Management method and system for configuration simplification of terminal safety equipment
The invention provides a management method and system for configuration simplification of terminal safety equipment. The method comprises the steps that a digital certificate system is set, IPSec VPN communication parameters for mutual communication between the terminal safety equipment and main station safety equipment are automatically configured through the digital certificate system, the digital certificate system generates digital certificate files of the terminal safety equipment and the main station safety equipment to complete initialization of the terminal safety equipment, the certificate file of the terminal safety equipment and the IPSec VPN communication parameters are sent onto the main station safety equipment so as to enable both the terminal safety equipment and the main station safety equipment to be capable of recognizing the IPSec VPN communication parameters for communication, and when the terminal safety equipment is powered on to work, the terminal safety equipment reads the corresponding IPSec VPN communication parameters to realize IPSec VPN communication. According to the management method for configuration simplification, a WEB management program does not need to be developed on the terminal safety equipment, a complex webpage operation process is not needed, complex CONSOL configuration instructions are not needed, the management process and method for configuration of the terminal safety equipment are simplified and concentrated management for the whole network equipment is enhanced due to the fact that the system burden brought by configuration management is reduced. 1. A terminal safety equipment streamline configuration management method, characterized in that comprises the steps of: Digital Certificate system is, through the digital Certificate system automatically generates a primary station safety device and digital Certificate file of IPSec VPN communication parameter; Through the digital Certificate system generates the Certificate file terminal safety equipment, safety equipment to complete the initialization of the terminal; Through the main safety equipment into the terminal security device digital certificates and IPSec VPN communication parameter, IPSec VPN communication strategy is generated; When the terminal security the power up of the apparatus when the work, reading IPSec VPN communication parameter, according to the IPSec VPN communication strategy, the establishment of the security device and the terminal position of the safety equipment between VPN IPSec communication, the streamlining of the safety equipment of the terminal configuration. 2. A terminal safety device streamline configuration management method according to Claim 1, characterized in that the through the digital Certificate system generates the Certificate file terminal safety equipment, safety equipment to complete the initialization of the terminal specific includes the steps of: Receiving the digital Certificate system sends the initialization request, generates a random number sequence, public-private key pair is generated; According to the generated public/private key P10 request information, and transmits the P10 request information to the digital Certificate system; Receiving the digital Certificate system according to the P10 the Certificate file information, and good agreement of the IPSec VPN communication parameter; Decompressing, verification, keeping the digital Certificate system and about the Certificate file sent by the communication parameter IPSec VPN, to complete the terminal security device initialization. 3. A terminal safety equipment streamline configuration management system, characterized in that comprises: Setting module, digital Certificate system for setting, through the digital Certificate system automatically generates a primary station safety device and digital Certificate file of IPSec VPN communication parameter; Terminal device initialization module, used for through the digital Certificate system generates the Certificate file terminal safety equipment, safety equipment to complete the initialization of the terminal; Communication strategy generating module, used for through the main safety equipment into the terminal security device digital certificates and IPSec VPN communication parameter, IPSec VPN communication strategy is generated; Streamline configuration module, when the terminal used for the safe power up of the apparatus, the communication parameter reading IPSec VPN, VPN communication strategy according to IPSec, the establishment of the security device and the terminal position of the safety equipment between VPN IPSec communication, the streamlining of the safety equipment of the terminal configuration. 4. A terminal safety device streamline configuration management system according to Claim 3, characterized in that the terminal device initialization module comprising: Public/private key production unit, for receiving the digital Certificate system sends the initialization request, generates a random number sequence, public-private key pair is generated; Sending unit, under a public-private key for the generated P10 request information, and transmits the P10 request information to the digital Certificate system; Receiving unit, for receiving the digital Certificate system according to the P10 the Certificate file information, and good agreement of the IPSec VPN communication parameter; Initializing unit, used for decompression, verification, keeping the digital Certificate system and about the Certificate file sent by the communication parameter IPSec VPN, to complete the terminal security device initialization.