[go: up one dir, main page]

CN114401236B - Switch with multiple ports and switch monitoring method with multiple ports - Google Patents

Switch with multiple ports and switch monitoring method with multiple ports Download PDF

Info

Publication number
CN114401236B
CN114401236B CN202111596452.7A CN202111596452A CN114401236B CN 114401236 B CN114401236 B CN 114401236B CN 202111596452 A CN202111596452 A CN 202111596452A CN 114401236 B CN114401236 B CN 114401236B
Authority
CN
China
Prior art keywords
switch
input
port
input port
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111596452.7A
Other languages
Chinese (zh)
Other versions
CN114401236A (en
Inventor
陈光宇
李永贵
杜江涛
薛亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huanyu Boya Technology Co ltd
Original Assignee
Beijing Huanyu Boya Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huanyu Boya Technology Co ltd filed Critical Beijing Huanyu Boya Technology Co ltd
Priority to CN202111596452.7A priority Critical patent/CN114401236B/en
Publication of CN114401236A publication Critical patent/CN114401236A/en
Application granted granted Critical
Publication of CN114401236B publication Critical patent/CN114401236B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/10Packet switching elements characterised by the switching fabric construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q1/00Details of selecting apparatus or arrangements
    • H04Q1/02Constructional details
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q1/00Details of selecting apparatus or arrangements
    • H04Q1/02Constructional details
    • H04Q1/10Exchange station construction

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the disclosure discloses a switch with multiple ports and a switch monitoring method with multiple ports. The switch includes: the switch comprises a switch shell, a switch mainboard, an input port assembly and an output port assembly, wherein the switch mainboard is arranged in the switch shell; the input port assembly and the output port assembly are arranged on one side of the exchanger shell; the input port assembly comprises a plurality of input ports, and one input port in the input ports is an input management port; input port subassembly and output port subassembly all are connected with the switch mainboard, and under operating condition, the switch mainboard is configured into: and generating an alarm log corresponding to any input port in response to the fact that the current-cut duration of the port flow of any input port in the input port assembly reaches the preset duration, and sending the alarm log to a preset alarm terminal through the output port assembly. The implementation mode improves the security of the switch and reduces the possibility of network virus intrusion.

