Affordable Access

A Reflective NetGAP Design and its Session Mechanism Realization based on Agent

Publication Date
  • Network Isolation System
  • Reflective
  • Netgap
  • Session Mechanism
  • Agent


Adopting expert hardware to physical isolate the Trusted network from the Non-Trusted network can prevent all kinds of attack basing on network layer and operating system layer etc. This paper comes up with network isolation system model based on Reflective architecture. The Reflective GAP is hardware-based and its purpose is to rapidly mirror buffers between the Non-Trusted memory and the Trusted memory. We realize it by LVDS bus and high speed double switch technique. Its activities are achieved using store & forward of memory blocks. Its software system comprises with seven main basic modules.Its session strides over both sides of the network. Based on several kinds of agent component with file accumulation, content inspection, file transmittance, protocol stream control and so on, it can easily establish a new connection, dealt with protocol events and close a connection process in a session. According to practice it indicates the session mechanism basing on agent can effectively increase the security of the internal network and keep the adaptability of network security system.

There are no comments yet on this publication. Be the first to share your thoughts.