公开(公告)号：US09369434B2

公开(公告)日：2016-06-14

申请号：US14330141

申请日：2014-07-14

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Heemin Kim ,  Jeong-Han Yun ,  Kyoung-Ho Kim ,  Woonyon Kim ,  Jungtaek Seo ,  Chun soo Kim

IPC: H04L29/06

CPC classification number: H04L63/0227 ,  H04L63/101

Abstract: A whitelist-based network switch defines a whitelist and a handling rule based on an access control list, security policies, etc., and monitors and blocks network traffic based on the whitelist and the handling rule. The whitelist-based network switch includes a whitelist monitoring unit for storing a whitelist including permitted communication rules, monitoring one or more packets input through a plurality of switch interfaces based on the whitelist, and permitting communication of each packet conforming to the whitelist, and a whitelist management unit for updating the whitelist and transmitting an updated whitelist to the whitelist monitoring unit.

Abstract translation: 基于白名单的网络交换机基于访问控制列表，安全策略等定义白名单和处理规则，并且基于白名单和处理规则来监视和阻止网络流量。 基于白名单的网络交换机包括白名单监视单元，用于存储包括允许的通信规则的白名单，基于白名单监视通过多个交换机接口输入的一个或多个分组，并且允许符合白名单的每个分组的通信，以及 白名单管理单元，用于更新白名单并将更新的白名单发送到白名单监视单元。