Description

Switch with multiple ports and switch monitoring method with multiple ports
Technical Field
The embodiment of the disclosure relates to the field of switches, in particular to a switch with multiple ports and a switch monitoring method with multiple ports.
Background
In an industrial control network in the oil exploitation industry, a large amount of information is derived from equipment data distributed in each base station, and each data source can be a transmission path for network virus intrusion, network storm and data stealing. The possibility of cyber attacks has been extended from local area networks installed in control rooms to unattended infrastructure data collection stations. The switch is a terminal for data collection in network communication and is also a key device for defending network virus invasion. Currently, for monitoring data transmission in a switch, a commonly adopted method is as follows: after the data transmission is completed, security detection is carried out on the data after the data transmission is completed so as to prevent network virus intrusion.
However, the following technical problems generally exist in the above manner:
firstly, each input port cannot be detected, and when a certain input port is abnormal, an alarm cannot be given in time, so that the security of the switch is low, and network virus intrusion is easily caused;
secondly, abnormal transmission data cannot be intercepted directly, and the monitoring degree of the transmission data is low, so that the security of the switch is low.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Some embodiments of the present disclosure propose a switch with multiple ports, a switch monitoring method with multiple ports, an apparatus and a computer readable medium to solve one or more of the technical problems mentioned in the background section above.
In a first aspect, some embodiments of the present disclosure provide a switch having multiple ports, the switch comprising: the switch comprises a switch shell, a switch mainboard, an input port assembly and an output port assembly, wherein the switch mainboard is arranged in the switch shell; the input port assembly and the output port assembly are arranged on one side of the exchanger shell; the input port assembly comprises a plurality of input ports, and one input port in the plurality of input ports is an input management port; the input port assembly and the output port assembly are both connected with the switch main board, and in a working state, the switch main board is configured to: and generating an alarm log corresponding to any input port in response to detecting that the current-cut duration of the port flow of any input port in the input port assembly reaches a preset duration, and sending the alarm log to a preset alarm terminal through the output port assembly.
Optionally, the switch with multiple ports further includes: the system comprises a reset main board, a reset button and a password input screen; the reset mainboard is connected with the switch mainboard through a serial port of the switch mainboard; the reset button and the password input screen are arranged on one side of the reset main board; the reset motherboard is configured to: and activating the password input screen in response to the detection of the clicking operation acting on the reset button, wherein a password input frame is displayed in the activated password input screen.
Optionally, the reset motherboard is further configured to: in response to receiving a password input to the password input box, determining whether the password is a preset password; and sending a reset instruction to the switch mainboard in response to the fact that the password is determined to be the preset password.
Optionally, the switch motherboard is further configured to: for each input port in the input port assembly, the following detection steps are performed: detecting whether the flow characteristic code of the port flow passing through the input port is consistent with the pre-stored protocol characteristic code corresponding to the input port; closing the input port in response to detecting that the traffic signature is not consistent with the pre-stored corresponding protocol signature; and generating a flow abnormal log corresponding to the input port, and sending the flow abnormal log to the preset alarm terminal through the output port assembly.
Optionally, in the target state, the switch motherboard is further configured to: in response to the version of the current system program being the target version, for each input port in the input port assembly, performing the following detection steps: determining whether a protocol feature code consistent with the port flow feature code of the input port exists in each locally stored protocol feature code; and in response to determining that the protocol feature codes consistent with the port flow feature codes exist in the protocol feature codes, binding the input port with a locally stored device physical address corresponding to the protocol feature codes.
Optionally, the plurality of input ports include a plurality of initial input ports and a plurality of extended input ports, an initial input port of the plurality of initial input ports is an input management port, and the output port assembly includes an output optical port and an output electrical port.
Optionally, the switch motherboard is further configured to: and starting a reset program in response to receiving the reset instruction.
Optionally, the switch further includes: protection lock and protective housing, above-mentioned protective housing set up in the outside of above-mentioned reset button, and above-mentioned protection lock is used for pinning above-mentioned protective housing to protect above-mentioned reset button.
In a second aspect, some embodiments of the present disclosure provide a switch monitoring method having multiple ports, the method including: activating the password input screen in response to detecting the click operation of a reset button acting on the switch, wherein a password input frame is displayed in the activated password input screen; in response to receiving a password input to the password input box, determining whether the password is a preset password; and starting a reset program in response to the fact that the password is determined to be the preset password.
In a third aspect, some embodiments of the present disclosure provide a switch monitoring apparatus having multiple ports, the apparatus comprising: an activation unit configured to activate the password input screen in response to detection of a click operation of a reset button acting on the switch, wherein a password input frame is displayed in the activated password input screen; a determination unit configured to determine whether the password is a preset password in response to receiving the password input to the password input box; and the starting unit is configured to respond to the fact that the password is the preset password and start a reset program.
