CN106789945A - A kind of network equipment and network log-in management method - Google Patents

A kind of network equipment and network log-in management method Download PDF

Info

Publication number
CN106789945A
CN106789945A CN201611079368.7A CN201611079368A CN106789945A CN 106789945 A CN106789945 A CN 106789945A CN 201611079368 A CN201611079368 A CN 201611079368A CN 106789945 A CN106789945 A CN 106789945A
Authority
CN
China
Prior art keywords
online
account
access
management
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611079368.7A
Other languages
Chinese (zh)
Inventor
刘玉敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Feixun Data Communication Technology Co Ltd
Original Assignee
Shanghai Feixun Data Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Feixun Data Communication Technology Co Ltd filed Critical Shanghai Feixun Data Communication Technology Co Ltd
Priority to CN201611079368.7A priority Critical patent/CN106789945A/en
Publication of CN106789945A publication Critical patent/CN106789945A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Present patent application is the network equipment and network log-in management method, is related to network communication field, more particularly to network log-in management technology.A kind of network equipment of network log-in management, including DNS service module, account management module, time management module and access level management module are disclosed, the DNS service module is converted into target ip address for that will be accessed for domain name;The account management module, for setting up different use identity;The time management module, the time authority for limiting online;The hierarchical management module, the access profile authority for limiting online.

