摘要
随着互联网用户的不断增加和用户需求的不断变化,互联网上的应用类型也在发生着日新月异的变化。各种类型的业务流量不断增长,网络的负担不断加重,网络管理的难度也随之增加。如何通过合适的流量管理技术,即网络应用协议的识别与带宽管理技术,来协调网络应用与安全、带宽增长与业务收益、网络扩容与用户体验之间的关系,是网络管理者与运营者亟待解决的重要挑战。文章的研究便着重于此,首先介绍了网络流量管理的基本概念与关键技术,随后对主流的开源流量管理系统和商用流量管理系统进行介绍。最后提出了一种协同式的分布流量管理系统,分布式的部署流量管理子系统通过分析控制中心协同检测与管理流量,可以有效的提高网络流量管理效率,提高未知网络协议的识别率,能够有效检测和防止DDoS攻击。
With the increase of Internet users and the needs of the user change constantly, the type of application on the Internet is also undergoing rapid changes. Various types of traffic are growing, and the burden of the network becomes worse and worse, so the difficulties of network management have increased. In order to coordinate the relations between application and security, bandwidth growth and business gains, network expansion and user experience, there is a key challenge to the network managers and operators that how to use the appropriate traffic management techniques, such as network application protocol identification and bandwidth management technology. This paper was focus on this, and introduced the basic concepts and key technologies of network traffic management first. Then it introduced the mainstream open source traffic management systems and commercial traffic management systems. Finally, it proposed a collaborative distributed traffic management system, which deployed the traffic management subsystems dispersedly, detected and managed the traffic collaboratively through the analysis and operation center. It could effectively improve the efficiency of network traffic management and the recognition rate of unknown network protocol, and it also could effectively detect and prevent DDoS attacks.
出处
《信息网络安全》
2012年第7期10-15,共6页
Netinfo Security
基金
国家973项目[2011CD302600
2011CB302805
2012CB315800]
国家自然科学A3重点基金项目[61161140320]
关键词
流量管理
协议识别
流量控制
深度包检测
traffic management
protocol identification
flow control
deep packet inspection
