摘要：【中文】本发明实施例公开了一种浏览器内外网登录的控制方法、装置和设备，涉及浏览器领域，该控制方法包括：在目标用户进行浏览器登录时，获取所述目标用户的全称互联网协议IP地址，所述目标用户的IP地址是所述目标用户提供的；根据所述目标用户的IP地址判断目标用户是否为内网登录；如果判定目标用户为内网登录，则向目标用户提供内网相关信息。本发明可以使用同一用户名进行内网登录和外网登录，并根据用户登录方式和用户权限信息提供相应的信息。 【EN】The embodiment of the invention discloses a method, a device and equipment for controlling intranet and intranet login of a browser, which relate to the field of browsers, and the control method comprises the following steps: when a target user logs in a browser, acquiring a full-name Internet Protocol (IP) address of the target user, wherein the IP address of the target user is provided by the target user; judging whether the target user is logged in for the intranet or not according to the IP address of the target user; and if the target user is judged to be logged in by the intranet, providing intranet related information for the target user. The invention can use the same user name to carry out internal network login and external network login, and provides corresponding information according to the user login mode and the user authority information.

摘要：【中文】本发明实施例提供的一种用于网关的数据缓存方法及系统，该数据缓存方法包括：获取网关连接的所有客户端的数据缓存列表，所述数据缓存列表包括常用网络列表、加载失败列表；根据所述数据缓存列表，向网络请求目标缓存数据；接收网络发送的目标缓存数据，并存储于所述网关，本发明实施例，所有客户端通过网关访问网络，因此将数据缓存在网关中，对于使用同一个网关的客户端来讲，访问相同的网络数据的概率较大，因此，可以避免每个客户端各自缓存数据，将数据集中在网关缓存，减少存储空间的占用，而且能够加快用户对网络的访问速度，提高用户的工作效率。 【EN】The embodiment of the invention provides a data caching method and a data caching system for a gateway, wherein the data caching method comprises the following steps: acquiring data cache lists of all clients connected with a gateway, wherein the data cache lists comprise a common network list and a loading failure list; according to the data cache list, requesting target cache data from a network; in the embodiment of the invention, all clients access the network through the gateway, so that the data are cached in the gateway, and for the client using the same gateway, the probability of accessing the same network data is higher, so that the data can be prevented from being cached by each client, the data are cached in the gateway in a centralized manner, the occupation of storage space is reduced, the access speed of a user to the network can be accelerated, and the working efficiency of the user is improved.

摘要：【中文】本发明实施例公开了浏览器数据的处理方法、系统和设备，涉及浏览器技术领域，该处理方法包括：通过浏览器获取目标应用程序的使用情况数据，所述目标应用程序通过所述浏览器启动；根据所述使用情况数据和接收到的第一统计条件得到所述目标应用程序的第一目标统计数据；对所述第一目标统计数据进行可视化操作。本发明可以对浏览器目标应用的使用情况进行统计分析得到最真实且最反映用户态度的数据，并通过例如图表的可视化方法对用户进行显示，方便用户根据使用情况对目标应用进行改进和完善。 【EN】The embodiment of the invention discloses a method, a system and equipment for processing browser data, which relate to the technical field of browsers, and the processing method comprises the following steps: acquiring service condition data of a target application program through a browser, wherein the target application program is started through the browser; obtaining first target statistical data of the target application program according to the use condition data and the received first statistical condition; and performing visualization operation on the first target statistical data. The method and the device can perform statistical analysis on the use condition of the target application of the browser to obtain the data which is the truest and most reflects the user attitude, and display the data to the user through a visualization method such as a chart, so that the user can improve and perfect the target application conveniently according to the use condition.