In a fourth aspect, some embodiments of the present disclosure provide a computer readable medium on which a computer program is stored, wherein the program, when executed by a processor, implements the method described in any of the implementations of the first aspect.
The above embodiments of the present disclosure have the following advantages: through the switch with multiple ports of some embodiments of the present disclosure, each input port can be detected, and an alarm is given to an abnormal input port in time, so that the security of the switch is improved, and the possibility of network virus intrusion is reduced. In particular, the reasons for the easy invasion of network viruses are: each input port cannot be detected, and when a certain input port is abnormal, an alarm cannot be given in time, so that the security of the switch is low, and network virus intrusion is easily caused. Based on this, the switch with multiple ports of some embodiments of the present disclosure includes: switch casing, switch mainboard, input port subassembly, output port subassembly. Here, the transmission condition of the port traffic of each input port in the input port assembly can be monitored in real time through the set switch main board. Therefore, when the current-cutoff duration of the port flow of the input port reaches the preset duration, alarm processing can be carried out, and maintenance personnel can be informed to maintain the abnormal input port in time. Furthermore, the security of the switch is improved, and the possibility of network virus intrusion is reduced.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and elements are not necessarily drawn to scale.
Figure 1 is a schematic structural diagram of a switch having multiple ports, according to some embodiments of the present disclosure;
fig. 2 is a flow diagram of some embodiments of a switch monitoring method with multiple ports according to the present disclosure;
fig. 3 is a block diagram of some embodiments of a switch monitoring apparatus having multiple ports according to the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Referring to fig. 1, a schematic structural diagram of an embodiment of a switch with multiple ports provided by the present disclosure is shown. As shown in fig. 1, the switch with multiple ports provided by the present disclosure may include: switch shell (not shown in the figure), switch mainboard 1, input port subassembly 2, output port subassembly 3. Optionally, the switch with multiple ports may further include: a reset mainboard 4, a reset button 5 and a password input screen 6.
In some embodiments, the switch board 1 is built into the switch housing. The input port block 2 and the output port block 3 are provided on one side of the exchanger case. Here, the input port block 2 and the output port block 3 may be provided on the same side of the switch housing or may be provided on different sides of the switch housing. The positions where the input port block 2 and the output port block 3 are provided in the exchanger case are not particularly limited.
In some embodiments, the input port assembly 2 includes a plurality of input ports, and one of the input ports is an input management port. Here, it may be arbitrarily set that any one of the plurality of input ports included in the input port module 2 is an input management port (e.g., a console port). Optionally, the plurality of input ports includes a plurality of initial input ports and a plurality of extended input ports. One of the initial input ports is an input management port (e.g., a console port). The output port assembly includes an output optical port and an output electrical port.
In some embodiments, the input port module 2 and the output port module 3 are both connected to the switch board 1, and in an operating state, the switch board 1 is configured to: and in response to detecting that the flow-cutoff duration of the port flow of any input port in the input port assembly 2 reaches a preset duration, generating an alarm log corresponding to any input port, and sending the alarm log to a preset alarm terminal through the output port assembly 3. In practice, the input port module 2 and the output port module 3 may be connected to the switch board 1 through connection data lines. Here, the flow interruption duration of the port traffic of any input port may refer to a duration in which the port traffic is not transmitted in any input port. Here, the alarm log may refer to a log of the interruption of port traffic of a certain input port. Here, the preset alarm terminal may refer to a preset device having an alarm function. Here, the operating state may refer to an operating state. For example, the alarm log may be "10 minutes out of port traffic on the a input port".
In some embodiments, the reset motherboard 4 is connected to the switch motherboard 1 through a serial port of the switch motherboard 1. Here, the serial port may refer to a serial interface. Here, the reset main board 4 may be a main board having a reset function, and may transmit a reset instruction to the switch main board 1.
In some embodiments, the reset button 5 and the password input screen 6 are disposed on one side of the reset main board. Here, the reset button 5 and the password input screen 6 may be disposed on the same side of the reset main board 4, or may be disposed on different sides of the reset main board 4, which is not limited. Here, the reset button 5 may be a key having a reset function, that is, after the reset button 5 is clicked, a reset program in the reset main board 4 may be started to reset the switch main board 1 (i.e., restore factory settings). Here, the password input screen 6 may be a screen or a touch screen displaying an input password, and after activation, the input of the password may be received.
In some embodiments, the reset motherboard 4 may be configured to: the password input screen 6 is activated in response to detection of a click operation on the reset button 5. Wherein, a password input box is displayed in the activated password input screen 6. Here, activating the password input screen may refer to displaying a password input box in the password input screen.
In some embodiments, the reset motherboard 4 may be further configured to: in response to receiving a password input to the password input box, determining whether the password is a preset password; and sending a reset instruction to the switch mainboard 1 in response to the fact that the password is the preset password. In practice, first, the reset main board 4 may determine whether the password is a preset password after receiving the password input to the password input box by the user. Then, the reset motherboard 4 may send a reset instruction to the switch motherboard 1 in response to determining that the password is the preset password. Here, the reset instruction may be an instruction to reset the switch program in the switch main board 1 described above to an initial state (i.e., to restore factory settings).
