Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC

Slides:



Advertisements
Similar presentations
Network Monitoring System In CSTNET Long Chun China Science & Technology Network.
Advertisements

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 3: Planning a Network Upgrade
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Network Management Basics Network management requirements OSI Management Functional Areas –Network monitoring: performance, fault, accounting –Network.
CREATING CERTAINTY Intelligent router tool, designed to create certainty in your network. 1COPYRIGHT © 2010 SERTUS NETWORKS LIMITED - ALL RIGHTS RESERVED.
Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.
Use Cases for I2RS I2RS Interim Meeting Nicolai Leymann, Deutsche Telekom AG
CIT 470: Advanced Network and System Administration
Chapter 19: Network Management Business Data Communications, 4e.
Presented by Serge Kpan LTEC Network Systems Administration 1.
1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.
Signalling Systems System which allows various network components to exchange information –In particular, it supports call / connection control network.
Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.
1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.
Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.
Understanding Network Failures in Data Centers: Measurement, Analysis and Implications Phillipa Gill University of Toronto Navendu Jain & Nachiappan Nagappan.
ITIL: Why Your IT Organization Should Care Service Support
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
ITIL Process Management An Overview of Service Management Processes Presented by Jerree Catlin, Sue Silkey & Thelma Simons.
Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.
Network Topologies.
© 2011 Internetwork All rights reserved. Cell: Samir CCNP-SWITCHING Mohamed Samir YouTube.
1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 5 WANs and Routers/ Introduction to Routers.
Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.
1 Wide Area Network. 2 What is a WAN? A wide area network (WAN ) is a data communications network that covers a relatively broad geographic area and that.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
Chapter 2 The Infrastructure. Copyright © 2003, Addison Wesley Understand the structure & elements As a business student, it is important that you understand.
CNGI Applications in CSTNET QingHua Zhang CSTNET January 2007.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.Rev 5058-CO900E PUBLIC INFORMATION Speed Integration with Ethernet-enabled CENTERLINE® MCC,
Institute of Computer and Communication Network Engineering OFC/NFOEC, 6-10 March 2011, Los Angeles, CA Lessons Learned From Implementing a Path Computation.
Common Devices Used In Computer Networks
Computers Are Your Future Tenth Edition Chapter 8: Networks: Communicating & Sharing Resources Copyright © 2009 Pearson Education, Inc. Publishing as Prentice.
IMPROUVEMENT OF COMPUTER NETWORKS SECURITY BY USING FAULT TOLERANT CLUSTERS Prof. S ERB AUREL Ph. D. Prof. PATRICIU VICTOR-VALERIU Ph. D. Military Technical.
ITIL Process Management An Overview of Service Management Processes Thanks to Jerree Catlin, Sue Silkey & Thelma Simons University of Kansas.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Configuring Network Devices Working at a Small-to-Medium Business or.
Time lag between discovering issue and resolving Difficult to find solutions and patches that can help resolve issue Service outages expensive and.
1 Network Management: SNMP The roots of education are bitter, but the fruit is sweet. - Aristotle.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.
Network Components Basics!. Network HUB  Used to connect multiple Ethernet devices together  Layer 1 of the OSI model  Not used much today.
11 ROUTING IP Chapter 3. Chapter 3: ROUTING IP2 CHAPTER INTRODUCTION  Understand the function of a router.  Understand the structure of a routing table.
HP Openview NNM: Scalability and Distribution. Reference  “HP Openview NNM: A Guide to Scalability and Distribution”,
Introduction to ITSM processes. CONFIDENTIAL Agenda Problem Management  Overview  High Level process Change Management  Overview  High Level process.
IS3220 Information Technology Infrastructure Security
The Obermeier Software OPC-SNMP Enterprise Agent 3.0 Obermeier Software SNMP OPC Gateway Features and The S4 Group, Inc. Services Presented by Steve Jones.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Changing IT Managing Networks in a New Reality Alex Bakman Founder and CEO Ecora Software.
Chapter 7. Identifying Assets and Activities to Be Protected
CompTIA Security+ Study Guide (SY0-401)
Instructor Materials Chapter 9: Testing and Troubleshooting
Robert Szuman – Poznań Supercomputing and Networking Center, Poland
Wide Area Network.
CHAPTER 3 Architectures for Distributed Systems
CompTIA Security+ Study Guide (SY0-401)
ITIL: Why Your IT Organization Should Care Service Support
인터넷 구조 2002년 2학기 장주욱.
Configuring Network Devices
ITIL: Why Your IT Organization Should Care Service Support
Lecture6 Network Replacement
ITIL: Why Your IT Organization Should Care Service Support
Delivery, Forwarding, and Routing of IP Packets
Presentation transcript:

Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC

2 Copyright © 2008 CSTNET. All rights reserved. Agenda III IT service and IT government in CSTNet I Network management infrastructure Traffic and routing analysis II Network management infrastructure DDoS detection, traceback, analysis and mitigation

3 Copyright © 2008 CSTNET. All rights reserved. Network management infrastructure Devices and links The basic network management system by snmp, icmp, tacacs and so on Incident Management Problem Management Configuration Management Change Management Network layer Device and performance data Network analysis system: traffic analysis route analysis DDos attack analysis Call center

