Shulou(Shulou.com)06/01 Report--

In order to further manage the company's network, and strengthen the company's network use behavior for effective management.

The company has launched a deeply convinced behavior management device. After several phone calls, the equipment finally reached the company's security office on a certain working day. I picked up the equipment, which was lighter than the desktop chassis, heavier than the laptop, and mentioned the computer room more easily.

In order to launch behavior management devices, we must first understand the network architecture of the company. The networks of many small and medium-sized enterprises are more suitable to use such devices. Generally, there are routing patterns, bypass modes, and bridging modes. Looking at these nouns, we all know that routing patterns will increase routing entries, change the structure of the entire network, and affect many applications, clients, and so on. Bypass mode uses the mirror interface of the switch to grab data, which can only be audited, not policy filtering, and bridging mode, which generally connects devices to layer 2 switches and layer 3 devices to make a transparent bridge mode. you can directly think of it as a network cable. This model will not change the network structure. Of course, taking into account some of the complexity of the company, the device will also have some special features, such as supporting multiple WLAN lines and supporting HSRP. These can be specific problems, specific analysis and choice.

First of all, the equipment is on the shelf, and 1U of rack space is reserved in the cabinet, which can be between the third floor and the second floor according to the level of network equipment.

After fixing the equipment, numbering the screws, and confirming that the equipment is solid, you can start to power on, turn on, and configure the equipment.

For the configuration of the equipment, you can log in to the etheric port first and refer to the equipment manual. Introduction of panel interface. The device will have a common administrator account and password and log in to the administrative interface.

First of all, it is necessary to complete the configuration of the interface, define the management IP of the bridge, and define the flow direction of the internal and external network interfaces. When setting the bridge management IP, you need to note that some VLAN management is enabled. The IP of the VLAN interface may be different from the ip address of the intranet. It is necessary to ensure the connectivity of the network segment and the network.

After the device interface is defined, it can continue to be configured in bridge mode and can be set according to the wizard according to the prompts of the device.

After configuring the basic settings, the network can be switched, and the layer 3 device channel management device is connected to the layer 2 device.

After the line switching, we should first test whether the network is normal and can access the external network.

Then, in the audit management of the equipment, the behavior management strategy is configured.

When the audit is turned on, you can mainly record all the usage behavior and data traffic of the intranet, so that the required reports can be found in the data center.

The behavior management device policy needs to be configured according to the company's IT management strategy. In many cases, video, P2P downloads, shopping websites, etc., will be banned.

Communication software, QQ, MSN and other devices, if necessary are also disabled.

Policy configuration, relatively simple, directly under the corresponding behavior policy, according to the setting requirements of step-by-step configuration, you can.

Pay attention to the time policy, the establishment of user groups, the actions of the corresponding policies, rejections, records, etc.

This configuration is almost done, but strange things have happened. After a trial period of time, there will always be disconnection and network outage.

Later, through the manufacturer's customers, telephone consultation, found the problem, the company's employees' network behavior is not fixed, irregular, so there will be a certain period of time, user traffic is particularly high, a certain period of time is relatively less.

At the peak of traffic, the utilization rate of CPU and memory of the device is more than 90%, or even reach 100% directly.

In order to prevent this from happening, the traffic of the line needs to be optimized. According to the company's bandwidth, pay attention to the conversion of 100M/8.

After the converted bandwidth traffic is obtained, the line bandwidth can be limited. In general, there will also be an optimization mode that has been set up, such as limiting sufficient bandwidth to email traffic and giving priority to forwarding.

After setting up, the situation of network disconnection will not appear again. On the basis of the basic operation of the equipment, we can regularly observe the status of the network, in order to observe the use of the network, according to different situations, we can adjust the corresponding strategy.

Many foreign-funded enterprises will pay more attention to personal privacy, so they also need to consider the issue of personal privacy when exporting reports and reports.

The report is only for overall network usage, not for individuals.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.