| 摘要 |
A security switch, and security system and method are provided to make a security switch cut off bad traffics among ports automatically and to monitor the current state inside a network in real time based on the information as to packets transmitted to a control sever. A RAM(140) stores an inputted packet. A controller(110) analyzes the stored packet data to determine whether to block the packet, and when the packet is to be blocked, the controller(110) outputs a blocking command and transmits a state with respect to the packet. A security switch(100) includes a switch fabric(150) blocks the packet when receiving the blocking command from the controller(110). A control server stores information about a blocking and releasing state of the packet and traffic status information, and transmits information about a packet to be blocked manually to a manager. When the security switch(100) is in a blocking mode and the packet should be blocked, the controller(110) outputs the blocking command with respect to the packet. When the security switch(100) is in a detect mode, although the packet should be blocked, the controller(110) records information on the packet and does not output the blocking command. When the security switch(100) is in a release mode, although the packet should be blocked, the controller(110) does not output the blocking command nor record the information on the packet.
|
