Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for monitoring network

A network monitoring and monitoring unit technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve the problems of high false alarm rate, inaccurate security accident positioning, affecting network connection and traffic monitoring, etc., to achieve accurate positioning. Simple, provide network security, and reduce the difficulty of fault location and troubleshooting

Active Publication Date: 2015-08-12
HANDAN BRANCH OF CHINA MOBILE GRP HEBEI COMPANYLIMITED
View PDF4 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Obviously, the monitoring with the security domain as the management unit can only locate the security domain when a security fault occurs, but not the specific virtual machine or physical machine, so there is a problem of insufficient positioning accuracy
At the same time, the security domain is monitored as a unit. Due to the large number of monitoring equipment, it is easy to miss the safety accident, so the false report rate is high.
[0004] In addition, in the prior art, the connection and traffic monitoring between physical machines are all done through the monitoring of routers. The router itself cannot completely and accurately reflect the connection and traffic between physical machines, and the configuration of the router itself It will also affect network connection and traffic monitoring, which will easily lead to inaccurate positioning when a security incident occurs; when there is a positioning error, it needs to be manually eliminated in turn, which will lead to a lot of waste of manpower and material resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for monitoring network
  • Method and device for monitoring network
  • Method and device for monitoring network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] Such as figure 1 As shown, this embodiment provides a network monitoring method, the method comprising:

[0057] Step S110: extracting the source address in the data packet;

[0058] Step S120: query the source address in the pre-generated trusted list;

[0059] Step S130: When the trusted list does not include the source address, stop the transmission of the data packet and send first warning information.

[0060] A data packet usually includes two parts, a header and a text, and the header usually includes an IP address and a sending port of the device sending the data packet. A device usually corresponds to only one IP address corresponding to multiple ports.

[0061] The source address is the address of the device sending the data packet, specifically an IP address or an IP address and a sending port. When the source address is an IP address, according to the sending of the alarm information, it is possible to specifically track and locate which physical device ...

example 1

[0123] Such as image 3 As shown, this example includes:

[0124] Step S310: Extract the IP address or IP address and port in the data packet; in this example, the IP address and port are used as a variable / field, and the IP address is used to indicate the device where the port is located.

[0125] Step S320: Compare the IP address or the IP address and port with the records in the trusted list.

[0126] Step S331: Directly release the data packet for the IP address or IP address and port number with high support and medium support.

[0127] Step S332: For the IP address or IP address and port number with low support degree, directly release the data packet and give an alarm, and proceed to step S341 or S342.

[0128] Step S333: For the IP address or the IP address and the port not in the trusted list, the transmission of the data packet is blocked and an alarm is issued, and the process proceeds to step S343.

[0129] Step S341: Increase the degree of support for a truly cre...

example 2

[0135] Such as Figure 4 As shown, this example includes:

[0136] Step S410: Obtain the data traffic of this transmission, and the specific acquisition method may be to extract the data traffic directly from the packet header of the data packet.

[0137] Step S420: Determine whether the current data flow is within a normal interval.

[0138] Step S431: Directly release the data packets whose data traffic is within the normal range.

[0139] Step S432: Release and give an alarm for data traffic exceeding the normal range, and enter step S441 or step S442.

[0140] Step S433: The data flow rate is lower than the normal interval and the alarm is released, and the process goes to step S443.

[0141] Step S441: For those that really need to add data traffic, adjust the upper limit of the normal interval.

[0142] Step S442: For abnormal data flow, find out the reason for the abnormality.

[0143] Step S443: If the data flow rate is too low due to equipment failure, repair it ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for monitoring a network, relates to monitoring technology of the internet field, and is proposed to solve the problem that positioning of network fault monitoring is not accurate enough in the prior art. The method comprises: extracting a source address in a data packet; searching the source address in a pre-generated trusted list; and when the trusted list excludes the source address, stopping transmission of the data packet and sending first warning information. The method has advantages of positioning of safe failure of a single physical machine, and high accuracy of positioning.

Description

technical field [0001] The invention relates to monitoring technology in the field of Internet, in particular to a network monitoring method and device. Background technique [0002] Cloud computing is mainly based on the sharing of resources and data, and provides dynamically scalable and cheap computing services on demand through the network. [0003] At present, the network security management and control scheme of cloud computing is mainly based on the division of security domains to set different security policies and collect device information based on a unified management platform to realize device monitoring. Existing network security management and control schemes are mainly based on the division of security domains, and different security policies are formulated based on the division of security domains. In this strategy, a security domain serves as a management unit. Usually, multiple virtual machines and the physical machines corresponding to the virtual machine...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L12/24
Inventor 郝会玲郭璇龙学义姚朋伟徐冬涛侯佳佳
Owner HANDAN BRANCH OF CHINA MOBILE GRP HEBEI COMPANYLIMITED