摘要
广域网环境下,基于SNMP的远程集中管理可对中、大规模VPN网络实现高效安全的管理。为解决网管系统在拓扑发现方面存在的缺陷,提出了采用设备代理主动注册的解决办法。基于SNMPv3安全特性的分析,引入了公钥认证的机制,详细介绍了密钥协商的具体流程,较好地解决了网络管理协议在身份认证及加密传输方面的不足。针对基于无连接传输服务的SNMP数据传输无法保证其可靠性和实时性的不足,给出了基于XML的集中配置实现策略,实验结果表明了该策略的可行性和有效性。
Under the WAN environment, large-scale VPN networks is effectively and safely managed by long-distance centralized management system based on SNME To solve the flaw of topology discovery, a method in which agent initiates registry to the server is proposed. After analysis of the SNMPv3 security features, the public key authentication mechanism is introduced and the procedure of key negotiation is discussed in detail. For poor reliability and real-time data transmission of UDP-based SNMP, a strategy of configuration based on XML is given, which is proved to be feasible and efficient by the result of experiment at last.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第9期2186-2188,2400,共4页
Computer Engineering and Design
基金
浙江省科技重点基金项目(2006C21028)
澳门科技基金项目(005/2006/A)
浙江省重大科技专项重点基金项目(2006C11105)