摘要：【中文】本发明实施例提供的一种网络安全统一管控方法、管控端、客户端、设备，该方法用于管控端，包括：接收客户端发送的登录信息，其中所述登录信息，包括用户身份信息；根据所述登录信息在用户权限配置列表中查找与所述登录信息对应的配置权限信息；将所述配置权限信息发送到所述客户端，以根据所述配置权限信息对所述客户端进行配置；其中，所述用户权限配置列表用于存储用户以及与用户对应的权限配置信息，本发明实施例提供的管控方法，能够对客户端进行自动化的权限和配置设置，只要用户在客户端登录，即可查找到对应的配置权限信息对用户所在的客户端进行配置，节省了用户的配置时间，对这些企业人员的客户端的权限、配置进行有效管理，方便快捷。 【EN】The embodiment of the invention provides a unified management and control method for network security, a management and control end, a client and equipment, wherein the method is used for the management and control end and comprises the following steps: receiving login information sent by a client, wherein the login information comprises user identity information; searching configuration authority information corresponding to the login information in a user authority configuration list according to the login information; sending the configuration permission information to the client to configure the client according to the configuration permission information; the management and control method provided by the embodiment of the invention can carry out automatic authority and configuration setting on the client, and the client where the user is located can be configured by finding the corresponding configuration authority information as long as the user logs in the client, so that the configuration time of the user is saved, the authority and the configuration of the client of enterprise personnel are effectively managed, and the management and control method is convenient and fast.

摘要：【中文】本发明实施例涉及网络安全技术领域，具体涉及一种终端可信级别评估方法、装置、设备和存储介质。一种终端可信级别评估方法，包括：确定对终端安全有影响的安全参考因素；以及安全参考因素的状态；根据每一个安全参考因素的状态确定所述安全参考因素对评级贡献的分数；根据每一个安全参考因素对评级贡献的分数计算总分数；根据所述总分数确定对应的级别。通过本发明的终端可信级别评估方法，可以确定终端的可信级别，从而决定该终端能否访问服务器，如果终端的级别不够，则确定不允许访问服务器，从而提高了安全性。 【EN】The embodiment of the invention relates to the technical field of network security, in particular to a method, a device, equipment and a storage medium for evaluating the credibility level of a terminal. A terminal credibility level evaluation method comprises the following steps: determining a safety reference factor influencing the safety of the terminal; and the status of the safety reference factor; determining a score of contribution of each safety reference factor to the rating according to the state of the safety reference factor; calculating a total score according to the score of each safety reference factor contributing to the rating; and determining the corresponding grade according to the total score. The terminal credibility level evaluation method can determine the credibility level of the terminal so as to determine whether the terminal can access the server, and if the terminal does not have enough level, the terminal is determined not to be allowed to access the server, so that the safety is improved.

摘要：【中文】本发明实施例涉及网络安全技术领域，具体涉及一种发现应用的方法、装置、设备和存储介质。本发明实施例公开了一种发现应用的方法，应用于管理平台，包括：接收运维管理人员输入的域名或地址；如果确定所述域名获得地址为模糊的域名或者地址；则确定所述模糊的域名或者地址中的第一部分和第二部分；所述第一部分为模糊部分；所述第二部分为精确部分；根据所述第二部分确定所述域名或者地址对应的单元名称；根据所述单元名称确定出所述单元授权使用的所有的应用；对于每一个应用，根据所述应用名称确定出所述应用的域名或者地址；显示为所述单元授权使用的所有的应用的域名或者地址。本申请的方法有助于运维人员发现应用，从而避免遗漏应用。 【EN】The embodiment of the invention relates to the technical field of network security, in particular to a method, a device, equipment and a storage medium for discovering applications. The embodiment of the invention discloses a method for discovering application, which is applied to a management platform and comprises the following steps: receiving a domain name or an address input by an operation and maintenance manager; if the domain name acquisition address is determined to be a fuzzy domain name or address; determining a first portion and a second portion of the ambiguous domain name or address; the first portion is a blurred portion; the second portion is a precision portion; determining a unit name corresponding to the domain name or address according to the second part; determining all applications authorized to be used by the unit according to the unit name; for each application, determining a domain name or an address of the application according to the application name; the domain names or addresses of all applications authorized for use by the unit are displayed. The method is helpful for operation and maintenance personnel to find the application, so that the application omission is avoided.

摘要：【中文】本发明实施例涉及网络安全技术领域，具体涉及一种enterport整体流量控制方法和装置。一种enterport整体流量控制方法，应用于客户端，包括：接收用户在普通浏览器地址栏中输入的访问的地址；判断所述访问的地址是否在代理列表中；如果否，则不进行处理。通过本发明可以控制对业务系统的访问，只有权限的用户才可以访问公司内部的业务系统，并不是所有的用户都有权限访问到公司内网中的业务系统，从而提高了公司内网的安全性。 【EN】The embodiment of the invention relates to the technical field of network security, in particular to a method and a device for controlling the overall flow of an entry. An entity port overall flow control method is applied to a client and comprises the following steps: receiving an access address input by a user in an address bar of a common browser; judging whether the accessed address is in an agent list or not; if not, no processing is performed. The invention can control the access to the business system, only the authorized users can access the business system in the company, and not all the users have the authority to access the business system in the company intranet, thereby improving the safety of the company intranet.