Description

A kind of network equipment and network log-in management method
Technical field
Present patent application is related to network communication field, more particularly to network log-in management technology.
Background technology
Router (Router, also known as path device) is a kind of computer network facility, and it can be by data by packing one Individual network is sent to destination (transmission paths of selection data), and this process is referred to as route.Router be exactly connect two with The equipment of upper separate network, route is operated in the third layer of osi model --- i.e. Internet.
Router (Router), is each LAN, the equipment of wide area network in connection internet, and it can be according to the situation of channel Route is automatically selected and sets, with optimal path, by tandem sending signal.Router is the hinge of internet, " traffic Police ".Current router has been widely used for all trades and professions, and the product of various different class has turned into realizes various backbone networks The main force of inside connection, key internetworking and backbone network and internet interconnection business.Between route and interchanger The main distinction is exactly that interchanger occurs in the OSI Reference Model second layer (data link layer), and route and occur in third layer, i.e. net Network layers.This difference determines that route and interchanger need to use different control information during mobile message, so two Person realizes that the mode of respective function is different.
AP is the abbreviation of (Wireless) Access Point, i.e. (wireless) access points.If wireless network card is comparable Make the Ethernet card in cable network, then AP is exactly the HUB in conventional wired networks, be also to set up micro radio local at present The most frequently used equipment during net.Equivalent to a connection wired network and the bridge of wireless network, its Main Function is that each is wireless to AP Networking client is connected together, then by wireless network access network based on ethernet.
DNS is the abbreviation of computer domain name system (Domain Name System or Domain Name Service), it It is made up of Domain Name Resolver and name server.Name server refer to preserve All hosts in the network domain name and Correspondence IP address, and with domain name to be converted to the server of IP address function.Wherein domain name must correspond to an IP address, and IP address not necessarily has domain name.Domain name system is using the hierarchical organization for being similar to directory tree.Name server is client/server Server side in pattern, it mainly has two kinds of forms:Master server and forwarding server.Domain name is mapped as the mistake of IP address Journey is known as " domain name mapping ".It is on internet one-to-one (or many-one) between domain name and IP address, can also adopts Realized with DNS repeating queries one-to-many, although domain name is easy to people to remember, but IP address is only recognized between machine, the conversion between them Work is referred to as domain name mapping, and domain name mapping needs to be completed by special domain name resolution server, and DNS is exactly to carry out domain name mapping Server.During DNS is named for the TCP/IP networks such as Internet, computer kimonos is searched by user-friendly title Business.When user is input into DNS name in the application, this name resolving can be other associated letters by DNS service Breath, such as IP address.Because the network address that you are input into online is to parse to have found corresponding IP by domain name analysis system Address, could so surf the Net.In fact, domain name to eventually point to be IP.
OpenDNS provides DNS schemes for personal and commercial user.User can voluntarily select to use the service of OpenDNS Or the DNS service provided using locality ISP.Server group is placed on the place with strategic importance and substantial amounts of domain is used Name caching can make DNS query progress faster, so as to accelerate the retrieval rate of the page.The Query Result of DNS is sometimes by local Operating system or application cache are got off, so perhaps the increase of speed can not embody in inquiry every time, but locally The increase of result its inquiry velocity not having in caching is then apparent.Other features include an anti-phishing filter and input Correct (typo correction).By collecting malicious websites list, when user accesses these by their service maliciously During website, OpenDNS will block these malicious websites.OpenDNS starts anti-phishing service (PhishTank) recently, so The user in the whole world can just report and watch incredible fishing website.
Chinese Patent Application No. is CN201410004945.0, it is an object of the invention to provide one kind for realizing accessing control The method of system, equipment and system.Domain name and first access control of the first network equipment end according to corresponding to second network equipment Information, generates the second access control information corresponding with the first access control information, and is sent to DNS as domain name and set It is standby;Then set according to the application accessing request information to the second network equipment end, and the second network at the second network equipment end Domain name corresponding to standby end, generates the inquiry of the domain name information corresponding with application accessing request information, and inquiry of the domain name information is existed Inquired about in the DNS equipment corresponding with the second network equipment end, to determine the visit corresponding with application accessing request information Ask control information.Compared with prior art, the present invention based on the simplicity of DNS Protocol, ageing, reliability, security and The popularity of support, realizes the dynamic adjustment and unified management to access control information, improves to access control information The efficiency of management.
Chinese Patent Application No. is CN201410552834.3, a kind of network log-in management system, and it is related to network system Technical field, the output end in network signal source is connected with the input of satellite, and the output end of satellite is defeated with user terminal apparatus Go out end connection, the output end of data modifying apparatus connects with the input of data crushing device and user's POST receiving devices respectively Connect, the output end of data crushing device is connected with the input of warning device.Simple structure of the present invention, reasonable in design, network original Beginning data are transferred at subscription client by satellite, and initial data is stored, and are filled while being detected using sensitive content Put and initial data is detected, when information is not by virus pollution, user can directly receive and open, when initial data inspection When measuring problematic, first pass through data modifier and modify, client is sent to again, when that cannot change then directly by number Data are crushed according to reducing mechanism, and same alarm, the security that data are used is improved well.
In the prior art, it is not given to effective management that router accomplishes internet behavior, including time-based management, Management based on authority, the management based on access profile etc..
The content of the invention
The invention reside in a kind of router product of the internet behavior control for providing built-in OpenDNS, online can be accomplished Time management and control, the access profile management and control of online, the access content-level management and control of online, can also set various user's identity, Conveniently varying with each individual carries out network log-in management.
The present invention is achieved by the following technical solutions:
A kind of network log-in management method, methods described step includes:
The account that the online of setting network equipment is accessed;
