摘要
通过SNMP、Syslog标准协议从不同厂家防火墙、IDS以及路由器、交换机、服务器等网络设备搜集相关信息,进行集中存储、分类分析和数据挖掘,生成各种报表绘制运行态势图,针对异常流量及安全事件进行预警,构建具有流量状况分析、安全事件分析以及预警功能的校园网运行状况分析系统,从而使网络管理人员能够宏观把握校园网的运行状况以及资源使用情况,为校园网建设管理、扩容改造提供数据支持,并且能够及时发现和处理异常流量、网络资源占用以及各种网络安全威胁,确保校园网正常运行。
Collecting information through SNMP, Syslog from different manufactures' firewall, ids, as well as routers, switchs, servers and other network equipment, storage, analysis and data mining were carried out to generate reports for the flow and security events. The campus network condition analysis system of flow conditions, security events and early warning was built in order to enable network managers to grasp the traffic conditions, security and resource use, to support the expansion and improvement. Abnormal flow, network resource occupation and network security threats can be found and processed. The normal operation of the campus network can be ensured.
