6. the Network Isolation method based on lucidification disposal according to claim 5, it is characterised in that:The step S1 it
Afterwards, when the default spliting node event starts, the connection of isolation lucidification disposal terminal and network;In the default segmentation
After Node Events terminate, the step S2 is performed;
In the step S3, when the first information is consistent with second information, recover the lucidification disposal terminal with
The connection of network.
7. the Network Isolation method based on lucidification disposal according to claim 6, it is characterised in that multiple described in step S3
The specific steps of the position lucidification disposal terminal include:Hot reset is sent to lucidification disposal terminal to instruct, and monitor lucidification disposal
Terminal hot reset state, when hot reset is unsuccessful within the default time for lucidification disposal terminal, sends to lucidification disposal terminal
Cold reset signal, lucidification disposal terminal described in forced resetting.
8. a kind of network isolation system based on lucidification disposal, it is characterised in that including:
Data obtaining module:The first information is obtained for the first operation phase in lucidification disposal terminal, the first information is
Lucidification disposal terminal first operation phase transparent service device in a network information;It is additionally operable in lucidification disposal terminal
The second operation phase obtain the second information, second information be lucidification disposal terminal net where second operation phase
The information of transparent service device in network;
Reset processing module:For the lucidification disposal end that when the first information is inconsistent with second information, resets
End.
9. the network isolation system based on lucidification disposal according to claim 8, it is characterised in that:The reset processing
Module includes hot reset unit and cold reset unit, and the hot reset unit is used to refer to lucidification disposal terminal transmission hot reset
Order, and monitor lucidification disposal terminal hot reset state;The cold reset unit is used for when bright computing terminal is within the default time
When hot reset is unsuccessful, cold reset signal, lucidification disposal terminal described in forced resetting are sent to lucidification disposal terminal.
10. the network isolation system based on lucidification disposal according to claim 9, it is characterised in that:At also including isolation
Reason module:For when default spliting node event starts, isolating the connection of lucidification disposal terminal and network;When described first
When information is consistent with second information, recover the connection of the lucidification disposal terminal and network.
A kind of 11. Network Isolation network interface cards based on lucidification disposal, it is characterised in that:Including processor, memory, network interface mould
Block, serial communication interface module and bus interface module;
The memory, Network Interface Module, serial communication interface module are connected with the processor respectively, the EBI
Module is connected with the Network Interface Module;
The memory is used to store the information of transparent service device and the acquisition program of the information;
The processor obtains lucidification disposal terminal and leads into example operation system by the serial communication interface module
Node Events information, obtains network and disconnects the Node Events information for joining again by monitoring network interface module state;The treatment
Device obtains the information of transparent service device by Network Interface Module, according to the transparent service by running the acquisition program
Reset instruction is sent by the serial communication interface module when device information judges to need to reset.
The 12. Network Isolation network interface cards based on lucidification disposal according to claim 11, it is characterised in that:Also include that isolation is controlled
Device processed, the processor is connected by the isolation controller with the Network Interface Module, and the bus interface module passes through
The isolation controller is connected with the Network Interface Module;The isolation controller is used for disconnected according to the control of the processor
Open or recover the connection between the Network Interface Module and the bus interface module.
The 13. Network Isolation network interface cards based on lucidification disposal according to claim 12, it is characterised in that:Also include cold reset
Interface module, the cold reset interface module is connected with the processor, for sending cold reset signal.
A kind of 14. lucidification disposal mainboards, it is characterised in that:Including mainboard body and as described in any one of claim 11 to 13
Isolation network interface card.
A kind of 15. lucidification disposal terminals, it is characterised in that:Including mainboard as claimed in claim 14.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710161594.8A CN106856481B (en) | 2017-03-17 | 2017-03-17 | A kind of Network Isolation method, system, network interface card and application based on lucidification disposal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710161594.8A CN106856481B (en) | 2017-03-17 | 2017-03-17 | A kind of Network Isolation method, system, network interface card and application based on lucidification disposal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106856481A true CN106856481A (en) | 2017-06-16 |
| CN106856481B CN106856481B (en) | 2017-12-26 |
Family
ID=59125216
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710161594.8A Active CN106856481B (en) | 2017-03-17 | 2017-03-17 | A kind of Network Isolation method, system, network interface card and application based on lucidification disposal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106856481B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107609605A (en) * | 2017-09-15 | 2018-01-19 | 湖南新云网科技有限公司 | A kind of medical terminal hair fastener method and system based on lucidification disposal |
| CN113011893A (en) * | 2021-03-22 | 2021-06-22 | 腾讯科技(深圳)有限公司 | Data processing method and device, computer equipment and storage medium |