To the time restriction that Account Settings online is accessed;
To the scope limitation that Account Settings online is accessed;
To the grade limitation that Account Settings online is accessed.
Further, described network log-in management method, in the account step that the online of the setting network equipment is accessed In also comprise the following steps:
To the account that same people accesses in the setting online of different occasions;
To the account that the different people setting online of same occasion is accessed;
To the similar similar keeper of the Account Settings at least one;Such as Group administrators, multigroup upper management person Deng;
At least one total keeper is set to the network equipment.
Total keeper administers multigroup upper management person, and multigroup upper management person administers multiple group management of its subordinate Member, Group administrators administer group membership (domestic consumer).According to situation needs, two-level management can be only set, such as under home environment It is provided only with total keeper and domestic consumer, it is also possible to set multiple management, such as large-scale company is respectively equipped with total keeper Department level keeper, section office grade keeper, group level keeper and domestic consumer.
In the public domain of company, the keeper in the region can be set, any domestic consumer for entering the region is restricted In the network log-in management strategy of keeper and the keeper setting in the region.
Further, described network log-in management method, in the time restriction accessed to Account Settings online Also comprise the following steps in step:
When the time restriction is met, the account can carry out online access by the network equipment;
When the time restriction is not met, the account is prohibited to proceed the online access.
Further, described network log-in management method, in the scope limitation accessed to Account Settings online Also comprise the following steps in step:
When the scope limitation is met, the account can carry out online access by the network equipment;
When the scope limitation is not met, the account is prohibited to carry out the online for exceeding system access.
Further, described network log-in management method, in the grade limitation accessed to Account Settings online Also comprise the following steps in step:
When the grade limitation is met, the account can carry out online access by the network equipment;
When the grade limitation is not met, the online that the account is prohibited to be overstepped the authority is accessed.
Further, described network log-in management method, methods described also comprises the following steps:
When time-out access occurring, exceeding the situation of system access or access of overstepping the authority, warning reminding is sent to relevant supervisor.
Pop-up advertisement in target ip address described in Ad blocking block intercepts;
Viral identification module scans the Virus or trojan horse program in the target ip address;In the case of above-mentioned 2 kinds, Also warning reminding is sent to relevant supervisor.
Total keeper of the such as above-mentioned situation of certain user generation, its Group administrators and the network equipment will receive warning reminding. Warning reminding can be sent in the communication softwares such as the SMS of related personnel, mailbox or QQ according to setting, can also connect phase The phone of pass personnel, and play default voice reminder.
Present invention also offers a kind of network equipment that can be used for managing internet behavior:
A kind of network equipment of network log-in management, including DNS service module, account management module, time management module With access level management module,
The DNS service module, target ip address is converted into for that will be accessed for domain name;
The account management module, for setting up different use identity;Such as total keeper, has the right for each access member Setting login account, to each Account Settings access authority.And identity includes total keeper, group of administrators keeper, user's group Keeper and domestic consumer etc.;
The time management module, the time authority for limiting online;
The hierarchical management module, the access profile authority for limiting online.
Further, the network equipment of described network log-in management, the network equipment also includes Ad blocking module, institute Ad blocking module is stated, for intercepting the pop-up advertisement in the target ip address.
Further, the network equipment of described network log-in management, the network equipment also includes viral identification module, institute Viral identification module is stated, for scanning Virus or trojan horse program in the target ip address.
Further, the network equipment of described network log-in management, the network equipment also includes alarm module,
The alarm module, for time-out access occurring, exceeding system access, access of overstepping the authority, advertisement pop-up or viral journey During the situation that sequence starts, warning reminding is sent to relevant supervisor.Alarm and alarm content such as are sent to setting terminal, Short message, wechat or call voice.
The present invention one of at least has the advantages that:
Either 1. instant invention overcomes the technical problem of original single online control --- it is complete to decontrol, or do not decontrol, Network log-in management effect is poor, and adaptability is not strong;
2. the present invention assigns the network equipment and can carry out specific online and intervenes, including the time management and control of online, online Access profile management and control, access content-level management and control of online etc.;
3. the present invention assigns the network equipment and can set various user's identity, and conveniently varying with each individual carries out internet behavior pipe Reason, can also set keepers at different levels, realize multistage management and control;
4. the network equipment that the present invention is provided not only can be used for the minor child's getting online at any moment of management and control in family, also can Management and control they access limitation;The internet behavior of management and control employee can also be used in enterprise, accessed between preventing them operationally The network address unrelated with work;
5th, the network equipment that the present invention is provided can also carry out warning reminding, notify that related management personnel grasp in real time common The violation operation situation of user;
6th, the network equipment that the present invention is provided, intelligence degree is strong, reliability is high, while execution efficiency is high, range of application Extensively.
Brief description of the drawings
The present invention is described in further detail with reference to the accompanying drawings and detailed description:
Fig. 1 is first embodiment of the invention schematic flow sheet;
Fig. 2 is first embodiment of the invention module diagram;
Fig. 3 is second embodiment of the invention schematic flow sheet;
Fig. 4 is second embodiment of the invention module diagram;
Fig. 5 is fourth embodiment of the invention network connection schematic diagram.
Description of reference numerals
The network equipment -200, DNS service module -210, account management module -220, time management module -230, grade pipe Reason module -240, Ad blocking module -250, viral identification module -260, alarm module -270.
Specific embodiment
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, below explanation and accompanying drawing are for the present invention It is exemplary, and is understood not to the limitation present invention.Numerous details are following description described to facilitate to this hair Sensible solution.However, in some instances, well known or conventional details is not specified, the requirement succinct to meet specification simultaneously.
