智慧园区云计算场景要求多租户环境下的业务安全部署和快速变更,传统网络较难适应。软件定义网络(Software Defined Network,SDN)具有转控分离、可编程接口开放、控制集中化、业务自动化应用等特点,可满足园区网络极简融合、集成管理、...智慧园区云计算场景要求多租户环境下的业务安全部署和快速变更,传统网络较难适应。软件定义网络(Software Defined Network,SDN)具有转控分离、可编程接口开放、控制集中化、业务自动化应用等特点,可满足园区网络极简融合、集成管理、统一运维、策略随行、弹性拓展和业务灵活等需求。笔者在阐述智慧园区建设需求的基础上,探讨SDN Overlay技术的作用以及在智慧园区建设中的适用性,提出基于虚拟可扩展局域网(Virtual eXtensible Local Area Network,VXLAN)的智慧园区SDN网络架构方案,设计智慧园区网络整体架构和拓扑结构,并对SRv6+SDN、5G+AIoT等新技术在智慧园区中的未来应用作出展望。展开更多
Based on the analysis of the security problems existing in the cloud platform of the data center, this paper proposes a set of cloud platform security protection scheme being with virtualization technology. This paper...Based on the analysis of the security problems existing in the cloud platform of the data center, this paper proposes a set of cloud platform security protection scheme being with virtualization technology. This paper focuses on the overall architecture of cloud platform as well as the design of virtualization security architecture. Meantime, it introduces the key technologies of VXLAN in detail. The scheme realizes flexible scheduling of security resources through virtual pooling of independent security gateway and virtual machine isolation through VXLAN technology. Moreover, it guides all horizontal traffic to independent security gateway for processing, unified management of security gateway through cloud platform by using Huawei NSH business chain technology. This scheme effectively solves the horizontal transmission of security threat among virtual machines, and realizes the fine security control and protection for the campus data center.展开更多
文摘智慧园区云计算场景要求多租户环境下的业务安全部署和快速变更,传统网络较难适应。软件定义网络(Software Defined Network,SDN)具有转控分离、可编程接口开放、控制集中化、业务自动化应用等特点,可满足园区网络极简融合、集成管理、统一运维、策略随行、弹性拓展和业务灵活等需求。笔者在阐述智慧园区建设需求的基础上,探讨SDN Overlay技术的作用以及在智慧园区建设中的适用性,提出基于虚拟可扩展局域网(Virtual eXtensible Local Area Network,VXLAN)的智慧园区SDN网络架构方案,设计智慧园区网络整体架构和拓扑结构,并对SRv6+SDN、5G+AIoT等新技术在智慧园区中的未来应用作出展望。
文摘Based on the analysis of the security problems existing in the cloud platform of the data center, this paper proposes a set of cloud platform security protection scheme being with virtualization technology. This paper focuses on the overall architecture of cloud platform as well as the design of virtualization security architecture. Meantime, it introduces the key technologies of VXLAN in detail. The scheme realizes flexible scheduling of security resources through virtual pooling of independent security gateway and virtual machine isolation through VXLAN technology. Moreover, it guides all horizontal traffic to independent security gateway for processing, unified management of security gateway through cloud platform by using Huawei NSH business chain technology. This scheme effectively solves the horizontal transmission of security threat among virtual machines, and realizes the fine security control and protection for the campus data center.