In some embodiments, the switch board 1 is further configured to: for each input port in the input port assembly, the following detection steps are performed: detecting whether the flow characteristic code of the port flow passing through the input port is consistent with the pre-stored protocol characteristic code corresponding to the input port; closing the input port in response to detecting that the traffic signature is not consistent with the pre-stored corresponding protocol signature; and generating a flow abnormal log corresponding to the input port, and sending the flow abnormal log to the preset alarm terminal through the output port assembly. Here, the traffic signature may refer to a signature of port traffic (data) transmitted by the input port, and may characterize the source of data transmission and the type of data. Here, the protocol feature code may refer to a feature code of a protocol (industrial control network protocol) corresponding to data transmitted by the input port, and may characterize a type of the data transmitted by the input port. In practice, first, the switch board 1 may detect whether a traffic feature code of port traffic passing through the input port is the same as a pre-stored protocol feature code corresponding to the input port. Then, the switch board 1 may close the input port in response to detecting that the traffic feature code is not consistent with the pre-stored corresponding protocol feature code. Finally, the switch board 1 may generate a traffic abnormality log corresponding to the input port, and send the traffic abnormality log to the preset alarm terminal through the output port component. Here, the traffic anomaly log may be a log in which a traffic signature representing port traffic of a certain input port is inconsistent with a corresponding protocol signature. For example, the traffic anomaly log may be "port traffic (data) transmitted by the a input port does not conform to the protocol".
In some embodiments, in the target state, the switch motherboard is further configured to: in response to the version of the current system program being the target version, for each input port in the input port assembly, performing the following detection steps: determining whether a protocol feature code consistent with the port flow feature code of the input port exists in each locally stored protocol feature code; and in response to determining that the protocol feature codes consistent with the port flow feature codes exist in the protocol feature codes, binding the input port with a locally stored device physical address corresponding to the protocol feature codes. Here, the target state may refer to a reset state, that is, a state indicating that the program in the switch board is reset. Here, the port traffic feature code may refer to a traffic feature code. Here, the device physical address may refer to a physical address (MAC address) of the device. Here, the system program may be an application program in the switch main board. Here, the target version may refer to a version of an application program in a switch board set in advance.
Optionally, the switch motherboard is further configured to: and starting a reset program in response to receiving the reset instruction. In practice, the switch board 1 may start a reset program after receiving the reset instruction, so as to restore the factory settings of the application program in the switch board 1.
Optionally, the switch further includes: the protection button is provided with a protection lock (not shown in the figure) and a protection shell (not shown in the figure), the protection shell is arranged on the outer side of the reset button, and the protection lock is used for locking the protection shell so as to protect the reset button. Here, the dongle may refer to a physical lock. Here, one side of the protective case is connected to the switch case, and the reset button may be completely covered when the protective case is closed.
The above embodiments of the present disclosure have the following advantages: through the switch with multiple ports of some embodiments of the present disclosure, each input port can be detected, and an alarm is given to an abnormal input port in time, so that the security of the switch is improved, and the possibility of network virus intrusion is reduced. In particular, the reasons for the easy invasion of network viruses are: each input port cannot be detected, and when a certain input port is abnormal, an alarm cannot be given in time, so that the security of the switch is low, and network virus intrusion is easily caused. Based on this, the switch with multiple ports of some embodiments of the present disclosure includes: switch casing, switch mainboard, input port subassembly, output port subassembly. Here, the transmission condition of the port traffic of each input port in the input port assembly can be monitored in real time through the set switch main board. Therefore, when the current-cutoff duration of the port flow of the input port reaches the preset duration, alarm processing can be carried out, and maintenance personnel can be informed to maintain the abnormal input port in time. Furthermore, the security of the switch is improved, and the possibility of network virus intrusion is reduced.
With continued reference to fig. 2, a flow 200 of some embodiments of a switch monitoring method with multiple ports in accordance with the present disclosure is shown. The switch monitoring method with multiple ports comprises the following steps:
step 201, responding to the click operation of the reset button which is acted on the switch, and activating the password input screen.
In some embodiments, an execution body of the switch monitoring method having multiple ports (e.g., a switch having multiple ports) may activate the above-described password input screen in response to detecting a click operation of a reset button acting on the switch. And a password input box is displayed in the activated password input screen. Here, activating the password input screen may refer to displaying a password input box in the password input screen. Here, the reset button may be a key having a reset function, i.e., after clicking the reset button, a reset program in the switch may be started to reset the switch (i.e., restore factory settings).
Step 202, in response to receiving the password input into the password input box, determining whether the password is a preset password.
In some embodiments, the execution body may determine whether the password is a preset password in response to receiving the password input to the password input box. In practice, first, the execution body may receive a password input to the password input box by a user. Then, it may be determined whether the password is a preset password.
Step 203, in response to determining that the password is the preset password, starting a reset program.
In some embodiments, the execution subject may start a reset procedure in response to determining that the password is the preset password. Here, the reset program may be started to restore the application program in the execution body to factory settings.
Optionally, the switch includes an input port module and an output port module, and the input port module includes a plurality of input ports.
Optionally, for each input port of the input port assembly, the following processing steps are performed:
