首页|基于eNSP的智慧矿山网络防火墙技术研究

基于eNSP的智慧矿山网络防火墙技术研究

扫码查看
原文链接
  • NETL
  • NSTL
  • 万方数据
智慧矿山建设是矿业行业的未来发展趋势,也是推动我国制造业向高质量发展的重要抓手.为了解决智慧矿山网络建设过程中网络易受到攻击等安全问题,引进eNSP并对智慧矿山网络进行了仿真与模拟.搭建了基于eNSP的智慧矿山网络拓扑总体架构,模拟了煤矿井下和地面网络中的交换机、防火墙等网络设备,在矿山网络内外网分界处部署了较多的防火墙设备,实现了 VRRP技术、双机热备技术、防火墙安全策略、IPSec加密协议等防火墙相关技术;拓扑分为内网和外网两部分,内网由地面部分和井下部分构成,井下部分和地面部分均由网络三层架构及分布式存储服务器群组成;对各个区域划分了 IP地址和安全区域、配置了安全策略,地面部分和井下部分之间通过安全隧道IPSec建立连接.通过数据抓包等方式验证设计的可行性,并对实验结果进行分析,结果表明,本次模拟能够为实际智慧矿山网络的建设提供参考,指出了采用主备建立思想能够更大程度保证数据永不丢失和系统永不停顿,验证了防火墙在网络规划中的重要性和必要性,达到了实验目的和技术预想.
Research on smart mine network firewall technology based on eNSP
Smart mine construction is the future development trend of mining industry,and it is also an important starting point to promote the high-quality development of China's manufacturing industry.In order to solve the security problems such as network vulnerability in the process of smart mine network construction,eNSP was introduced and the smart mine network was simulated and simulated.The overall topology architecture of the smart mine network based on eNSP was built,the switches,firewalls and other network devices in the underground and surface networks of coal mines were simulated,and more firewall devices were deployed at the boundary between the local area network(LAN)and wide area network(WAN)of the mine network,and firewall-related technologies such as VRRP technology,hot standby technology,firewall security policy,and IPSec encryption protocol were realized.The topology was divided into two parts:LAN and WAN,and the LAN was composed of a surface part and an underground part,and the two parts were composed of three-layer network architecture and distributed storage server group.IP addresses and security zones were divided for each region,security policies were configured,and connections were established between the surface and underground parts through the secure tunnel IPSec.The feasibility of the design was verified through data capture and other methods,and the experimental results were analyzed.The results show that this simulation can provide a reference for the construction of the actual smart mine network,and it is pointed out that the idea of active and standby establishment can ensure to a greater extent that data is never lost and the system never stops,which verifies the importance and necessity of the firewall in network planning,and achieves the experimental purpose and technical expectations.

eNSPsmart mine networkfirewallVRRP technologydual-machine hot standby technologyIPSec encryption protocol

张科学、吕鑫淼、郑庆学、王晓玲、李小磊、刘昇、刘伟、李鑫磊、闫星辰、许雯、尹宇航

展开 >

华北科技学院河北省矿山智能化开采技术重点实验室,河北省廊坊市,065201

中国矿业大学<北京>隧道工程灾变防控与智能建养全国重点实验室,北京市海淀区,100083

华北科技学院智能化无人开采研究所,河北省廊坊市,065201

华北科技学院矿山安全学院,河北省廊坊市,065201

开滦<集团>有限责任公司,河北省唐山市,063000

山西朔州山阴金海洋元宝湾煤业有限公司,山西省朔州市,036900

焦作煤业<集团>新乡能源有限公司,河南省新乡市,453634

展开 >

eNSP 智慧矿山网络 防火墙 VRRP技术 双机热备技术 IPSec加密协议

中国科协科技智库青年人才计划深部岩土力学与地下工程国家重点实验室(北京)开放基金资助项目贵州省科技重大专项课题中央高校基本科研业务费资助项目中央高校基本科研业务费资助项目

20220615ZZ07110397SKLGDUEK1822黔科合重大专项字[2021]3001-0331420210073142019009

2024

10.19880/j.cnki.ccm.2024.08.013

中国煤炭
煤炭信息研究院

中国煤炭

CSTPCD北大核心
影响因子:0.736
ISSN:1006-530X
年,卷(期):2024.50(8)