首页 | 本学科首页   官方微博 | 高级检索  
     

NetFlow技术在广东气象网络流量监测分析中的应用
引用本文:肖文名, 郎洪亮, 陈晓宇. NetFlow技术在广东气象网络流量监测分析中的应用. 应用气象学报, 2007, 18(6): 870-876.
作者姓名:肖文名 郎洪亮 陈晓宇
作者单位:1.广东省气象信息中心, 广州 510080;2.国家气象信息中心, 北京 100081
摘    要:该文分析了NetFlow技术的基本原理, NetFlow协议的功能、用途、交换特点及NetFlow数据报文格式。 作为NetFlow在网络测量中的应用, 重点介绍了基于NetFlow的流量测量系统的架构, 详细介绍了NetFlow技术在广东省气象局网络流量监测中的应用。 结果表明: 利用NetFlow技术监测网络流量非常有效, 在实际业务应用中发挥了很好的作用, NetFlow技术适用于大型网络的流量采集分析。

关 键 词:流量分析   NetFlow技术   网络监测
收稿时间:2006-12-11
修稿时间:2007-08-06

Application of NetFlow Technology to Network Data Flow Monitor and Analysis in Guangdong Meteorological Bureau
Xiao Wenming, Lang Hongliang, Chen Xiaoyu. Application of netflow technology to network data flow monitor and analysis in Guangdong Meteorological Bureau. J Appl Meteor Sci, 2007, 18(6): 870-876.
Authors:Xiao Wenming  Lang Hongliang  Chen Xiaoyu
Affiliation:1. Guangdong Meteorological Information Center , Guangzhou 510080;2. National Meteorological Information Center , Beijing 100081
Abstract:For a network administrator,it is essential to understand the traffic characteristics and the user behavior which is typically achieved by the traffic measurement.The basis of the NetFlow technology are reviewed.The function,application,switch features and datagram format of NetFlow are further analyzed.NetFlow's application in the network of Guangdong Meteorological Bureau is introduced in detail.In order to make the network administration convenient,straightforward,and easy for decision making,a Network Monitoring System(NetFlow Analysis System of Guangdong Meteorological Bureau) is designed based on NetFlow for network monitoring.The health of network can be quickly determined by the system,statistics are compiled for each user,and warnings of impending network issues are given.The selection of monitoring nodes is based on the structure of the network.Depending on the application,special care is put on how to collect network traffic data.For the ease of use,a host of web application is developed to automatically collect statistics,generate real-time report,and compile statistics.The system has the characteristics that network running situation can be looked over by the network administrator conveniently,the statistics of the user habits of using the internet and the trouble of network can be found in time. The time that the network administrator needs to search and to get rid of the network breakdown will be evidently reduced by the completion of the design.An analysis is made on a case happened in Guangdong Meteorological Bureau Network on Dec 5,2006 on how the NetFlow Analysis System of Guangdong Meteorological Bureau is used to quickly identify the network breakdown,and to find the root cause,and to recover it by using the traffic measurement.By using the NetFlow Analysis System of Guangdong Meteorological Bureau to analyze the data stream of NetFlow,it is easy to find the IP address of virus,and the infected computers. Since the worm virus can initiate massive scanning connection during their spreading process,using SNMP and the switch ports linked with the computers those use these IP addresses can be located and the virus-infected computers can be isolated from the network by closing the corresponding switch ports.In this case, not only those kinds of abnormities of different networks in different time segment exactly can be detected by the system,but also the efficiency and bottleneck of the running network can be analyzed on time.So the network performance can be optimized by network managers more promptly and reasonably.
Keywords:NetFlow analysis  NetFlow technology  network monitor
本文献已被 CNKI 维普 万方数据 等数据库收录!
点击此处可从《应用气象学报》浏览原始摘要信息
点击此处可从《应用气象学报》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号