摘要：【中文】本发明实施例公开了一种基于企业浏览器实现的网络安全验证方法和装置，其中，所述方法包括：预先根据所述访问权限范围信息的差异分别生成相应的策略ID，并构建包含所述策略ID和访问权限范围对应关系的访问权限列表；获取用户基于企业浏览器发送的HTTP请求数据包，并提取出目标策略ID；利用所述目标策略ID遍历所述访问权限列表进行匹配验证，若匹配验证通过，则根据所述目标策略ID确定用户的访问权限范围，并基于所述访问权限范围向所述企业浏览器返回相应的响应内容。采用本发明所述的方法，能够通过验证HTTP请求数据包中策略ID的方式，确定用户的访问权限，减小了业务系统的暴露面，提高了基于企业浏览器访问业务系统数据的安全性。 【EN】The embodiment of the invention discloses a network security verification method and a device based on an enterprise browser, wherein the method comprises the following steps: generating corresponding strategy IDs respectively according to the difference of the access authority range information in advance, and constructing an access authority list containing the corresponding relation between the strategy IDs and the access authority ranges; acquiring an HTTP request data packet sent by a user based on an enterprise browser, and extracting a target strategy ID; and traversing the access authority list by using the target strategy ID for matching verification, if the matching verification is passed, determining the access authority range of the user according to the target strategy ID, and returning corresponding response content to the enterprise browser based on the access authority range. By adopting the method, the access authority of the user can be determined by verifying the strategy ID in the HTTP request data packet, the exposed surface of the service system is reduced, and the security of accessing the service system data based on the enterprise browser is improved.

摘要：【中文】本发明实施例涉及网络技术领域，具体涉及一种私网IP转换方法和装置。一种私网IP转换方法，应用于网关，该方法包括：接收来自于当前的业务系统的网页数据；判断所述网页数据中的链接地址是否是业务系统的绝对链接地址；如果是，则将所述绝对链接地址替换为预先设定的地址；将包含有所述预先设定的地址的网页数据发送给客户端。通过本发明的方法，网页在发送给客户端以前，在网关处就将绝对链接地址替换为预定格式的地址，替换后，客户端的页面上呈现的是替换后的地址，客户端可知点击替换后的地址直接访问业务系统。提高了客户端访问业务系统的便利性。 【EN】The embodiment of the invention relates to the technical field of networks, in particular to a private network IP conversion method and a private network IP conversion device. A private network IP conversion method is applied to a gateway and comprises the following steps: receiving webpage data from a current business system; judging whether the link address in the webpage data is an absolute link address of a service system; if yes, replacing the absolute link address with a preset address; and sending the webpage data containing the preset address to a client. By the method, the absolute link address is replaced by the address with the preset format at the gateway before the webpage is sent to the client, the replaced address is presented on the webpage of the client after the replacement, and the client can know that the address after the replacement is clicked to directly access the service system. The convenience of the client side for accessing the service system is improved.

摘要：【中文】本发明实施例涉及网络安全技术领域，具体涉及一种预警方法、装置、设备和存储介质。本发明实施例公开了一种预警方法，应用于安全管理平台，包括：获取用户访问服务器的行为参数信息；判断所述行为参数信息是否异常；如果确定所述参数信息异常，则发出报警信息。上述方法，可以监控用户的行为参数信息；如果异常，则发出报警信息；从而提高了公司内网的安全性能。 【EN】The embodiment of the invention relates to the technical field of network security, in particular to an early warning method, an early warning device, early warning equipment and a storage medium. The embodiment of the invention discloses an early warning method which is applied to a safety management platform and comprises the following steps: acquiring behavior parameter information of a user accessing a server; judging whether the behavior parameter information is abnormal or not; and if the parameter information is determined to be abnormal, sending alarm information. The method can monitor the behavior parameter information of the user; if the abnormal condition exists, alarm information is sent out; thereby improving the safety performance of the intranet of the company.