the method comprises the following steps of firstly, responding to the fact that the cutoff duration of the port flow of the input port reaches the preset duration, and generating an alarm log corresponding to the input port. Here, the flow interruption duration of the port traffic of the input port may refer to a duration in which the port traffic is not transmitted in the input port. Here, the alarm log may refer to a log of the interruption of port traffic of a certain input port. For example, the alarm log may be "10 minutes out of port traffic on the a input port".
And secondly, sending the alarm log to a preset alarm terminal through the output port assembly. Here, the preset alarm terminal may refer to a preset device having an alarm function.
And thirdly, detecting whether the flow characteristic code of the port flow passing through the input port is consistent with the pre-stored protocol characteristic code corresponding to the input port. Here, the traffic signature may refer to a signature of port traffic (data) transmitted by the input port, and may characterize the source of data transmission and the type of data. Here, the protocol feature code may refer to a feature code of a protocol (industrial control network protocol) corresponding to data transmitted by the input port, and may characterize a type of the data transmitted by the input port. In practice, the execution body may detect whether a traffic feature code of the port traffic of the input port is the same as a pre-stored protocol feature code corresponding to the input port.
And fourthly, closing the input port in response to the fact that the flow characteristic code is detected to be inconsistent with the pre-stored corresponding protocol characteristic code. In practice, the executing body may close the input port in response to detecting that the traffic signature is not consistent with the pre-stored corresponding protocol signature.
And fifthly, generating a flow abnormal log corresponding to the input port, and sending the flow abnormal log to the preset alarm terminal through the output port assembly. In practice, a flow abnormality log corresponding to the input port may be generated, and the flow abnormality log may be sent to the preset alarm terminal through the output port component. Here, the traffic anomaly log may be a log in which a traffic signature representing port traffic of a certain input port is inconsistent with a corresponding protocol signature. For example, the traffic anomaly log may be "port traffic (data) transmitted by the a input port does not conform to the protocol".
Optionally, in response to that the version of the current system program is the target version, for each input port in the input port component, the following detection steps are performed:
the first step is to determine whether a protocol feature code consistent with the port traffic feature code of the input port exists in each locally stored protocol feature code. Here, the system program may be an application program in the switch main board. Here, the target version may refer to a version of an application program in a switch board set in advance. Here, the port traffic feature code may refer to a traffic feature code.
And secondly, in response to determining that the protocol feature codes consistent with the port flow feature codes exist in the protocol feature codes, binding the input port with a locally stored device physical address corresponding to the protocol feature codes. Here, the device physical address may refer to a physical address (MAC address) of the device.
The related content in the above optional cases is used as an invention point of the present disclosure, and a second technical problem mentioned in the background art is solved, namely that "abnormal transmission data cannot be directly intercepted, the monitoring strength on the transmission data is low, and the security of the switch is low". The factors that lead to lower security of the switch tend to be as follows: abnormal transmission data cannot be intercepted directly, and the monitoring degree of the transmission data is low, so that the safety of the switch is low. If the above-mentioned factors are solved, the effect of improving the security of the switch can be achieved. To achieve this effect, the present disclosure first detects whether a traffic feature code of a port traffic passing through the input port coincides with a pre-stored protocol feature code corresponding to the input port. Therefore, whether the data transmitted by the input port is the data corresponding to the preset protocol can be determined. And then, in response to the fact that the flow characteristic code is inconsistent with the corresponding protocol characteristic code stored in advance, closing the input port. Therefore, when the data transmitted by the input port is detected to be abnormal data, the input port can be closed in time to prevent the transmission of the abnormal data. And finally, generating a flow abnormal log corresponding to the input port, and sending the flow abnormal log to the preset alarm terminal through the output port assembly. Therefore, the alarm terminal can be timely informed, and the data transmitted by the current switch are abnormal and timely managed and controlled. Therefore, the monitoring strength of the transmission data is improved, and the safety of the switch is improved.
As can be seen from fig. 2, the process 200 in some embodiments corresponding to fig. 2 can notify the alarm terminal in time that the data transmitted by the current switch is abnormal, and perform management and control in time. Therefore, the monitoring strength of the transmission data is improved, and the safety of the switch is improved.
With further reference to fig. 3, as an implementation of the methods shown in the above figures, the present disclosure provides some embodiments of a switch monitoring apparatus having multiple ports, which correspond to those of the method embodiments shown in fig. 2, and which may be applied in various electronic devices in particular.
As shown in fig. 3, a switch monitoring apparatus 300 having multiple ports of some embodiments includes: an activation unit 301, a determination unit 302 and an initiation unit 303. The activation unit 301 is configured to activate the password input screen in response to detecting a click operation of a reset button acting on the switch, wherein a password input frame is displayed in the activated password input screen; a determination unit 302 configured to determine whether the password is a preset password in response to receiving the password input to the password input box; a starting unit 303 configured to start a reset procedure in response to determining that the password is the preset password.
It will be understood that the units described in the apparatus 300 correspond to the various steps in the method described with reference to fig. 2. Thus, the operations, features and resulting advantages described above with respect to the method are also applicable to the apparatus 300 and the units included therein, and are not described herein again.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.

