Shulou(Shulou.com)06/01 Report--

Chapter 1 scenario background 1.1. With the rapid development of economy and technology, enterprise informatization has entered a new era. With the continuous growth of enterprise scale and the continuous expansion of business, the network structure and IT technology that enterprise informatization depends on are becoming more and more complex. The network management software and technical strength of the enterprise IT network management department directly determine whether the enterprise can provide stable, reliable, fast and high-quality services. However, the type of traditional network management monitoring equipment is limited, the monitoring efficiency is not high, and it is difficult to expand in the later stage. At the same time, it can not be combined with the business situation of the enterprise, and can not provide enough security control functions, resulting in the management level of enterprise IT system operation and maintenance lags behind. 1.2. The demand of enterprise IT management aims at the actual situation of enterprise IT network management, enterprises often have the following requirements for network management software: 1. Comprehensive and in-depth monitoring and management enterprises have not only different manufacturers of network equipment, but also a variety of servers, software applications, a wide variety of devices, a large number of devices, and different equipment management protocols, IT departments expect to use a set of software to monitor. two。 Uninterrupted whole-process monitoring IT department needs to carry out 7: 24 full-process monitoring, the fault will occur before the early warning, when the fault occurs can immediately notify the administrator, locate the fault link, quickly restore the system. 3. The support of the later expansion equipment for the enterprise, the new business is developing continuously, and the equipment and new software applications are also expanding. IT department expects the existing network management software to have better support for the future expansion. The contradiction between 4.IT complexity and management convenience IT infrastructure itself is becoming more and more complex, and the technology is becoming more and more advanced. In the face of complex IT facilities management, the requirements for IT department skills will be higher. Therefore, the functional requirements of network management are getting higher and higher, resulting in complex operation of network management software functions and difficult to use. 5. Clear control of the relationship between equipment deployments, the physical relationship between devices, and the relationship between equipment and business are the basic conditions for the overall control of the IT department. With the change of time, the flow of personnel, the change of equipment, and the migration of business, the topological relationship between equipment and business is difficult to manage. 6. Combined with the company's business, the traditional network management software is often only responsible for the management of network equipment, can not support the topology display and real-time monitoring of the company's business situation, and can not effectively feedback the business situation that the enterprise cares about most. 7. For different departments in the enterprise, multi-level security management needs to assign different management rights and equipment rights to different departments. The management and distribution of permissions is an important index concerned by IT departments. 8. Cost control IT department as a service center, how to protect the return on investment of IT, enhance the investment value of IT, and achieve the maximum business goal is the index that IT department focuses on. Chapter 2 Zhihe Network Management platform Enterprise IT Network Management solution Beijing Zhihe Communication Co., Ltd., aiming at the needs of enterprise IT network management, comprehensively considers the problems of versatility, efficiency, expansibility, ease of use, network management and business management, security control, etc., and puts forward the solution of Zhihe network management platform enterprise IT department. 2.1. The core solution Zhihe network management platform realizes the comprehensive monitoring and continuous monitoring of the equipment, the continuous expansion of the network management function, the graphic topology to show the network situation, business management, security management and other functions. 2.1.1 Comprehensive monitoring and management will uniformly manage various types and brands of equipment, and monitor various WEB services, databases, e-mail, OA, J2EE and other applications. It basically covers the comprehensive management needs from hardware facilities to software applications. It can monitor the interface, flow, IP status, connection status, receiving / sending bytes, bandwidth, error packets and discarded packets of network equipment, and monitor the CPU, memory, disk, network card traffic, hardware facilities and software processes of Windows, Linux and Unix servers. With rich monitoring indicators, and support self-defined monitoring indicators, to achieve in-depth management.

2.1.2 uninterrupted whole-process monitoring first, it automatically runs as a task in the background through unattended fault monitors and performance monitors, and uses multi-threaded task concurrency technology to increase the detection frequency to seconds. Real-time, accurate, efficient and stable detection equipment can be achieved. Second, active event management, through syslog and trap technology can receive the device / server actively sent messages, centralized processing, timely notify the user. Third, the system uses a three-level fault step-by-step early warning mechanism, so that the fault can be found by management before it gets worse. And can notify the person in charge of the equipment through e-mail, software interface and mobile phone SMS. Using the Zhihe network management platform, managers can monitor the whole process without staring at the equipment all day.

2.1.3 the bottom layer of the support platform for the later extended equipment adopts the "general management framework design" with unique technology, and adds the equipment management middle layer to shield the management differences of different devices. The system provides the operation interface of fault monitor definition and performance monitor definition, and the administrator can implement the management extension by himself, and the extended function can support more types of devices and monitor more information. 2.1.4 to really solve the contradiction between IT complexity and management convenience, one-click installation and deployment can be achieved by using simplified installation and deployment technology. The monitoring and management interface based on the topology diagram follows the management habit from outline to detail, automatic search and discovery, automatic monitoring and matching technology to ensure correct monitoring. Through a series of techniques to simplify complexity, users can basically get started with management without training. 2.1.5 clearly control the relationship between device deployments and creatively adopt a management model based on topological relationships, which supports the management of a large number of devices according to physical networks, departments, business responsibilities, etc., and can automatically search for devices. Further automatic search for business on the device. Through a variety of discovery algorithms, intelligent analysis port forwarding table, LLDP table, MAC-IP table, routing forwarding table and other automatic search to find the hanging device under the switch, analyze the IP, MAC, port and other information of the hanging device, and automatically generate the hanging topology diagram of the device. Allows administrators to see the most complete view of the device topology at any time.

2.1.6 provide business management function Enterprise IP network management can carry out business management freely and flexibly, breaking the concept of traditional physical network and equipment, and supporting users to select multiple devices across the network to form a complete business device topology and monitor, so that administrators can understand business processes and business situation intuitively.

2.1.7 Multi-level security management supports the organizational structure of multi-level networks / areas, and different networks / areas can be assigned and managed to different users. After logging in, users can only see the network and devices under their own permissions. The blacklist and whitelist function is used to detect whether the devices concerned by the user (identified by IP and MAC) appear in the network and when they appear, and remind the user of the next step. By supporting the user network, user rights setting, and the control of the blacklist and whitelist, multi-level, multi-angle to improve the network security, to ensure the security of the user network.

2.1.8 to achieve cost control companies adhere to independent research and development, which will not involve third-party fees; reduce training expenses through operational convenience; adopt general management framework design technology to manage new equipment and business without cost; based on telecom-level distributed reliable technology core, reduce maintenance expenses. This series of technologies will ensure that Zhihe Network Management platform (SugarNMS) can be batch and low-cost, thus bringing end-users the most competitive price. 2.2. The application value adopts the IT network management solution of Zhihe network management platform, through intelligent management, intuitive topology diagram, perfect alarm mechanism, etc., so that the enterprise can truly control the network situation through simple network management operation: 1. Control the equipment situation, centrally monitor different kinds of equipment, and know the connection and operation of the equipment in real time. two。 Control the business situation, fully control the concerned business processes, related equipment, related alarms. 3. Control the security situation, control the network security situation in many directions, and ensure the safe operation of the network. Chapter 3 Technical characteristics and advantages of the scheme 3.1. Based on JAVA voice, the technical feature intelligence and network management platform is independently developed and has the characteristics of modularization and intelligence. 1. Zhihe network management platform is based on JAVA high-level programming language, and the function block, database and interface are all based on unified JAVA technology platform and unified data relation model. 2. The Zhihe network management platform uses modular design patterns to keep the platform isolated from the basic framework, reusable components and software functions, which ensures rapid customization without losing the characteristics of componentization and architecture.

3. Zhihe network management platform is based on self-developed Object SNMP, equipment automatic discovery components and topology diagram components, and has intelligent equipment discovery and management features.

4. Zhihe network management platform has 100% independent intellectual property rights from the underlying network protocol to the development platform.

5. Zhihe network management platform has both JAVA-based client and HTML5 client to meet the needs of different users.

3.2. The advantage of the scheme is 3.2.1. Intelligent product advantages: one-button intelligent network management, one-click search, discovery, identification of network equipment, resources, links, intelligent fault management, maximize the ease of operation of products, improve management efficiency and reduce costs. Visualization: automatically generate the topology diagram, fully and completely present the topology of the network, achieve a visual network management mode, and greatly reduce the difficulty of IT management. Automation: automatically discover and identify devices, resources and links, intelligently analyze link logic to automatically generate topology diagrams, simplify user operation steps, and reduce the time to build a management environment. Personalization: personalized customization development, system integration, to meet the different needs of users, users can customize to meet the needs of the network management platform, and constantly update the functions of the platform to meet the changing management needs. Localization: fully support domestic processors, servers, operating systems and databases, improve the situation that there is basically no domestic network management software that supports the localization platform, and meet the increasing domestic needs of users for information construction. Second-level monitoring: leading second-level monitoring capability and multi-threaded task concurrency technology, the monitoring frequency is raised to seconds, the minimum can be set to 5 seconds, real-time, accurate, efficient and stable monitoring equipment. Stability: carrier-grade software architecture of the micro-kernel simplification technology, 100% Java multi-tier distributed technology, providing carrier-level reliability guarantee. Support disaster recovery scheme and dual-computer backup settings to maximize the security of network management data. Ease of use: the product is user-centered, the interface is friendly, and the product function is easy to see, easy to learn and easy to use. Compatibility: using Java cross-platform technology, perfectly compatible with mainstream / domestic systems and databases, providing two kinds of client interfaces, PC and mobile devices, allowing management anytime, anywhere. Enterprise: support large-scale networking management, directly penetrate the private network for monitoring, support distributed deployment, the platform is easy to upgrade and maintain, and can meet the changes of future business needs. Private devices: new device types, unknown device types, users do not need to develop programming, the system provides GUI policy expansion interface, can complete the support for new devices. 3.2.2. Technology advantage platform technology: Java cross-platform technology, the server can run on Windows, Linux, domestic Kirin and other operating systems. Support MySQL, Oracle and domestic Jinkang database. Network environment: penetrate the private network and monitor the network devices in the private network; multiple distributed SNMP collectors can be deployed at the same time to monitor the devices. Network management expansibility: provide open development platform and plug-in code, with comprehensive secondary development, system integration, function expansion ability. Provide personalized customized development, third-party system integration services. System stability: support fault-tolerant scheme and dual-computer hot backup scheme. Device management capabilities: support a variety of physical link discovery technologies. It provides IP, network-wide search and other ways of device discovery. Overall management of current equipment. Monitoring support: SNMP, Telent, SSH, WMI, JMX, HTTP, JDBC, ODBC and other management protocols are supported for monitoring. Chapter 4 Enterprise Services 4.1. Beijing Zhihe ICT Co., Ltd. is a leading provider of intelligent network management solutions in the industry. The company focuses on the field of network management, goes deep into the needs of the network management market, relies on its own strong technical research and development strength, and takes "controlling everything, omnipotence, ubiquity" as the product innovation concept. Its core product-Zhihe network management platform has become the best choice for many users. After years of technological precipitation, Zhihe and ICT have obtained more than 16 independent R & D intellectual property rights. it also provides integrated network management solutions and network management platform development and customization services for telecom operators, large state-owned units, scientific research institutes, equipment vendors, system integrators, enterprise users and developers, etc., and has controlled more than 500 types of equipment and managed more than 1 million devices. 4.2. Product service development level service: provide comprehensive development services, provide development training, service support and comprehensive development technical documentation in the development process. Equipment docking and testing: provide users with equipment docking and testing services to assist users to complete the implementation and deployment of the platform. Technical support: provide 24-hour special technical service engineer hotline telephone support, remote online support, on-site support and other services, instant release of messages and technical bulletins, regular system software testing, optimization and document updates. Fault diagnosis and troubleshooting: if there is an abnormal fault in the customer's system, the technical engineer will respond as soon as possible and deploy professional technical engineers to provide online support or on-site repair according to the project files in a timely manner. for customers to quickly and easily implement diagnosis and recovery. System tuning: according to their rich implementation experience, the technical engineer finds out the bottleneck in time for the decline of customer system performance, puts forward a perfect optimization scheme and puts it into practice. Eliminate the hidden danger of the system in time, avoid causing business interruption, and greatly improve the operating performance and manageability of the system without increasing or reducing investment. Upgrade quality assurance service: provide existing versions of problem repair and upgrade, and continue to develop new features and new versions, and constantly add new features. Upgrade of monitoring and management method library (feature service): by downloading the latest monitoring and management method library, you can manage new equipment and more monitoring and management methods. Chapter 5 part of the typical case 5.1. Beijing Unicom IPTV network management system 5.1.1. Background China Unicom is one of the three major mobile operators in China, mainly engaged in mobile communications services, domestic and international fixed telephone networks and facilities, voice, data, image and multimedia communications and information services, telecom value-added services, IP telephone services and other services approved by the state, as well as system integration related to communications and information services. The IPTV service management platform provides a unified business monitoring module to realize unified business monitoring of Huawei capability platform (Huawei S9306, S5352, S930, Huawei E1000 firewall), ZTE capability platform (ZTE 2826, 4507, 8905 switches), broadcast control gateway, IPTV box management platform, IPTV business management platform and other platforms, including network, host, storage, application, business data, etc. The architecture diagram of the current IPTV expansion target is as follows:

5.1.2. Core requirements end-user IPTV unified network management is responsible for centralized management and display of all network elements (including servers, switches, firewalls, storage devices) and system and application fault alarm, log, performance, topology, historical data (historical data retained for one year) and other information involved in the IPTV system, and can carry out statistics and output reports on time, day and month. 1. Network element data requires that the information required by the nodes in the network includes, but is not limited to, the basic information of the device (IP, type, name, etc.), device network card, network card traffic, CPU memory, CDN information, storage information, device performance and other parameters. two。 Fault alarm is required to provide a variety of alarm notifications (voice, SMS, email, etc.), a variety of alarm classification, login failure should generate alarm notification administrator, alarm threshold can be adjusted, can be divided into sub-regions for alarm. 3. Log management requires that in addition to recording basic operations, all devices in the system need to establish their own log files, which are regularly transmitted to the log management of the system for collection, analysis and fault alarm. 4. Performance management requires real-time monitoring of the status of devices and networks, obtaining information and statistical data about the operation of the CDN network, and providing network performance statistics on the basis of the collected data. 5. Centralized presentation management provides network topology for CDN and EPG devices in the managed area, provides hierarchical network topology images and related information, and presents, maintains and manages network resources, including network element devices, according to the actual operation. Support the query and statistics of resources, and can realize the automatic update of resources. 5.1.3. According to the actual needs of Beijing Unicom's IPTV project, Zhihe ICT has proposed a customized solution based on Zhihe network management platform. Through the development and expansion, the Zhenzhi network management platform supports the collection and monitoring mode of data reporting through SNMP, SNMP Trap, FTP, WebServer and other protocol interfaces, so that the platform monitoring module can directly collect the information of the monitored equipment. 1. Support SSH protocol monitoring host, CLI, SMI protocol monitoring storage, JDBC protocol monitoring database, HTTP/JMX protocol monitoring middleware; 2. Through the SNMP protocol, we can automatically discover the resources on the device, such as network interface, memory, CPU and disk, and through TCP, we can find the software services that exist on the device. The platform reports the data through SNMP, SNMP Trap, FTP, WebServer and other protocol interfaces, and the platform monitoring module collects the information of the monitored equipment directly. 4. Zhihe network management platform has active fault monitoring function, from many events and states, the system can summarize the scattered status information into the current working state, and generate alarms, you can use voice, e-mail, text messages to remind network management personnel in time; 5. A number of defined data objects are provided for collecting system information, network information, exchange information, software information, disk CPU resources and traffic information from the device. Performance indicators can be displayed through graphs and trend charts, and the changes of performance indicators can be viewed by day, week, month and any time period. 5.1.4. After the deployment of Unicom IPTV network management, administrators can centrally manage and display the fault alarm, log, performance, topology, historical data and other information of all network element devices (including servers, switches, firewalls, storage devices) and systems and applications under the network through IPTV network management, and can carry out statistics and output reports on time, day and month, which facilitates the administrator's management of the system. The efficiency of management is improved. 5.2. Xingtang Communication Network Operation and maintenance Management system 5.2.1. Project background Xingtang Communication Technology Co., Ltd., which belongs to Datang Telecom Technology Industry Group, is a high-tech company facing the information and communication industry and the supporting unit of the National data Communication Engineering Technology Research Center. Xingtang Company under Datang Telecom undertakes to build a national business private network system of a unit, which includes CISCO, Huawei, H3C network equipment, Windows servers, Linux servers, proprietary servers, virus servers and so on. The main problems are as follows: first, the operation and maintenance monitoring, the managers can not effectively grasp the overall situation in the face of the complex network, which is not conducive to the management work; second, the fault handling efficiency, because the fault is unpredictable, managers often find the equipment after the fault, and diagnose the reason after finding the equipment, the processing efficiency is low, which affects the normal work. Third, for the network system performance management of the whole enterprise, how to scientifically reflect the performance bottleneck of the network system, so as to provide a theoretical basis for the decision-making to improve the network optimization architecture. 5.2.2. The core requirements are to monitor the operation and maintenance of the equipment under the private network system, to automatically detect the faults of the equipment and notify them in time, to monitor the performance of the whole network, and to analyze the network status in the form of statistical reports. find out the performance bottleneck of the network. 1. The general functions of network management, including basic functions of network management software, such as equipment topology, fault management, performance management, configuration management and security management. Map topology map function, support network, server, PC machine three major network area topology map management; 3. Navigation processing of department organizational structure; 4. Monitor the devices in the network, including network devices, servers and PC machines; 5. Virus and security surveillance. 5.2.3. In the monitoring of this business private network, the Zhihe network management platform not only uses the traditional monitoring mode to monitor the network equipment, but also uses the unique server platform interface and virus database interface in the business private network. do in-depth monitoring of computer and server security, anomalies, viruses, etc. 1. Zhihe network management platform already includes basic functions of network management software such as device topology, fault management, performance management, configuration management and security management, which can be used directly by users. Zhihe network management platform uses the map navigation function consistent with the business system layout; 3. According to the national business network → provincial and municipal special network → regional special network → department → equipment → equipment monitoring resources 6 levels of intuitive monitoring and viewing; 4. Integrate all kinds of faults, safety, anomalies, alarms and monitoring operations on the navigation chart; 5.2.4. After the solution results and network management platform are deployed online, network managers can have an overall understanding of the whole network through the topology diagram, which helps to improve the network and optimize the architecture. The alarm mechanism of the platform, which used to take hours to find the faulty equipment, now takes only a few seconds, which greatly improves the work efficiency. 5.3. Shenzhen Unicom business dedicated line monitoring and monitoring system 5.3.1. Background China Unicom is one of the three major mobile operators in China, mainly engaged in mobile communications services, domestic and international fixed telephone networks and facilities, voice, data, image and multimedia communications and information services, telecom value-added services, IP telephone services and other services approved by the state, as well as system integration related to communications and information services. The continuous development of telecom business puts forward higher requirements for IT system and its operation and maintenance. Operators must rely on network management software to monitor the basic environment of IT system, network, host, application, database, middleware, storage and backup, security equipment and so on. 5.3.2. The core requirement is a set of integrated network management software to efficiently manage the equipment of the branch in different regions, including all servers, network equipment and software systems in the same interface. The specific requirements are as follows: 1. Can automatically search and find the network topology, and based on the graphical way to show the topology; 2. The time to find a fault, the network management must quickly find, notify and deal with the fault, the average can not be less than 30 seconds, the maximum can not exceed 1 minute; 3. Based on the large scale of operators and strict monitoring indicators, network management software is required to have the ability to monitor a large number of devices at the same time; 4. Provide secure and reliable means to enable authorized managers to remotely manage anywhere and at any time through the Internet; 5. Can generate rich statistical reports. 5.3.3. Zhihe ICT solution meets the needs of Shenzhen Unicom, and Zhihe ICT provides it with a general solution for Zhihe network management platform. Zhihe network management platform fully meets the network management requirements of user equipment topology, fault management, performance management, configuration management and security management, and solves the problems of user equipment management, function implementation, operation and maintenance and expansion integration. 1. The software unified monitoring and management intelligence and network management platform, as a comprehensive network management, can manage and monitor all types of network devices, support distributed deployment and collection, and ensure the decomposition of tasks. From the architecture level, the collection performance problem of large-scale complex network is solved. two。 Topology management intelligence and network management platform support a variety of automatic search topology technologies, and provide a variety of monitoring views, including geographical area map, network topology map, computer room topology map, equipment panel diagram, it can meet the management needs of people at different levels, different departments and different regions. 3. Fault collection and notification intelligence and network management platform can find the fault in real time and notify the administrator in time by means of short message, alarm sound and flashing light. Provide abnormal state baseline alarm and associated alarm and other functions, and can set multiple alarm conditions at the same time, alarm timely and accurate. 4. Mass equipment real-time monitoring intelligence and network management platform can monitor the mass monitoring points of thousands of devices in seconds at the same time to ensure the monitoring accuracy and real-time performance of massive data. 5. Multi-client management intelligence and network management platform support the decentralized management of multi-role administrators to manage the network, and make the responsibility and authority of operation and maintenance personnel from all angles clear through three-dimensional management of roles and regional permissions. Bounce S client uses HTML5 technology so that it can be managed through mobile phone, PAD and other login, so that it can be managed anytime and anywhere. 6. Statistical report intelligence and network management platform can automatically generate reports with different combinations of monitoring parameters, and can automatically generate different types of graphs, charts, data tables, etc., and support the export and printing of statistical reports. 5.3.4. Before the deployment of Zhihe network management platform, the results of the scheme can only manually maintain the relationship between these huge devices, resulting in a huge amount of maintenance. when the network changes, the network equipment relationship can not be updated in time. After the deployment of the Zhihe network management platform, all the equipment are integrated into the network management software for centralized management. When the equipment fails, the fault can be found within a few seconds.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.