資源描述:
《寬頻網(wǎng)路設(shè)備的需求與規(guī)劃》由會員上傳分享����,免費在線閱讀��,更多相關(guān)內(nèi)容在行業(yè)資料-天天文庫�。
1、寬頻網(wǎng)路設(shè)備的需求與規(guī)劃麟瑞科技網(wǎng)路工程師溫德鈞2002/12/13國立交通大學(xué)Agenda寬頻網(wǎng)路設(shè)備的需求網(wǎng)路流量統(tǒng)計-MRTG-NetFlow&sFlow廣告郵件預(yù)防-MailServerConfiguration-GatewayProtection網(wǎng)路攻擊行為預(yù)防-入侵偵測系統(tǒng)(IDS)不當(dāng)資訊防治-CacheSolutionQ&AOct.1999?1999FoundryNetworks,Inc.2IronCladPolicyBasedNetworkManagement寬頻設(shè)備的需求新世代寬頻骨幹中小學(xué)以10Mbpsor100Mbps連上縣網(wǎng)中心需要符合下列幾項連線規(guī)範網(wǎng)路設(shè)備的
2����、流量統(tǒng)計網(wǎng)路流量的排行與分析(前30名流量)廣告信阻擋機制不當(dāng)資訊過濾機制Oct.1999?1999FoundryNetworks,Inc.3IronCladPolicyBasedNetworkManagement網(wǎng)路流量統(tǒng)計Oct.1999?1999FoundryNetworks,Inc.4IronCladPolicyBasedNetworkManagementMRTG簡介MRTG的運作方式MRTG是透過SNMPMIB值所提供的資料來監(jiān)控網(wǎng)路流量所有MRTG所偵測的裝置都必須符合SNMP通訊協(xié)定支援設(shè)備具SNMP功能的網(wǎng)路設(shè)備(Router/Switch)UNIX/Linux/Wind
3、ows2000(需將SNMPAgentenable)等作業(yè)系統(tǒng)皆支援SNMP協(xié)定可監(jiān)控內(nèi)容介面流量CPU使用率(監(jiān)控Server需額外安裝外掛程式)RAM使用率(監(jiān)控Server需額外安裝外掛程式)Oct.1999?1999FoundryNetworks,Inc.5IronCladPolicyBasedNetworkManagementRequestMTRGServerSwitchRouterServerMIB數(shù)值製成網(wǎng)頁圖表MRTG運作過程Oct.1999?1999FoundryNetworks,Inc.6IronCladPolicyBasedNetworkManagementNetF
4��、low&sFlow簡介NetFlow&Sflow可紀錄每一筆流量的封包資料FlowCollector則根據(jù)這些資料作流量的分析與統(tǒng)計NetFlow為Cisco所制定sFlow定義在RFC1376NetFlow可MonitorL3~L4的封包資訊sFlow可MonitorL2~L7的封包資訊支援產(chǎn)品:NetFlow–Cisco系列RouterandSwitchsFlow–Foundry系列Switch/HP系列產(chǎn)品Collector產(chǎn)品-RingLineFlowTrackerandNetalyzer-InMon-GenieNRMNetelligentOct.1999?1999Foundry
5�、Networks,Inc.7IronCladPolicyBasedNetworkManagementRouterSwitchFlowCollector&MonitorDBServerWebServerBrowserClientBrowserNetFlowsFlowsFlowNetFlowAnalyzerAnalyzerNetFlow&sFlow簡介Oct.1999?1999FoundryNetworks,Inc.8IronCladPolicyBasedNetworkManagementSourceIPAddressDestinationIPAddressSourceASNumberDes
6、tinationASNumberInputphysicalinterfaceOutputphysicalinterfaceSourceTCP/UDPportDestinationTCP/UDPportPacketcountBytecountStarttimestampEndtimestampNexthopaddressIPprotocolTOSbyteTCPflagAddressInterfaceApplicationStatisticsSourceSubnetMaskDestinationSubnetMaskNetFlowDatagramOct.1999?1999FoundryNetw
7����、orks,Inc.9IronCladPolicyBasedNetworkManagementsFlowDatagramsFlowagentJetCoreASICStatisticalPacketSamplingTechnologyOrVelocityMgmt.ModulesFlowDatagramPacketHeaderAnalysisMACVLAN(802.1qand802.1p)IPv4Header,includingTCP,U
