摘要
科学大数据的传输通常对网络传输性能有着不同于普通互联网的更高的要求,而在实际的生产网尤其是局域网中,通常会部署防火墙、入侵检测系统等多种网络安全设备,这些设备给业务流的传输提供了安全保障,但同时也影响了网络的传输性能。文章利用新型的软件定义网络技术,提出了一种基于SDN的科学DMZ网络架构,在保障业务流安全的同时,对可信任的科学数据流进行处理,以保障科学数据的传输性能。
The transmission of scientific big data usually has high requirements for network transmission performance different from ordinary Internet applications. In actual production networks, especially in LANs, many network security devices such as firewalls and IDS are usually deployed, these devices provide security for the transmission of traffic, but also affect network transmission performance. This paper uses the new software-defined networking technology, proposed a scientific DMZ network architecture based on software-defined networking. While protecting the security of common business flows, it handles the trusted scientific data stream flexibly to ensure the transmission performance of scientific data.
作者
周亚球
任勇毛
李琢
周旭
ZHOU Yaqiu;REN Yongmao;LI Zhuo;ZHOU Xu(Computer Network Information Center,Chinese Academy of Sciences,Beijing 100190,China;University of Chinese Academy of Sciences,Beijing 100049,China)
出处
《信息网络安全》
CSCD
北大核心
2019年第9期134-138,共5页
Netinfo Security
基金
国家自然科学基金[61601443]
中国科学院信息化专项[XXH13501-05]
中国科学院计算机网络信息中心项目[ZXRW-201601]
国家科技重大专项[2018ZX03001015,2018ZX03001021]
关键词
科学数据传输
软件定义网络
科学DMZ
scientific data transmission
software-defined networking
scientific DMZ