In one typical computing hardware configuration of the application, client/terminal, the network equipment and trusted party include one Individual or multiple processors (CPU), input/output interface, network interface and internal memory.
Client, mobile terminal or the network equipment in the present invention include processor, are processed containing single core processor or multinuclear Device.Processor is alternatively referred to as one or more microprocessors, CPU (CPU) etc..More specifically, processor can be Complicated instruction set calculates (CISC) microprocessor, Jing Ke Cao Neng (RISC) microprocessor, very long instruction word (VLIW) Microprocessor, the processor of other instruction set is realized, or realize the processor of instruction set combination.Processor can also be one or many Individual application specific processor, such as application specific integrated circuit (ASIC), field programmable gate array (FPGA), digital signal processor (DSP), network processing unit, graphic process unit, network processing unit, communication processor, cipher processor, coprocessor, embedded Processor or be capable of process instruction any other type logical block.Processor is used to perform the behaviour that the present invention is discussed Make the instruction with step.
Client, mobile terminal or the network equipment in the present invention include memory, for storing big data, it may include one It is individual or multiple volatile storage devices, such as random access memory (RAM), dynamic ram (DRAM), synchronous dram (SDRAM), quiet State RAM (SRAM) or other kinds of storage device.Memory can be stored including being performed by processor or any other equipment The information of command sequence.For example, several operation systems, device driver, firmware (for example, input and output fundamental system or ) and/or the executable code and/or data of application program can be loaded in memory and by computing device BIOS.
The operating system of client, mobile terminal or the network equipment in the present invention can be any kind of operating system, Windows, Windows Phone of such as Microsoft, Apple Inc. IOS, the Android of Google, and Linux, Unix operating systems or other real-time or embedded OS VxWorks etc..
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, below explanation and accompanying drawing are for the present invention It is exemplary, and is understood not to the limitation present invention.Numerous details are following description described to facilitate to this hair Sensible solution.However, in some instances, well known or conventional details is not specified, the requirement succinct to meet specification simultaneously.This Equipment/the system and method for invention is referring to following embodiments:
First embodiment
As shown in Fig. 1 first embodiment of the invention schematic flow sheets:
A kind of network log-in management method, methods described step includes:
S100:The account that the online of setting network equipment is accessed;
S200:To the time restriction that Account Settings online is accessed;
S300:To the scope limitation that Account Settings online is accessed;
S400:To the grade limitation that Account Settings online is accessed.
Preferably, described network log-in management method, also comprises the following steps in the S100 steps:
S110:To the account that same people accesses in the setting online of different occasions;
S120:To the account that the different people setting online of same occasion is accessed;
S130:To the similar similar keeper of the Account Settings at least one;Such as Group administrators, multigroup higher level's pipe Reason person etc.;
S140:At least one total keeper is set to the network equipment.
Total keeper administers multigroup upper management person, and multigroup upper management person administers multiple group management of its subordinate Member, Group administrators administer group membership (domestic consumer).According to situation needs, two-level management can be only set, such as under home environment It is provided only with total keeper and domestic consumer, it is also possible to set multiple management, such as large-scale company is respectively equipped with total keeper Department level keeper, section office grade keeper, group level keeper and domestic consumer.
In the public domain of company, the keeper in the region can be set, any domestic consumer for entering the region is restricted In the network log-in management strategy of keeper and the keeper setting in the region.
Preferably, described network log-in management method, also comprises the following steps in the S200 steps:
S210:When the time restriction is met, the account can carry out online visit by the network equipment Ask;
S220:When the time restriction is not met, the account is prohibited to proceed the online access.
Preferably, described network log-in management method, also comprises the following steps in the S300 steps:
S310:When the scope limitation is met, the account can carry out online visit by the network equipment Ask;
S320:When the scope limitation is not met, the account is prohibited to carry out the online for exceeding system access.
Preferably, described network log-in management method, also comprises the following steps in the S400 steps:
S410:When the grade limitation is met, the account can carry out online visit by the network equipment Ask;
S420:When the grade limitation is not met, the online that the account is prohibited to be overstepped the authority is accessed.
A kind of network equipment that can be used for managing internet behavior is present embodiments provided, such as Fig. 2 is real for the present invention first Apply shown in a module diagram:
A kind of network equipment 200 of network log-in management, including DNS service module 210, account management module 220, time Management module 230 and access level management module 240,
The DNS service module 210, target ip address is converted into for that will be accessed for domain name;Including Domain Name Resolver And name server, the former is the latter
The account management module 220, for setting up different use identity;Such as total keeper, has the right to be accessed for each Member sets login account, to each Account Settings access authority.And identity includes total keeper, group of administrators keeper, uses Family Group administrators and domestic consumer etc.;
The time management module 230, the time authority for limiting online;
The hierarchical management module 240, the access profile authority for limiting online.
Account management module, can be fabricated to the function of similar OpenDNS, it is also possible to which OpenDNS functions are built in into net In network equipment, keep the setting/function in the network equipment synchronous with the setting/function holding of distal end OpenDNS, regularly update, Convenient use and management.
Account management can be overlapped and combine with access profile management, access time management and access level management etc., Make internet behavior management and control strategy more versatile and flexible, adapt to the demand of various occasions and user management.
Second embodiment
On the basis of embodiment one, the present embodiment additionally provides network log-in management method, and such as Fig. 3 is the present invention second Shown in embodiment schematic flow sheet, it is preferable that also comprise the following steps after the S400 steps:
S500:When time-out access occurring, exceeding the situation of system access or access of overstepping the authority, sent to relevant supervisor and alarmed Remind.
S600:Pop-up advertisement in target ip address described in Ad blocking block intercepts;
S700:Viral identification module scans the Virus or trojan horse program in the target ip address;Above-mentioned 2 kinds of feelings Under condition, also warning reminding is sent to relevant supervisor.
Total keeper of the such as above-mentioned situation of certain user generation, its Group administrators and the network equipment will receive warning reminding. Warning reminding can be sent in the communication softwares such as the SMS of related personnel, mailbox or QQ according to setting, can also connect phase The phone of pass personnel, and play default voice reminder.
The present embodiment additionally provides a kind of network equipment that can be used for managing internet behavior, and such as Fig. 4 is the present invention first Shown in embodiment module diagram:
On the basis of embodiment one, it is preferable that the network equipment of described network log-in management, the network equipment is also Including Ad blocking module 250, the Ad blocking module 250, for intercepting the pop-up advertisement in the target ip address.
Preferably, the network equipment of described network log-in management, the network equipment also includes viral identification module 260, the viral identification module 260, for scanning Virus or trojan horse program in the target ip address.
Preferably, the network equipment of described network log-in management, the network equipment also includes alarm module 270, institute Alarm module 270 is stated, for time-out access occurring, exceeding what system access, access of overstepping the authority, advertisement pop-up or Virus started During situation, warning reminding is sent to relevant supervisor.Such as alarm and alarm content are sent to setting terminal, it is short message, micro- Letter or call voice, such as " so-and-so is user, is accessing the website containing Virus ", " so-and-so is user, it is intended to access it not Website of authorization " etc..Facilitate the relevant supervisor very first time to know danger situation, or be easy to the very first time to carry out far Journey intervention is intervened.
3rd embodiment
It is now network world, teenager and child getting in contact network have a good chance.For father and mother, this is can to clap very much Idea.How their surf time is limited, such as chat, game, social networks, shopping and viewing videoHow not need Potential injury is protected them from the case of monitoring in 24 hours and avoids browsing improper content
The existing router with parental control function uses the surf time section of control device.In the time for allowing Section does not do corresponding filtering to Web content, even if can accomplish to add url filtering, this mode can only also shield a small amount of net Stand, do not have the effect of network protection;The time period of access network is not being allowed, cannot also go to obtain learning materials.This control Mode underaction processed, hommization.
The router product of a built-in OpenDNS parental control services that the present embodiment is related to.Can prevent improper And dangerous website, temporally (for example, facebook must not be accessed when doing homework) and classification (adult, game, social matchmaker Body etc.) limitation is accessed, while protecting family by a center control point (router of built-in OpenDNS parental control services) Infringement of the every equipment from Malware and fishing website on network.The need for providing the user personalized and flexibility.It is right In small business, school and other facilities for providing free WiFi, parent's control can also provide intelligent protection, by easy side Formula is monitored and protects your client, student or employee from the infringement of bad internet content and potential hacker.Parent controls The other internet content of up to 50 species can be prevented, such as, the web site contents such as social activity, adult, violence prevent identity theft and swindleness Deceive.
The router product of built-in OpenDNS parental control services.Improper and dangerous website can be prevented, temporally (for example, facebook must not be accessed when doing homework) and classification (adult, game, social media etc.) limitation are accessed, root The content that parent is not intended to allow child to see is closed down automatically according to the different mode in OpenDNS, as long as by this router The data of transmission will be controlled all, and father and mother can not only control the access of website, and the equipment of all connections can also be performed Home page filter.
Free parent's control software is present embodiments provided, the software can be monitored and limited in a flexible way System accesses the harmful content on internet.Parental control function is to support that OpenDNS is on safety and basis by OpenDNS The leading supplier in facilities services field, is allowed mutually by functions such as integrated web content filtering, anti-fishing website and DNS securities Networking is safer.
Built-in OpenDNS parental control services are exactly in fact that limitation accesses the website as defined in router.Define 5 Grade, from highest ranking is unlimited to, setting control is carried out by hierarchical management module 240:
(1) the router filter rank of the built-in OpenDNS parental control services of is divided into:(only hindered without (not preventing), minimum Only phishing), low (preventing erotica website and phishing), medium (prevent all websites relevant with adult, unlawful activities And phishing), high (prevent all websites relevant with adult, unlawful activities, social network sites, share screen website, Fishing net The content stood and lose time) five grades;
(2) creates a free account of OPENDNS, and certain time period is directed to after login, and particular device sets filtering etc. Level;
(3) is logged in remote access router parent control centre with existing OPENDNS accounts, can control family expenses The filtration grade of router.
So far, parental control function is introduced substantially.It is easy to use from the point of view of registration is used and intercepts result, and effect Substantially.
Fourth embodiment
As Fig. 5 be fourth embodiment of the invention network connection schematic diagram shown in, the present embodiment be related to " keeper is controlled in real time System " is family, small business and possesses the good fortune of the local communal facility as library, coffee-house of free Wi-Fi Sound --- anyone be substantially all want from be flooded be not suitable for content internet in obtain an extra protection, can all need " keeper's real-time control ".It possesses fully functional setting, is that other " monitoring " solutions do not possess;It is enabled users to It is enough to prevent more than the 50 different content of classification to cover by setting filter, including websites such as social activity, pornographic, violences. Additionally, these settings can be specifically designated each user and surf the Net every time.In other words, some websites or content can be in specific use It is intercepted when family is surfed the Net.
Benefit of the invention is also resided in:
One can avoid child's mistake from clicking on viral website and cause computer to be poisoned;Two can cultivate to child from this Good internet behavior;Three carry out this function can also use in small enterprise, it is to avoid employee operationally between access Entertainment sites.
It is obvious to a person skilled in the art that the invention is not restricted to the details of above-mentioned one exemplary embodiment, Er Qie In the case of without departing substantially from spirit or essential attributes of the invention, the present invention can be in other specific forms realized.Therefore, no matter From the point of view of which point, embodiment all should be regarded as exemplary, and be nonrestrictive, the scope of the present invention is by appended power Profit requires to be limited rather than described above, it is intended that all in the implication and scope of the equivalency of claim by falling Change is included in the present invention.Any reference in claim should not be considered as the claim involved by limitation.This Outward, it is clear that " including " word is not excluded for other units or step, odd number is not excluded for plural number.The multiple stated in device claim Unit or device can also be realized by a unit or device by software or hardware.The first, the second grade word is used for table Show title, and be not offered as any specific order.

Claims (10)

1. a kind of network log-in management method, it is characterised in that methods described step includes:
The account that the online of setting network equipment is accessed;
To the time restriction that Account Settings online is accessed;
To the scope limitation that Account Settings online is accessed;
To the grade limitation that Account Settings online is accessed.
2. network log-in management method according to claim 1, it is characterised in that in the online of the setting network equipment Also comprise the following steps in the account step of access:
To the account that same people accesses in the setting online of different occasions;
To the account that the different people setting online of same occasion is accessed;
To the similar similar keeper of the Account Settings at least one;Give network equipment setting at least one total management Member.
3. network log-in management method according to claim 1, it is characterised in that give Account Settings online described Also comprise the following steps in the time restriction step of access:
When the time restriction is met, the account can carry out online access by the network equipment;
When the time restriction is not met, the account is prohibited to proceed the online access.
4. network log-in management method according to claim 1, it is characterised in that give Account Settings online described Also comprise the following steps in the scope conditioning step of access:
When the scope limitation is met, the account can carry out online access by the network equipment;
When the scope limitation is not met, the account is prohibited to carry out the online for exceeding system access.
5. network log-in management method according to claim 1, it is characterised in that give Account Settings online described Also comprise the following steps in the grade conditioning step of access:
When the grade limitation is met, the account can carry out online access by the network equipment;
When the grade limitation is not met, the online that the account is prohibited to be overstepped the authority is accessed.
6. the network log-in management method according to claim 3 or 4 or 5, it is characterised in that methods described step also includes Following steps:
When time-out access occurring, exceeding the situation of system access or access of overstepping the authority, warning reminding is sent to relevant supervisor;
Pop-up advertisement in target ip address described in Ad blocking block intercepts;
Viral identification module scans the Virus or trojan horse program in the target ip address.
7. a kind of network equipment of network log-in management, including DNS service module, account management module, time management module and Access level management module, it is characterised in that
The DNS service module, target ip address is converted into for that will be accessed for domain name;
The account management module, for setting up different use identity;
The time management module, the time authority for limiting online;
The hierarchical management module, the access profile authority for limiting online.
8. the network equipment of network log-in management according to claim 7, it is characterised in that the network equipment also includes Ad blocking module,
The Ad blocking module, for intercepting the pop-up advertisement in the target ip address.
9. the network equipment of network log-in management according to claim 7, it is characterised in that the network equipment also includes Viral identification module,
The viral identification module, for scanning Virus or trojan horse program in the target ip address.
10. the network equipment of the network log-in management according to claim 7 or 8 or 9, it is characterised in that the network sets It is standby also to include alarm module,
The alarm module, opens for being accessed in generation time-out, exceeding system access, access of overstepping the authority, advertisement pop-up or Virus During dynamic situation, send warning reminding to relevant supervisor.
CN201611079368.7A 2016-11-30 2016-11-30 A kind of network equipment and network log-in management method Pending CN106789945A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611079368.7A CN106789945A (en) 2016-11-30 2016-11-30 A kind of network equipment and network log-in management method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611079368.7A CN106789945A (en) 2016-11-30 2016-11-30 A kind of network equipment and network log-in management method

Publications (1)

Publication Number Publication Date
CN106789945A true CN106789945A (en) 2017-05-31

Family

ID=58901154

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611079368.7A Pending CN106789945A (en) 2016-11-30 2016-11-30 A kind of network equipment and network log-in management method

Country Status (1)

Country Link
CN (1) CN106789945A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107241332A (en) * 2017-06-12 2017-10-10 中国联合网络通信集团有限公司 The treating method and apparatus of gateway authority
CN108494761A (en) * 2018-03-15 2018-09-04 四川斐讯信息技术有限公司 A kind of router network address filter method and filtration system
CN108632087A (en) * 2018-04-26 2018-10-09 四川斐讯信息技术有限公司 A kind of online management method and system based on router
CN109586928A (en) * 2018-12-21 2019-04-05 杭州全维技术股份有限公司 A kind of internet behavior blocking-up method based on the network equipment
CN109982409A (en) * 2019-04-11 2019-07-05 深圳市智微智能科技开发有限公司 Android advertisement machine WIFI is mapped with the method for big net, system, advertisement machine and storage medium
CN111262817A (en) * 2018-11-30 2020-06-09 中移物联网有限公司 Control method, control platform, gateway device and computer storage medium
CN115174248A (en) * 2022-07-18 2022-10-11 天翼云科技有限公司 Network access control method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998028690A1 (en) * 1996-12-20 1998-07-02 Livingston Enterprises, Inc. Network access control system and process
CN201887784U (en) * 2010-12-03 2011-06-29 成都飞鱼星科技开发有限公司 Multi-WAN (wide area network) broadband router with function of internet behavior management
CN102307114A (en) * 2011-09-21 2012-01-04 北京神州绿盟信息安全科技股份有限公司 Management method of network
CN202150865U (en) * 2011-05-27 2012-02-22 上海尹圣数码科技有限公司 System suitable for enterprises to carry out network behavior management
CN205142251U (en) * 2015-11-03 2016-04-06 嘉兴职业技术学院 A image management device for surfing net action
CN105871795A (en) * 2015-11-16 2016-08-17 乐视致新电子科技(天津)有限公司 Internet surfing control method and related device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998028690A1 (en) * 1996-12-20 1998-07-02 Livingston Enterprises, Inc. Network access control system and process
CN201887784U (en) * 2010-12-03 2011-06-29 成都飞鱼星科技开发有限公司 Multi-WAN (wide area network) broadband router with function of internet behavior management
CN202150865U (en) * 2011-05-27 2012-02-22 上海尹圣数码科技有限公司 System suitable for enterprises to carry out network behavior management
CN102307114A (en) * 2011-09-21 2012-01-04 北京神州绿盟信息安全科技股份有限公司 Management method of network
CN205142251U (en) * 2015-11-03 2016-04-06 嘉兴职业技术学院 A image management device for surfing net action
CN105871795A (en) * 2015-11-16 2016-08-17 乐视致新电子科技(天津)有限公司 Internet surfing control method and related device