4 Copyright © 2008 CSTNET. All rights reserved. Traffic analysis and report system in CSTNet  An integrated and intelligent infrastructure  Aggregated the different routers in multilayer network  The institutes and custom objects are the base analysis elements  Evaluate the network updates plan from the traffic report

5 Copyright © 2008 CSTNET. All rights reserved. The structure of traffic report : traffic matrix Network, interface, router, AS, institute and custom object are the cell elements of the row and column in the traffic matrix. The elements of the row: application, topTalk, protocol and so on The elements of the column: network, interface, router, AS, institute and custom object

6 Copyright © 2008 CSTNET. All rights reserved. Traffic Matrix NetworkRouterInterfaceASInstitutesProfile(Custom Object) NetworkTraffic exchange analysis between networks Network traffic transit between Routers Network traffic transit between interfaces Different AS traffic analysis on the Network Distribution between institutes in this network RouterRouter traffic transit between routers Traffic exchange analysis between routers Where and which AS do the traffic of the router go Distribution institutes traffic analysis in the special router Special object traffic analysis in the special router InterfaceInterface traffic distribution between networks Traffic exchange analysis between interfaces How much traffic is been changed between different AS Distribution institutes traffic analysis in the special interface Special object traffic analysis in the special interface

7 Copyright © 2008 CSTNET. All rights reserved. Traffic Matrix NetworkRouterInterfaceASInstitutesProfile(Custom Object) ASNetwork traffic transit between AS Which do routs traffic go to the AS Which do interfaces traffic go to the AS AS traffic evaluation and potential Peer which do institutes traffic go to the AS Costom objects analysis in the special AS Number InstitutesWhich network is used by the institute Router analysis which traffic include the institute Interface traffic analysis by this institute Which do AS transit with by this institute Which institutes exchange traffic by this institute Coustom object analysis exchange traffic with the institute ProfileWhich network is used by the object Router traffic analysis which traffic include the object Interface traffic analysis which traffic include the object which do AS transit with by this object Institute analysis exchange traffic with the object Traffic exchange between objects

8 Copyright © 2008 CSTNET. All rights reserved. Application, protocol, topTalker and abnormal event Matrix NetworkRouterInterfaceASInstitutesProfile(Custom Object) Application√√√√√√ Protocol√√√√√√ TopTalker√√√√√√ Abnormal event √√√√√√

9 Copyright © 2008 CSTNET. All rights reserved. Transit analysis between institutes in CAS

10 Copyright © 2008 CSTNET. All rights reserved. TopTalker institutes traffic analysis between CERNet and CSTNet

11 Copyright © 2008 CSTNET. All rights reserved. Why need the route analysis system  A key component of a complete Network & Application Service Management Solution  Discovered that a major site was being routed to another via an expensive international WAN link

12 Copyright © 2008 CSTNET. All rights reserved. How to find the root cause ISP 1 ISP 2 Router misconfiguration: routing to only ISP 2 despite intact links to both ISPs Despite physical redundant connections to ISP1 and ISP2, no traffic was being sent through ISP1 If the link to ISP2 failed, all internet connectivity would have been lost

13 Copyright © 2008 CSTNET. All rights reserved. Topology and route visualization Reducing time to analyze difficult network problems

14 Copyright © 2008 CSTNET. All rights reserved. Route event analysis History navigator Route change records Historical routing events are easily replayed

15 Copyright © 2008 CSTNET. All rights reserved. Route event analysis Which AS announce the new routes? The root reason we find ! Any recorded time period can be selected and analyzed

16 Copyright © 2008 CSTNET. All rights reserved. Network simulation  Know how changes will affect your network before making them

17 Copyright © 2008 CSTNET. All rights reserved. Establish a dynamic baseline of typical traffic patterns in different zones of the network Comparing real-time network activity against this dynamic baseline, to flag all anomalies Mitigation detection DDos mitigation

18 Copyright © 2008 CSTNET. All rights reserved. What force us to concern the IT service management Dynamic and more complex network environment (link update, change routers, misconfiguration) Serialize the key network application, provide the reliable service for institutes Improve the IT security, strengthen risk-resisting ability Visualization Control Automation

19 Copyright © 2008 CSTNET. All rights reserved. IT Service Management in CSTNet  IT Infrastructure library  A service desk to deal with trouble ticket, service and change request  Event, problem, configuration and change

20 Copyright © 2008 CSTNET. All rights reserved. 20 Service Support basics Incidents Reactive Service Requests Incident Management Proactive Root cause of related incidents When understood, becomes a Known Error Problem Management Any change to a CI “standard” or preapproved changes CAB Change Management Large or bundled changes planned, designed, built and tested together Subject to change management Release Management Router, switch, link, card,Server Software Related documentation Relationships between CIs Managed Elements of a service CMDB Configuration Management Incident Problem Change Release Configuration Item Configuration Item Service Desk in CSTNet Single Point of Contact for users of IT Services

21 Copyright © 2008 CSTNET. All rights reserved. Future work Improve the performance of traffic analysis Route-flow fusion A way to mitigate the DDos detection and guarantee the key scientific application traffic Strength the IT government and provide the best management service

22 Copyright © 2008 CSTNET. All rights reserved.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.