Claims (5)

1. A switch having multiple ports, comprising: switch shell, switch mainboard, input port assembly, output port assembly, wherein,
the switch mainboard is built in the switch shell;
the input port assembly and the output port assembly are arranged on one side of the exchanger shell;
the input port assembly comprises a plurality of input ports, and one input port in the plurality of input ports is an input management port;
the input port assembly and the output port assembly are connected with the switch main board, and in a working state, the switch main board is configured to: responding to the fact that the current-cut duration of the port flow of any input port in the input port assembly reaches the preset duration, generating an alarm log corresponding to any input port, and sending the alarm log to a preset alarm terminal through the output port assembly;
wherein, in the target state, the target state is a reset state, and the switch motherboard is further configured to:
in response to that the version of the current system program is a target version, where the target version is a preset version of an application program in a switch motherboard, for each input port in the input port component, performing the following detection steps:
determining whether a protocol feature code consistent with the port traffic feature code of the input port exists in each locally stored protocol feature code;
and in response to determining that the protocol feature codes consistent with the port flow feature codes exist in the protocol feature codes, binding the input port with a locally stored device physical address corresponding to the protocol feature codes.
2. The switch having multiple ports of claim 1, wherein the switch having multiple ports further comprises: the system comprises a reset main board, a reset button and a password input screen; and
the reset main board is connected with the switch main board through a serial port of the switch main board;
the reset button and the password input screen are arranged on one side of the reset main board;
the reset motherboard is configured to: and in response to detecting the clicking operation acting on the reset button, activating the password input screen, wherein a password input frame is displayed in the activated password input screen.
3. The switch with multiple ports of claim 2, wherein the reset motherboard is further configured to:
in response to receiving a password input to the password input box, determining whether the password is a preset password;
and responding to the fact that the password is the preset password, and sending a reset instruction to the switch mainboard.
4. The switch having multiple ports of claim 1, wherein the plurality of input ports includes a plurality of initial input ports and a plurality of extended input ports, an initial input port of the plurality of initial input ports is an input management port, and the output port assembly includes an output optical port and an output electrical port.
5. The switch having multiple ports of claim 2, wherein the switch further comprises: protection lock and protective housing, the protective housing sets up the outside of reset button, the protection lock is used for pinning the protective housing, in order to protect reset button.
CN202111596452.7A 2021-12-24 2021-12-24 Switch with multiple ports and switch monitoring method with multiple ports Active CN114401236B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111596452.7A CN114401236B (en) 2021-12-24 2021-12-24 Switch with multiple ports and switch monitoring method with multiple ports