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107241332A (en) * 2017-06-12 2017-10-10 中国联合网络通信集团有限公司 The treating method and apparatus of gateway authority
CN107241332B (en) * 2017-06-12 2020-04-14 中国联合网络通信集团有限公司 Gateway authority processing method and device
CN108494761A (en) * 2018-03-15 2018-09-04 四川斐讯信息技术有限公司 A kind of router network address filter method and filtration system
CN108632087A (en) * 2018-04-26 2018-10-09 四川斐讯信息技术有限公司 A kind of online management method and system based on router
CN108632087B (en) * 2018-04-26 2021-12-28 深圳市华迅光通信有限公司 Internet access management method and system based on router
CN111262817A (en) * 2018-11-30 2020-06-09 中移物联网有限公司 Control method, control platform, gateway device and computer storage medium
CN109586928A (en) * 2018-12-21 2019-04-05 杭州全维技术股份有限公司 A kind of internet behavior blocking-up method based on the network equipment
CN109982409A (en) * 2019-04-11 2019-07-05 深圳市智微智能科技开发有限公司 Android advertisement machine WIFI is mapped with the method for big net, system, advertisement machine and storage medium
CN115174248A (en) * 2022-07-18 2022-10-11 天翼云科技有限公司 Network access control method and device
CN115174248B (en) * 2022-07-18 2023-08-04 天翼云科技有限公司 Control method and device for network access

Similar Documents

Publication Publication Date Title
CN106789945A (en) A kind of network equipment and network log-in management method
Rani et al. Amalgamation of advanced technologies for sustainable development of smart city environment: A review
Owen et al. The tor dark net
Sadiq et al. A review of phishing attacks and countermeasures for internet of things‐based smart business applications in industry 4.0
US7555776B1 (en) Push alert system, method, and computer program product
Razouk et al. A new security middleware architecture based on fog computing and cloud to support IoT constrained devices
Kizza Computer network security and cyber ethics
JP4891299B2 (en) User authentication system and method using IP address
CN105745869B (en) For regional network/home network security gateway
US20160261606A1 (en) Location-based network security
CN106713332A (en) Network data processing method, device and system
CN110086825B (en) Unmanned aerial vehicle power inspection data safety transmission system and method
ES2768049T3 (en) Procedures and systems to secure and protect repositories and directories
CN108027808A (en) Internet security and management device
Pecorella et al. “Network Sentiment” Framework to Improve Security and Privacy for Smart Home
Iloyovich INFORMATION SECURITY AND CYBERSECURITY TRAINING IN THE HIGHER EDUCATION SYSTEM
Malik et al. Cloud-IoT Integration: Cloud Service Framework for M2M Communication.
CN112291264B (en) Security control method, device, server and storage medium
US20190334936A1 (en) Malicious website discovery using web analytics identifiers
US8239941B1 (en) Push alert system, method, and computer program product
Kumari et al. A critical analysis of privacy and security on social media
CN104010021A (en) Network consultation platform
US9805585B1 (en) Distress transmission
Fischer The internet of things: frequently asked questions
Ghosh et al. Cyber security issues by using the Internet of Things (IoT)-A legal analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20170531