| CN113011893B (en) * | 2021-03-22 | 2024-04-26 | 腾讯科技(深圳)有限公司 | Data processing method, device, computer equipment and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1258042A (en) * | 1998-12-22 | 2000-06-28 | 日本电气株式会社 | Monitoring timer system |
| CN1670698A (en) * | 2005-04-06 | 2005-09-21 | 清华大学 | Transparent computing based computing apparatus and method |
| US20060117172A1 (en) * | 2004-11-12 | 2006-06-01 | Yaoxue Zhang | Method and computing system for transparence computing on the computer network |
| CN106250139A (en) * | 2016-07-28 | 2016-12-21 | 湖南汇网通信息技术有限公司 | Startup method based on lucidification disposal intelligent terminal, system and intelligent self-service system |
| CN106339278A (en) * | 2016-08-24 | 2017-01-18 | 浪潮电子信息产业股份有限公司 | Data backup and recovery method for network file system |
| CN106485150A (en) * | 2015-08-31 | 2017-03-08 | 哈尔滨光凯科技开发有限公司 | A kind of foundation for security system of credible and secure simulation computer |
| CN106502927A (en) * | 2016-10-26 | 2017-03-15 | 北京德普信科技有限公司 | Trusted end-user is calculated and data inactivity security system and method |
-
2017
- 2017-03-17 CN CN201710161594.8A patent/CN106856481B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1258042A (en) * | 1998-12-22 | 2000-06-28 | 日本电气株式会社 | Monitoring timer system |
| US20060117172A1 (en) * | 2004-11-12 | 2006-06-01 | Yaoxue Zhang | Method and computing system for transparence computing on the computer network |
| CN1670698A (en) * | 2005-04-06 | 2005-09-21 | 清华大学 | Transparent computing based computing apparatus and method |
| CN106485150A (en) * | 2015-08-31 | 2017-03-08 | 哈尔滨光凯科技开发有限公司 | A kind of foundation for security system of credible and secure simulation computer |
| CN106250139A (en) * | 2016-07-28 | 2016-12-21 | 湖南汇网通信息技术有限公司 | Startup method based on lucidification disposal intelligent terminal, system and intelligent self-service system |
| CN106339278A (en) * | 2016-08-24 | 2017-01-18 | 浪潮电子信息产业股份有限公司 | Data backup and recovery method for network file system |
| CN106502927A (en) * | 2016-10-26 | 2017-03-15 | 北京德普信科技有限公司 | Trusted end-user is calculated and data inactivity security system and method |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107609605A (en) * | 2017-09-15 | 2018-01-19 | 湖南新云网科技有限公司 | A kind of medical terminal hair fastener method and system based on lucidification disposal |
| CN107609605B (en) * | 2017-09-15 | 2020-09-25 | 湖南新云网科技有限公司 | Medical terminal card issuing method and system based on transparent computing |
| CN113011893A (en) * | 2021-03-22 | 2021-06-22 | 腾讯科技(深圳)有限公司 | Data processing method and device, computer equipment and storage medium |
| CN113011893B (en) * | 2021-03-22 | 2024-04-26 | 腾讯科技(深圳)有限公司 | Data processing method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106856481B (en) | 2017-12-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106412909B (en) | A kind of method and device of equipment connection | |
| CN106850260A (en) | A kind of dispositions method and device of virtual resources management platform | |
| CN112506702B (en) | Disaster recovery method, device, equipment and storage medium for data center | |
| CN106528097A (en) | Version synchronization method for two pieces of BIOS (Basic Input/ Output System) firmware, and electronic equipment | |
| CN105024879A (en) | Virtual machine fault detection and recovery system and virtual machine detection, recovery and starting method | |
| CN101542444A (en) | Security features in interconnect centric architectures | |
| US10007785B2 (en) | Method and apparatus for implementing virtual machine introspection | |
| CN109670319A (en) | A kind of server flash method for managing security and its system | |
| CN104794395A (en) | Architecture characteristic based lightweight multi-system safety management structure | |
| CN109334590B (en) | Unmanned vehicle chassis control method, device, equipment and storage medium | |
| CN106488394A (en) | A kind of method and device of equipment connection | |
| CN107623581B (en) | Service list generation method, device and system, and acquisition and reporting method and device | |
| CN106856481B (en) | A kind of Network Isolation method, system, network interface card and application based on lucidification disposal | |
| CN104346572A (en) | Construction method of universal external intelligent terminal safety operation environment | |
| CN112202727B (en) | Server-side verification user management method, system, terminal and storage medium | |
| CN101175315B (en) | Method and system for updating control mobile station | |
| CN112636977A (en) | Internet of things equipment management method, registration method, device and system and electronic equipment | |
| CN107315660A (en) | A kind of two-node cluster hot backup method of virtualization system, apparatus and system | |
| CN105912929A (en) | Domestic TCM based dynamic measurement method | |
| CN111488306A (en) | Attack and defense architecture system and construction method thereof | |
| CN105740040A (en) | Virtual machine data loading method and system | |
| CN114584328B (en) | API interface access method, computer device and computer storage medium | |
| CN103503374B (en) | Monitoring method and apparatus, the network equipment | |
| CN213879892U (en) | Distributed file protection system comprising multiple protection devices | |
| CN107809529A (en) | Communication control method and related product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder |
Address after: 410000 Yuelu District Yuelu street, Changsha, Hunan Province, 5 left 101 rooms of R & D headquarters of Central South University Science Park. Patentee after: HUNAN NEW CLOUDNET TECHNOLOGY CO., LTD. Address before: 410001 18 floor, block A, Yun Da Central Plaza, Yuhua District, Changsha, Hunan. Patentee before: HUNAN NEW CLOUDNET TECHNOLOGY CO., LTD. |
|
| CP02 | Change in the address of a patent holder | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Network isolation method based on transparent computing, system, network card and application Effective date of registration: 20200602 Granted publication date: 20171226 Pledgee: Pudong Development Bank of Shanghai Limited by Share Ltd. Changsha branch Pledgor: HUNAN NEW CLOUDNET TECHNOLOGY Co.,Ltd. Registration number: Y2020980002707 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20210915 Granted publication date: 20171226 Pledgee: Pudong Development Bank of Shanghai Limited by Share Ltd. Changsha branch Pledgor: HUNAN NEW CLOUDNET TECHNOLOGY Co.,Ltd. Registration number: Y2020980002707 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right |