Introduction of network management and monitoring function of routing gateway

With the increase of network and the increase of the number of machines to be managed, the fault diagnosis and network analysis have become the content of large workload for network managers such as Enterprise network and Internet bar. Also important to the administrator is how to understand the normal use of the network, in the event of a network failure to quickly determine network failures, such as worm attacks. So what kind of information does the HiPER network management and monitoring function provide to the administrator?

Below we take Shanghai Hayter Technology Co., Ltd. HiPER routing gateway as an example to introduce how to conduct network management and network monitoring.

First, traffic management

First, through the system State ――> port statistics, you can view the various LAN ports, WAN and DMZ port input and output bytes, the number of broadcast packets, the average rate of flow in each direction, with bps and pps respectively, WAN input equivalent to the download of traffic, In the case that the network internal traffic is more normal, the out of the LAN port should be close to the in of the WAN port, and the LAN port in and the WAN port are more close. From this diagram, you can easily understand the current network traffic status.

Second, the statistical function

You can find out how many devices are currently online through the "Internet Monitoring" user statistics table. The user statistics can understand the IP address and Mac correspondence of each user machine connected to the HiPER. and the number of packets that the user has received and sent since it was online, if a user downloads a large number of packages, the user may be downloading a lot, or have other aggressive behavior, This reminds the administrator to be aware.

Iii. early warning of attack

If a user inside the LAN has an attack or uses multi-threaded software, it can see the number of connections it occupies on the hiper, including the total number of connections and the current number of connections. If some machines have more than a limited number of connections, then most of the user has a Dos attack, if there is a failure of the number of connections, then that the entire network needs more than the number of NAT connections, there are 2 possible reasons, one is too much attack, if no attack, This means that the performance of this machine is no longer applicable and needs to be replaced with better equipment.

Iv. Fault Diagnosis

Most importantly, if the network traffic is very high, the conflict in the Ethernet is more, or suffer similar to "Blaster" type of attack, have to rely on some advanced grab software or hardware to find fault, and this kind of trouble finding software or hardware equipment cost more expensive, In a network that uses a switch, it is also done through a mirrored port on the switch, and many companies use more than one switch, making it inconvenient. Now, on the hiper of the router as an outlet, we can view the behavior of each user through the admin interface, such as viewing whether the user is using the WWW service or chatting via MSN. At the same time, we can look at some unusual behavior, such as a machine that is constantly sending out a broadcast packet, or its destination address is a multicast address.

If you manage more machines, you can use the HiPER Management software query interface, input needs to query the object, can be the address of the internal network, can also be the server address of the external network.