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111596452.7A CN114401236B (en) 2021-12-24 2021-12-24 Switch with multiple ports and switch monitoring method with multiple ports

Publications (2)

Publication Number Publication Date
CN114401236A CN114401236A (en) 2022-04-26
CN114401236B true CN114401236B (en) 2022-08-30

Family

ID=81227430

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111596452.7A Active CN114401236B (en) 2021-12-24 2021-12-24 Switch with multiple ports and switch monitoring method with multiple ports

Country Status (1)

Country Link
CN (1) CN114401236B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106100878A (en) * 2016-06-08 2016-11-09 深圳市梧桐世界科技股份有限公司 A kind of method realizing intel x86 router analog reset button
CN113141268A (en) * 2020-01-20 2021-07-20 华为技术有限公司 Method and device for realizing redundancy backup of link aggregation group of manual aggregation

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8437352B2 (en) * 2006-05-30 2013-05-07 Broadcom Corporation Method and system for power control based on application awareness in a packet network switch

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106100878A (en) * 2016-06-08 2016-11-09 深圳市梧桐世界科技股份有限公司 A kind of method realizing intel x86 router analog reset button
CN113141268A (en) * 2020-01-20 2021-07-20 华为技术有限公司 Method and device for realizing redundancy backup of link aggregation group of manual aggregation

Also Published As

Publication number Publication date
CN114401236A (en) 2022-04-26

Similar Documents

Publication Publication Date Title
KR101977731B1 (en) Apparatus and method for detecting anomaly in a controller system
EP3101586B1 (en) Active response security system for industrial control infrastructure
EP3101581B1 (en) Security system for industrial control infrastructure using dynamic signatures
CN109067596B (en) Substation network security situation sensing method and system
EP3101491B1 (en) Security system for industrial control infrastructure
EP3101490B1 (en) Rapid configuration security system for industrial control infrastructure
EP3820108B1 (en) Security detection method, apparatus and device
CN108063753A (en) A kind of information safety monitoring method and system
CA2526759A1 (en) Event monitoring and management
WO2006020882A1 (en) Anomaly-based intrusion detection
CN112615858B (en) Internet of things equipment monitoring method, device and system
CN101034976B (en) Intrusion detection in an IP connected security system
GB2532630A (en) Network intrusion alarm method and system for nuclear power station
CN214306527U (en) Gas pipe network scheduling monitoring network safety system
CN111556473A (en) Abnormal access behavior detection method and device
CN111510436A (en) Network security system
CN114401236B (en) Switch with multiple ports and switch monitoring method with multiple ports
EP2141884A1 (en) Anti-intrusion method and system for a communication network
CN116186744B (en) Computer data transmission system and method
CN112087465B (en) A method and device for determining threat events based on aggregated information
EP3018878B1 (en) Firewall based prevention of the malicious information flows in smart home
KR101680736B1 (en) Process for checking status of network device
CN115174189A (en) Abnormality detection method, abnormality detection device, electronic apparatus, and storage medium
CN116016244A (en) Method, device and equipment for monitoring network fault processing process
CN112866172A (en) Safety protection method and device, smart home system and computer readable medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant