CN101282333B - Method for switching information of distributed multiprotocol proxy and center system - Google Patents
Method for switching information of distributed multiprotocol proxy and center system Download PDFInfo
- Publication number
- CN101282333B CN101282333B CN200810037825A CN200810037825A CN101282333B CN 101282333 B CN101282333 B CN 101282333B CN 200810037825 A CN200810037825 A CN 200810037825A CN 200810037825 A CN200810037825 A CN 200810037825A CN 101282333 B CN101282333 B CN 101282333B
- Authority
- CN
- China
- Prior art keywords
- center
- agency
- file
- agent
- configuration file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
A distributed multiprotocol proxy in the computer network technical field and method of exchanging center system message; in the present invention, a center and agent management model are constructed; the agent sends message exchanging form XML file to the center in which comprises an unique ID identifier distributed to the agent by the center; after the center verifies that the agent is legal, the agent and the center exchange the message through the XML file; the center monitors the state of the agent in real-time through the analyzing XML file sent by the agent, and processes protocol collection data at the late stage; the center sends the configuration file, management file to the agent through synchronous mechanism so as to realize the dynamic management to the agent. The present invention realizes the independency between the application protocol and message, the independency between the center and the agent, improves the mutual operation ability between the center and the agent, strengthens the safety, reliability between the center and the distributed agent communication, effectively and rapidly solves the problems of communication and cooperating between the center and agent framework.
Description
Technical field
The present invention relates to a kind of method of technical field of the computer network, specifically is the method for a kind of distributed multi-protocols agency and centring system message.
Background technology
In the network environment of complicacy, owing to applied environment, application purpose difference, based on different application scenes; Exist different application layer protocols in the network, the message format of different agreement is different, and the agency is also different based on the content that the different protocol analysis obtains; Usual practice is the difference according to agreement, the interface at self-defined agency and center, if but agreement is very complicated, application protocol is numerous in the network; It is very complicated that the interface of this definition will become; The center is also numerous and complicated mixed and disorderly from the message format that agent side obtains, and is unfavorable for very much the Unified Treatment of later stage information, is unfavorable for effectively realizing the management objectives of tissue.Also having a kind of way is the exploitation middleware, with the completion communication mechanism, but has done two problems like this; The one, the later stage, system development was based on middleware; Inner message mechanism is shielded by middleware, if center and communications between agents have problems, will be difficult to follow the trail of; The 2nd, this communication middleware not will consider management and the cooperation problem between communication two ends or the multiterminal, and in center and agent communication framework applications in concrete realization, the center need be managed agency's realization, the center need communicate effective cooperation with the agency.Thereby, need the form of definition interacting message, need to adopt effective mechanism come assurance center and communications between agents in accordance with certain rules, reliable communications.XML is the simple version of SGML (standard generalized markup language), is ISO 8879 standards a kind of grammers that explanation defines to text mark.Extensible language as a kind of expression and switching network document and data; XML can be the mark of different types of documents and application program definition customization; XML DTD (DTD) can be used to the mark of stating that document is used, and it comprises element (the different message parts that document comprises), attribute (characteristic of information) and content model (relation between the each several part information).
Literature search through to prior art is found; One Chinese patent application number: 200710182031.3; Publication number is: CN101159760; Patent name is: " realizing the method and system of communications protocol based on the XML data interchange file ", realize in this patent that communication protocol method is based on XML and carries out exchanges data, its concrete grammar is through setting up the command script storehouse that the XML mode is represented; Instruction packing according to command script is sent the corresponding data application layer is sent, and the protocol data that receives is carried out corresponding unpacking return to data application layer.Its deficiency is; These method and system are more valuable aspect raising flexibility of protocol resolving program, expansion and Rapid Realization agreement; But it is a little less than function aspect the fail safe of communication is extremely thin; Do not verify whether instruction is legal because the communication party only resolves the instruction that receives, this causes malicious communication side to forge easily or a mistake valid instruction destroys operation or misoperation; Its flexibility aspect protocol resolving program is still not enough; Because it carry out consolidation formization to XML format order set of scripts; But defined limited command script storehouse, be unfavorable for flexible expansion, for instance; If new communication requirement is arranged then need increase new instruction, and need the resolving code of complete increase to this instruction; It is a little less than function aspect communicating pair or the multiparty collaboration is also extremely thin; Also be not suitable for the center and act on behalf of communicating by letter of this framework; Because it does not define good managing collaboration mechanism; Its consideration be the communicating pair of equity, do not consider center and agency's difference having problems aspect one-to-many, the many-many communication yet.
Summary of the invention
The present invention is directed to the deficiency of above-mentioned prior art, a kind of distributed multi-protocols agency is provided the method with the centring system message, the agency can be different systems with the center; Make its remove application protocol and exchange messages between the degree of coupling; Realize independence between application protocol and the message, realization center and the independence of acting on behalf of development language, the interoperability between raising center and the agency; The security reliability of communicating by letter with distributed agent in the enhancing center; Through standardized messages DIF and message rules, promote that network resource information is fully shared, communicating by letter and the collaborative work problem in effectively, fast solving the center and act on behalf of framework.
The present invention realizes through following technical scheme, the present invention includes following steps:
Step 1; Constitute the secondary administrative model by center and several agencies, central distribution is at backbone node, and the agency comprises the agency of various protocols type; The agency is distributed in Information Monitoring in each node of network; Be responsible for the data of collection, the corresponding agreement of packing, the agency reports the center with the agreement image data through Network Transmission, and data processing is carried out at the center;
Step 2, initialization is carried out to each agency in the center, configuration file and filtering rule file among the initialization agency, configuration file and filtering rule file are the XML file;
Step 3 starts the agency, and the agency reads initial configuration file and filtering rule file, and configuration file and filtering rule file are all followed unified message form, and the agency sends synchronizing information XML file and heartbeat message XML file to the center;
Step 4, center are based on the XML analytical framework, through filtering rule document analysis XML formatted file; Carry out proxy authentication based on ID sign in the XML file of agency's transmission with these two conditions of IP address of agency, checking access agency's legitimacy is if checking is passed through; The center allows the agency to insert; Get into step 5, this Agent Status of center is set to online, and carry out and the synchronization mechanism of acting on behalf of based on synchronizing information XML file at the center; If checking can not be passed through, center refusal agency connects, and institute finishes in steps;
Step 5, if the center allows the agency to insert, agency's beginning acquisition protocols data; Protocol data to collecting is analyzed, and based on protocol type and Agent ID sign data is packed with the XML formatted file, and file is reported the center; The center receives, the analyzing XML file data; Based on the agency of Agent ID spectroscopic analysis Data Source, the state that the center should be acted on behalf of is set to the reported data state, and in the heart database during data are deposited in;
Step 6, center editor's filtering rule file, and send to the agency so that new filtering rule file comes into force;
Step 7; Middle mind-set agency sends configuration file, and the synchronizing information XML fileinfo of agency's transmission is resolved at the center, wherein comprises the timestamp information of agent configuration file; If this timestamp information is consistent with the agent configuration file timestamp information of central store; Show that configuration file in the heart is consistent with the configuration file among the agency, then local corresponding agent configuration file is read at the center, and editor is transferred to the agency under the back; If the center is inconsistent with the configuration file among the agency, then the center generates the inquiry file of XML form, and is handed down to the agency, and the agency reports configuration file, and center editor's configuration file is handed down to the agency, and the agency restarts configuration file is come into force;
Step 8; The agency obtains in the configuration file about the blanking time information of agency to the center reported data; If in blanking time not to the center reported data; Then act on behalf of to the center and send heartbeat message XML file, the protocol data XML file of acting on behalf of heartbeat message XML file or reporting is not received at the center in setting-up time, and then this Agent Status of center-side is set to off-line.
Said agency is for comprising the proxy module of one or more protocol types.
In the step 2; Initialization is carried out to each agency in said center, is specially: center registration maintenance proxy ID home banking, and proxy information is read after starting in the center; If there is new agency by agreement need be deployed to acquisition protocols data in the network; Give unique ID sign, initial configuration file (comprising the IP address information), the filtering rule file of agent allocation by center-side, central record Agent ID sign is preserved agent configuration file and filtering rule file.
Described center; Comprise: main with server and some standby servers; In agent configuration file, comprise a master with server info and a plurality of standby server information, server info comprises server domain name, IP address, PORT COM and description, whether is main with server info etc. that the agency at first sends synchronizing information XML file and heartbeat message XML file to main with central server; Do not connect the main central server of using if act on behalf of continuous three times; Then select to connect other subsequent use central server, if successful connection, then it is set to the main central server of using.
Said agent configuration file comprises: multi-protocols agency's sign, collection port, heart time and sampling keep contents such as window, wherein:
Multi-protocols agencies' sign particularly can be launched a offensive to the center in order to the data collection agent that limits camouflage in order to one of condition of each data collection agent being discerned as the center, improves security performance;
Gathering port has specified the agency to need the procotol port of monitoring;
Heart time is in order to connect between maintenance agency and the center;
Sampling keeps window in order to set the buffer time of one group of data in the agency, reports the center at short notice with the data that prevent repetition, causes central loading excessive, influences the performance of central server.
Said filtering rule file comprises the characteristic quantity of network packet, like source or purpose IP, and source or destination interface etc., the user can remove invalid data packets according to the protocol filtering rule of setting, and improves system works efficient.
In the step 3, said synchronizing information XML file comprises the timestamp information of agent configuration file and filtering rule file, is used for realizing synchronization mechanism with the center, and it starts and is connected the back transmission with the center the agency.
In the step 3; Described message form is specially: adopt XML DTD definition, describe the data model of pass-along message between center and the agency with OO mode; With the XML file as the message formatted file; Realize of the mapping of multi-protocols format information, also reserved extension framework in addition, can expanded definition exchange messages to the unified message form.
In the step 4; Described XML analytical framework is specially: for reducing the program development amount, according to message form XML file object-oriented features; The analytically dependent rule file of definition XML; The class of convenient, fast each element of realization according to regular analytic uniform XML file, is accomplished the XML file data by a class file after object.
In the step 4; Described proxy authentication is specially: the center exists if Agent ID is identified in the ID home banking of center based on the legitimacy of ID sign in the XML file of agency's transmission with agency's IP address validation agency; And the IP address information is consistent in existing this ID sign agent configuration file in the IP address of agent communication and center; Then checking is passed through, and these two conditions are not as long as one possesses, and then checking is not passed through;
In the step 4; Described synchronization mechanism is specially: the center judges according to the content of synchronizing information XML file whether agency's configuration file and protocol filtering rule file lost efficacy, if configuration file or protocol filtering rule file lost efficacy; Then the center connects through this communication of having set up; Center default configuration file or protocol filtering rule file are handed down to the agency, if configuration file did not lose efficacy, then information is not sent at the center.If what receive is new configuration file or protocol filtering rule file to the agency, then agency's file that will newly receive replaces original file, and restarts it is come into force;
In the step 7; Said inquiry file; Comprise configuration querying file and protocol filtering rule file; These two files have been represented two operations respectively: the configuration of data being gathered proxy module is inquired about and the protocol filtering rule of data collection proxy module is inquired about, and in the practical implementation, these two query manipulations may be incorporated in the file explains.
In the step 8, the time of said setting is three times of blanking times.
Step 7, separate between eight, and can carry out in any time after the execution of step four.
Unified XML file message DIF is followed in communication between the agency of center and distributed multi-protocols described in above-mentioned each step and the related description, and adopts XML document analysis framework.
The present invention adopts the file of XML form as the bridge of communicating by letter between agency and the center, and the XML file adopts level to inherit construction packages, has effectively simplified the design of system, has improved the flexibility of data parsing program, has improved the ability of system handles data; Adopt proxy authentication, Agent Status monitoring, act on behalf of mechanism such as synchronous, guaranteed fail safe, the reliability of communication; For configuration and the uploading and issuing of filtering rule file, make agency's the function of protocol data collection have more flexibility.Need not to define complicated program language development interface when on agency and framework basis, center, realizing organizational goal; The information of agent acquisition can make things convenient for, flexible configuration; The center is managed the also very easy of agency, center and agency's message and system independence, and effective cooperation can be carried out with the agency in the center; Can simplify complicated logical construction, significantly reduce system development personnel's workload.
Compared with prior art, the present invention has following beneficial effect:
1, the method for prior art only provides reciprocity both sides' communication, the invention provides a kind of center and communicates by letter with distributed agent, can realize the communication of one-to-many, multi-to-multi;
2, prior art is not considered the fail safe of communicating by letter; The present invention acts on behalf of the means of unique ID sign through central service; In conjunction with agency's IP address, the agency of multi-protocol information collection is inserted legitimacy verify, to guarantee the correctness of Data Source; Because the reasonability of message formal definition, but send in the message process also auth-proxy the agency;
3, prior art is not considered the uniformity of message XML file format; The present invention is based on object-oriented features; Adopt level to inherit the construction packages data, help the expansion of protocol data, adopt the rule parsing framework to resolve message form XML file; Help improving the performance of resolution data, also help the program Rapid Realization;
4, prior art is not considered the management to the agency; The present invention passes through the decomposition between the different strobe utilities; Different filtering rules is positioned over the different phase of agency agreement data acquisition and analysis, provides, realized dynamic-configuration the agency with the form of configuration file; Also strengthened the collaboration capabilities at agency and center, the present invention also further realizes effectively management to the agency through synchronization mechanism, Agent Status monitoring.
Description of drawings
Fig. 1 is center and the model structure figure that acts on behalf of composition in the embodiment of the invention.
Embodiment
Below in conjunction with accompanying drawing embodiments of the invention are elaborated: present embodiment provided detailed execution mode and concrete operating process, but protection scope of the present invention is not limited to following embodiment being to implement under the prerequisite with technical scheme of the present invention.
Present embodiment comprises the steps:
Step 1; Constitute the secondary administrative model by center and agency; Central server is distributed in backbone node, and multi-protocols agencies is distributed in Information Monitoring in each node of network, the agency of various protocol types be responsible for gathering, the pack data of corresponding agreement; The agency reports the center with the agreement image data through Network Transmission, and data processing is carried out at the center.
As shown in Figure 1; In the model that center in the present embodiment and agency form; Administrative center links to each other with the agency of IPSec (Intenet safety) agency by agreement, SSL (SSL) agency by agreement, SNMP (simple network management) agency by agreement, WMI (Windows management regulation) agency by agreement and other agreement respectively, has an agency can comprise the agent function module of one or more protocol types according to the difference of protocol type.
Step 2, initialization is carried out to each agency in the center, initialization agency's configuration file and filtering rule file;
Said agency's configuration file comprises: multi-protocols agency's sign, collection port, heart time and sampling keep contents such as window, wherein:
Multi-protocols agencies' sign particularly can be launched a offensive to the center in order to the data collection agent that limits camouflage in order to one of condition of each data collection agent being discerned as the center, improves security performance;
Gathering port has specified the agency to need the procotol port of monitoring;
Heart time is in order to connect between maintenance agency and the center;
Sampling keeps window in order to set the buffer time of one group of data in the agency, reports the center at short notice with the data that prevent repetition, causes central loading excessive, influences the performance of central server.
Said agency's configuration file is specially:
<!ELEMENT?agent-config(update-time,servers,client,global-sets)>
<!ELEMENT?update-time(#PCDATA)>
<!ELEMENT?servers(server+)>
<!ELEMENT?client(interface)>
<!ATTLIST?client
ip?NMTOKEN?#REQUIRED
id?NMTOKEN?#REQUIRED
name?NMTOKEN?#REQUIRED
port?NMTOKEN?#REQUIRED
>
<!ELEMENT?global-sets(time-interval)>
<!ELEMENT?interface(#PCDATA)>
<!ELEMENT?server?EMPTY>
<!ATTLIST?server
name?NMTOKEN?#REQUIRED
ip?NMTOKEN?#REQUIRED
port?NMTOKEN?#FIXED’1070’
default(yes|no)#REQUIRED
status(0|1)#REQUIRED
>
<!ELEMENT?time-interval(heartbeat,sample)>
<!ELEMENT?heartbeat(#PCDATA)>
<!ELEMENT?sample(#PCDATA)>
Said filtering rule file comprises the characteristic quantity of network packet, like source or purpose IP, and source or destination interface etc., the user can remove invalid data packets according to the protocol filtering rule of setting, and improves system works efficient, is specially:
<!ELEMENT?agent-rule
(update-time,localfilters,filters,auth-arithmetic-mappings*)>
<!ELEMENT?localfilters(localfilter+)>
<!ELEMENT?filters(filter+)>
<!ELEMENT?localfilter(#PCDATA)>
<!ELEMENT?filter(filter-name,init-param)>
<!ELEMENT?filter-name(#PCDATA)>
<!ELEMENT?init-param(param-value*)>
<!ELEMENT?param-value(#PCDATA)>
Step 3 starts the agency, and the agency reads initial configuration XML file and filtering rule XML file, and configuration file and filtering rule file are all followed unified message form, and the agency sends synchronizing information XML file and heartbeat message XML file to the center;
Described message form; Be specially: adopt XML DTD definition, the data model of pass-along message between describing the center and act on behalf of with OO mode, with the XML file as the message formatted file; Realize of the mapping of multi-protocols format information to the unified message form; Top type of all message formatted files is agent, and the message of each type all is such subclass, has defined agency's unique ID sign, IP address and other descriptor among the agent; Give agent allocation ID by the center, as acting on behalf of one of the mandate sign at access center.In addition; Also defined multiple type of message among the agent; Comprise agent-config (proxy configurations message), agent-rule (agent rule message), agent-alert (agency's alarm), agent-report (proxy-reporting), agent-heartbeat (heartbeat message), agent-synch (synchronization message), also have kind of message such as inquiry, multinomial expansion in addition.Wherein except agent-config, agent-rule directly the subclass as agent; Uniform maintenance for ease of the form of message; Other kind of message is as the subclass of agent-reports (report message), and agent-reports is directly as the subclass of agent, and in agent-reports, having comprised these message can expand; Comprise subclass separately again respectively, to represent more detailed message.Among the agent-config; Subclasses such as timestamp, server servers, eartbeat interval, report information time window have been defined; Consider server balanced with active and standby usefulness, comprise multinomial server subclass among the servers, it still is other purposes with server that the element value decision through sever is used for main.For the ease of acting on behalf of flexible Information Monitoring, in agent-rule, defined a series of filtering rules of agent acquisition information, the agency determines to gather which type information, need not to gather which information according to filtering rule.Distinguishing according to the subtype implication among the alert-report is to report to the police or general report information; Agent-heartbeat keeps to act on behalf of the message that normally is connected with the center; And agent-synch is the consistency for realization center and proxy message, and center and agency are importantly related to the normal operation of agency, normally content, timestamp such as report to carry out Synchronous Processing.Also reserved extension framework in addition, in agent-reports, can expanded definition exchange messages.The center receives agency's information, differentiates message format, if form is wrong, refusal is handled and the indication agency retransmits, and is specific as follows:
<!ELEMENT?agent
(agent-config|agent-rule|agent-reports|agent-synch)>
<!ATTLIST?agent
ip?CDATA?#REQUIRED
id?CDATA?#REQUIRED
name?CDATA?#REQUIRED
description?CDATA?#IMPLIED
xmltype
(agent-config|agent-rule|alert-report|agent-heartbeat|agent-synch|age
nt-query|muti-items)#REQUIRED
>
Said synchronizing information XML file comprises the timestamp information of agent configuration file and filtering rule file, is used for realizing synchronization mechanism with the center, and it starts and is connected the back transmission with the center the agency, is specially:
<!ELEMENT?agent-reports(agent-report*)>
<!ELEMENT?agent-report(system)>
<!ATTLIST?agent-report
type(agent-synch)?#REQUIRED
description?CDATA?#IMPLIED
>
<!ELEMENT?agent-synch(config-file,rule-file)>
<!ELEMENT?config-file(update-time)>
<!ELEMENT?rule-file(update-time)>
Said Query Information XML file is specially:
<!ELEMENT?agent-reports(agent-report*)>
<!ELEMENT?agent-report(config)>
<!ATTLIST?agent-report
type(agent-query)#REQUIRED
description?CDATA#IMPLIED
>
<!ELEMENT?config(param,summary?)>
<!ELEMENT?param(#PCDATA)>
<!ELEMENT?summary(#PCDATA)>
Said heartbeat message XML file is specially:
<!ELEMENT?agent-reports(agent-report*)>
<!ELEMENT?agent-report(system)>
<!ATTLIST?agent-report
type(agent-heartbeat)#REQUIRED
description?CDATA?#IMPLIED
>
<!ELEMENT?system(setup-time?,runtime?)>
<!ELEMENT?setup-time(#PCDATA)>
<!ELEMENT?runtime(#PCDATA)>
Step 4, center are based on the XML analytical framework, through rule file parsing XML format file; Carry out proxy authentication based on ID sign in the XML file of agency's transmission with these two conditions of IP address of agency, checking access agency's legitimacy is if checking is passed through; The center allows the agency to insert, and gets into step 5, and this Agent Status of center is set to online; Carry out and the synchronization mechanism of acting on behalf of based on synchronizing information XML file at the center; If checking can not be passed through, center refusal agency connects, and institute finishes in steps;
Described rule file is specially:
<?xml?version=″1.0″?>
<digester-rules>
<pattern?value=″agent″>
<object-create-rule?classname=″org.infosec.app.model.Agent″/>
<set-properties-rule>
<alias?attr-name=″ip″prop-name=″ip″/>
<alias?attr-name=″id″prop-name=″id″/>
<alias?attr-name=″name″prop-name=″name″/>
<alias?attr-name=″description″prop-name=″description″/>
<alias?attr-name=″xmltype″prop-name=″xmltype″/>
</set-properties-rule>
<pattern?value=″agent-reports″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentReport″/>
<pattern?value=″agent-report″>
<set-properties-rule>
<alias?attr-name=″type″prop-name=″type″/>
<alias?attr-name=″description″prop-name=″description″/>
</set-properties-rule>
<pattern?value=″system″>
<object-create-rule
classname=″org.infosec.app.model.XmlSystem″/>
<set-properties-rule/>
<call-method-rule?pattern=″setup-time″
methodname=″setSetupTime″paramcount=″0″/>
<call-method-rule?pattern=″runtime″methodname=″setRunTime″
paramcount=″0″/>
<set-next-rule?methodname=″setXmlSystem″/>
</pattern>
</pattern>
<set-next-rule?methodname=″setAgentReport″/>
</pattern>
<pattern?value=″agent-synch″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentFileSync″/>
<set-properties-rule/>
<call-method-rule?pattern=″config-file/>update-time″
methodname=″setConfigUpdateTimeStr″paramcount=″0″/>
<call-method-rule?pattern=″rule-file/>update-time″
methodname=″setRuleUpdateTimeStr″paramcount=″0″/>
<set-next-rule?methodname=″setAgentFileSync″/>
</pattern>
<pattern?value=″agent-rule″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentRule″/>
<set-properties-rule/>
<call-method-rule?pattern=″update-time″
methodname=″setUpateTimeStr″paramcount=″0″/>
<set-next-rule?methodname=″setAgentRule″/>
</pattern>
<pattern?value=″agent-config″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentConfig″/>
<set-properties-rule/>
<call-method-rule?pattern=″update-time″
methodname=″setUpateTimeStr″paramcount=″0″/>
<set-next-rule?methodname=″setAgentConfig″/>
</pattern>
</pattern>
</digester-rules>
Step 5, if the center allows the agency to insert, agency's beginning acquisition protocols data; Protocol data to collecting is analyzed, and based on protocol type and Agent ID sign data is packed with the XML formatted file, and file is reported the center; The center receives, the analyzing XML file data; Based on the agency of Agent ID spectroscopic analysis Data Source, the state that the center should be acted on behalf of is set to the reported data state, and in the heart database during data are deposited in;
Step 6, center editor's filtering rule XML file, and send to the agency so that new filtering rule XML file comes into force;
Step 7; Middle mind-set agency sends configuration XML file, and the center is resolved and acted on behalf of the synchronizing information XML fileinfo that sends, and wherein comprises the timestamp information of agent configuration file; If this timestamp information is consistent with the agent configuration file timestamp information of central store; Show that configuration file in the heart is consistent with the configuration file among the agency, then local corresponding agent configuration file is read at the center, and editor is transferred to the agency under the back; If the center is inconsistent with the configuration file among the agency, then the center generates the inquiry file of XML form, and is handed down to the agency, and the agency reports configuration file, and center editor's configuration file is handed down to the agency, and the agency restarts configuration file is come into force;
Step 8; The agency obtains in the configuration file about the blanking time information of agency to the center reported data; If in blanking time not to the center reported data; Then act on behalf of to the center and send heartbeat message XML file, the protocol data XML file of acting on behalf of heartbeat message XML file or reporting is not received at the center in setting-up time, and then this Agent Status of center-side is set to off-line.
Present embodiment has been realized independence between application protocol and the message; Realization center and the independence of acting on behalf of development language; Interoperability between raising center and the agency; The fail safe of communicating by letter with distributed agent in the enhancing center, reliability, communicating by letter and the collaborative work problem in effectively, fast solving the center and act on behalf of framework.
Claims (7)
1. the method for a distributed multi-protocols agency and centring system message is characterized in that, comprises the steps:
Step 1; Constitute the secondary administrative model by center and several agencies, central distribution is at backbone node, and the agency comprises the agency of various protocols type; The agency is distributed in Information Monitoring in each node of network; Be responsible for the data of collection, the corresponding agreement of packing, the agency reports the center with the protocol data of gathering through Network Transmission, and data processing is carried out at the center;
Step 2, initialization is carried out to each agency in the center, configuration file and filtering rule file among the initialization agency, configuration file and filtering rule file are XML, i.e. extensible markup language document;
Step 3 starts the agency, and the agency reads initial configuration file and filtering rule file, and configuration file and filtering rule file are all followed unified message form, and the agency sends synchronizing information XML file and heartbeat message XML file to the center;
Described message form; Be specially: adopt XML DTD, i.e. DTD, the data model of pass-along message between describing the center and act on behalf of with OO mode; With the XML file as the message formatted file; Realize of the mapping of multi-protocols format information, also reserved extension framework in addition, can expanded definition exchange messages to the unified message form;
Step 4, center are based on the XML analytical framework, through filtering rule document analysis XML formatted file; Carry out proxy authentication based on Agent ID sign in the XML file of agency's transmission with these two conditions of IP address of agency, checking access agency's legitimacy is if checking is passed through; The center allows the agency to insert, and gets into step 5, and this Agent Status of center is set to online; Carry out and the synchronization mechanism of acting on behalf of based on synchronizing information XML file at the center; If checking can not be passed through, center refusal agency connects, and institute finishes in steps;
Described synchronization mechanism; Be specially: the center judges according to the content of synchronizing information XML file whether agency's configuration file and filtering rule file lost efficacy, if configuration file or filtering rule file lost efficacy, then the center connects through this communication of having set up; Center default configuration file or filtering rule file are handed down to the agency; If configuration file did not lose efficacy, then information is not sent at the center, if what receive is new configuration file or filtering rule file to the agency; Then agency's file that will newly receive replaces original file, and restarts it is come into force;
Step 5, if the center allows the agency to insert, agency's beginning acquisition protocols data; Protocol data to collecting is analyzed, and based on protocol type and Agent ID sign data is packed with the XML formatted file, and file is reported the center; The center receives, the analyzing XML file data; Based on the agency of Agent ID spectroscopic analysis Data Source, the state that the center should be acted on behalf of is set to the reported data state, and in the heart database during data are deposited in;
Step 6, center editor's filtering rule file, and send to the agency so that new filtering rule file comes into force;
Step 7; Middle mind-set agency sends configuration file, and the synchronizing information XML fileinfo of agency's transmission is resolved at the center, wherein comprises the timestamp information of configuration file; If this timestamp information is consistent with the configuration file timestamp information of central store; Show that configuration file in the heart is consistent with the configuration file among the agency, then local respective profiles is read at the center, and editor is transferred to the agency under the back; If the center is inconsistent with the configuration file among the agency, then the center generates the inquiry file of XML form, and is handed down to the agency, and the agency reports configuration file, and center editor's configuration file is handed down to the agency, and the agency restarts configuration file is come into force;
Step 8; The agency obtains in the configuration file about the blanking time information of agency to the center reported data; If in blanking time not to the center reported data; Then act on behalf of to the center and send heartbeat message XML file, the protocol data XML file of acting on behalf of heartbeat message XML file or reporting is not received at the center in setting-up time, and then this Agent Status of center-side is set to off-line.
2. the method for distributed multi-protocols agency according to claim 1 and centring system message; It is characterized in that in the step 2, initialization is carried out to each agency in said center; Be specially: center registration maintenance proxy ID home banking; Proxy information is read after starting in the center, if there is new agency by agreement need be deployed to acquisition protocols data in the network, gives unique ID sign, initial configuration file, the filtering rule file of agent allocation by center-side; Central record Agent ID sign is preserved configuration file and filtering rule file.
3. the method for distributed multi-protocols agency according to claim 1 and centring system message; It is characterized in that; Described center comprises: main with server and some standby servers, comprise that in configuration file a master is with server info and a plurality of standby server information; Whether server info comprises server domain name, IP address, PORT COM and description, is the main server info of using; The agency at first sends synchronizing information XML file and heartbeat message XML file to main with central server, does not connect the main central server of using if act on behalf of continuous three times, then selects to connect other subsequent use central server; If successful connection, then it is set to the main central server of using.
4. the method for distributed multi-protocols agency according to claim 1 and centring system message is characterized in that said configuration file comprises: agent identification, collection port, heart time and sampling keep windows content, wherein:
One of condition that agent identification is discerned each data collection agent as the center is launched a offensive to the center in order to the data collection agent that limits camouflage;
Gathering port has specified the agency to need the procotol port of monitoring;
Heart time is in order to connect between maintenance agency and the center;
Sampling keeps window in order to set the buffer time of one group of data in the agency.
5. the method for distributed multi-protocols agency according to claim 1 and centring system message is characterized in that said filtering rule file comprises: source or purpose IP address, source or destination interface.
6. the method for distributed multi-protocols agency according to claim 1 and centring system message; It is characterized in that; In the step 3, said synchronizing information XML file comprises the timestamp information of configuration file and filtering rule file; Realize acting on behalf of and central synchronous mechanism, it is connected the back transmission in agency's startup and with the center.
7. the method for distributed multi-protocols agency according to claim 1 and centring system message; It is characterized in that, in the step 4, described proxy authentication; Be specially: the center is according to the legitimacy of Agent ID sign in the XML file of agency's transmission with agency's IP address validation agency; Exist if Agent ID is identified in the ID home banking of center, and the IP address information is consistent in existing this Agent ID sign configuration file in the IP address of agent communication and center, then verifies and passes through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810037825A CN101282333B (en) | 2008-05-22 | 2008-05-22 | Method for switching information of distributed multiprotocol proxy and center system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810037825A CN101282333B (en) | 2008-05-22 | 2008-05-22 | Method for switching information of distributed multiprotocol proxy and center system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101282333A CN101282333A (en) | 2008-10-08 |
| CN101282333B true CN101282333B (en) | 2012-09-05 |
Family
ID=40014610
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810037825A Active CN101282333B (en) | 2008-05-22 | 2008-05-22 | Method for switching information of distributed multiprotocol proxy and center system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101282333B (en) |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848463A (en) * | 2010-03-16 | 2010-09-29 | 苏州汉明科技有限公司 | Method for protecting access of legal user based on wireless access point |
| CN102402441B (en) * | 2010-09-16 | 2014-08-20 | 腾讯科技(深圳)有限公司 | System and method for configuring multiple computers |
| CN102035675B (en) * | 2010-12-07 | 2013-02-20 | 苏州迈科网络安全技术股份有限公司 | Application method of equipment distributed management system |
| CN102185715A (en) * | 2011-05-04 | 2011-09-14 | 成都勤智数码科技有限公司 | Method for centralizing distributed data |
| CN102571928B (en) * | 2011-12-21 | 2014-11-05 | 深信服网络科技(深圳)有限公司 | Method and device for selecting application proxy according to application identification |
| CN102693324B (en) * | 2012-01-09 | 2015-03-18 | 西安电子科技大学 | Distributed database synchronization system, synchronization method and node management method |
| CN103888443B (en) * | 2014-02-20 | 2017-10-24 | 下一代互联网关键技术和评测北京市工程研究中心有限公司 | The method and multi-protocol analysis system of a kind of multi-protocol analysis |
| CN105159901B (en) * | 2014-06-16 | 2020-02-04 | 创新先进技术有限公司 | Proxy protocol searching method and device |
| CN104917768A (en) * | 2015-06-12 | 2015-09-16 | 安徽朗坤物联网有限公司 | Energy consumption data acquisition unit based on multi-protocol parallel acquisition technology and acquisition method thereof |
| CN105681108B (en) * | 2016-03-15 | 2018-10-30 | 迈普通信技术股份有限公司 | A kind of method and apparatus for realizing that configuration is synchronous |
| CN107689888B (en) * | 2017-08-23 | 2020-07-03 | 广州优亿信息科技有限公司 | Multi-path aggregated NB (NB) equipment access server system |
| CN109510745A (en) * | 2017-09-14 | 2019-03-22 | 株洲中车时代电气股份有限公司 | A kind of configuration method and system of I/O data acquisition |
| CN108429811B (en) * | 2018-03-19 | 2020-11-03 | 武汉虹信通信技术有限责任公司 | Data unified interface management system and method based on data fusion |
| CN111277457A (en) * | 2020-01-15 | 2020-06-12 | 平安银行股份有限公司 | Method, device and equipment for switching network environment and readable storage medium |
| CN111447227B (en) * | 2020-03-27 | 2022-06-21 | 四川虹美智能科技有限公司 | Protocol analysis method and device of Internet of things equipment |
| CN117596175B (en) * | 2024-01-17 | 2024-04-16 | 苏州元脑智能科技有限公司 | Hierarchical monitoring method, device, equipment, system and storage medium for switch |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1320229A2 (en) * | 2001-12-14 | 2003-06-18 | Openwave Systems Inc. | Method and device for messaging |
| CN1520671A (en) * | 2001-04-23 | 2004-08-11 | А | System and method for dynamic distribution of data and/or services |
| KR20040083232A (en) * | 2003-03-21 | 2004-10-01 | 학교법인 포항공과대학교 | Xml/snmp gateway for integrated network management |
| CN1674528A (en) * | 2005-03-23 | 2005-09-28 | 北京北方烽火科技有限公司 | LCS network management method based on hierarchical chained list and dynamic XML technique |
-
2008
- 2008-05-22 CN CN200810037825A patent/CN101282333B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1520671A (en) * | 2001-04-23 | 2004-08-11 | А | System and method for dynamic distribution of data and/or services |
| EP1320229A2 (en) * | 2001-12-14 | 2003-06-18 | Openwave Systems Inc. | Method and device for messaging |
| KR20040083232A (en) * | 2003-03-21 | 2004-10-01 | 학교법인 포항공과대학교 | Xml/snmp gateway for integrated network management |
| CN1674528A (en) * | 2005-03-23 | 2005-09-28 | 北京北方烽火科技有限公司 | LCS network management method based on hierarchical chained list and dynamic XML technique |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101282333A (en) | 2008-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101282333B (en) | Method for switching information of distributed multiprotocol proxy and center system | |
| US8024494B2 (en) | Method of monitoring device forming information processing system, information apparatus and information processing system | |
| US6968553B1 (en) | Element manager common gateway architecture system and method | |
| US7028081B2 (en) | Network-device management apparatus and method, recording medium, and transmission apparatus | |
| Yu et al. | An empirical study of the NETCONF protocol | |
| US7937716B2 (en) | Managing collections of appliances | |
| US20090063650A1 (en) | Managing Collections of Appliances | |
| US20080162690A1 (en) | Application Management System | |
| CN101296124A (en) | Method, device and system for acquiring equipment information | |
| CN101227470B (en) | System and method of business management | |
| US20090013176A1 (en) | Application level integration in support of a distributed network management and service provisioning solution | |
| US8578021B2 (en) | Performance measurement and service quality monitoring server using a command line interface | |
| US8027362B2 (en) | Methods and systems for pushing and pulling network data in user interface design | |
| US6799211B1 (en) | Management of multiple non-standard networks and systems with smart agents | |
| CN103078865A (en) | Network server communication model based on transmission control protocol (TCP) | |
| CN101572624A (en) | Cross-platform cross-method SNMP extension MIB realization method | |
| WO2016091141A1 (en) | Method and apparatus for information collection | |
| Abeck | Network Management know it all | |
| US8849960B2 (en) | Non-invasive method and system for automated administration of diverse security constrained servers | |
| US20060288102A1 (en) | Method and system for improved management of a communication network by extending the Simple Network Management Protocol | |
| CN108280017A (en) | A kind of System Event Log method for uploading, device, equipment and system | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |