A kind of method of collection of network equipment information, classification and constant mark
Technical field
The present invention relates to a kind of computer technology and web-information technology field, be specifically related to a kind of method of collection, classification and constant mark of network equipment information.
Background technology
Along with popularizing of communication technology and network, the continuous networking of core business infosystem of government and enterprises and institutions, the Information Security Risk that faces increases day by day; On the other hand, in order to strengthen internal control, the competent authorities of state compulsion office and industry have promulgated various laws and regulations and guides of closing rule and internal control aspect in succession.In these several situations, just more and more important for the network security audit of the network equipment, however the status information of the network equipment that comprises in the multiple network equipment of present multiple manufacturer is very huge numerous and diverse.If separately each network equipment is carried out security audit, that with consuming time, consumption power is huge, so the method for the acquisition and processing to network equipment state information of a kind of high-speed and high-efficiency at initial stage just seems especially important.Realize the inspection of the network equipment and audit robotization, the initial stage is just particularly important to sign a large amount of, that skimble-scamble network equipment information carries out relevant classification and standardization.Only have the information of virgin state has been carried out relevant arrangement, classifies, won, just likely in the later stage, use software program to carry out the complete-automatic check of robotization, mass.
Summary of the invention
The method that the purpose of this invention is to provide a kind of collection, classification and constant mark of network equipment information, gather and process huge numerous and diverse network equipment information, so that the realization of follow-up various programs.
The objective of the invention is to be achieved through the following technical solutions:
A kind of method of collection of network equipment information, classification and constant mark comprises the following steps:
1), to the heterogeneous networks equipment of different vendor, adopt the attribute information of different device command combination collecting devices and store;
2) will collect according to dissimilar, being classified of information;
3) in the information of having classified, the content of needs is screened and won;
4) content that will win identifies and with this device name, stores in the lump.
In step 1), the acquisition method of network equipment information is artificial the collection or collection automatically, and the network equipment information of collection comprises: device name, device configuration information, interface message, routing iinformation, operating system version information, Routing Protocol information, mac address information, vlan information; Step 1) is further comprising the steps:
Log in the network equipment that needs Information Monitoring, move on this equipment corresponding to screening, order display device information;
Record after action command shown information out on equipment, and the information that will show is preserved.
Beneficial effect of the present invention is: by a large amount of information that mixes with different type network equipment, classify according to ad hoc approach in advance and identify, thereby management, classification, storage, sign to the information that collects are carried out standard, so that follow-up robotization is processed.After making, a large amount of dissimilar equipment are carried out network security audit fast and become possibility, significantly improved work efficiency, save cost of labor.
Description of drawings
Below with reference to the accompanying drawings the present invention is described in further detail.
Fig. 1 is one of the process flow diagram of method of collection, classification and the constant mark of the described network equipment information of the embodiment of the present invention;
Fig. 2 be the described network equipment information of the embodiment of the present invention collection, classification and constant mark method process flow diagram two.
Embodiment
As shown in Figure 1-2, the method for the collection of the described a kind of network equipment information of the embodiment of the present invention, classification and constant mark comprises the following steps:
Step 1:, at first to the distinct device of different vendor, adopt specific device command combination (various vendor equipment support orders are described in detail in manufacturer's product description), collect particular device information; (this step does not limit the method for collection information, can automatically realize, can complete by hand yet.But in order to guarantee that the information that collects necessarily comprises content related in subsequent step, so this step need to limit the kind of Information Monitoring); Step 1 comprises (for example, also can adopt additive method to complete):
Step 1.1: log in the network equipment that needs Information Monitoring, move the order through display device information screening, specific corresponding on this equipment;
Step 1.2: record after action command shown information out on equipment, and the information that will show is preserved;
For example: log in cisco router command line interface interface, input as the show version that issues orders, this equipment will show the in-local system related information.
Step 2: to the information of collecting, the difference of the meaning that comprises according to information is classified; The information of collecting comprises and is not limited to following several large class: device name; Device configuration information; Interface message; Routing iinformation; Operating system version information; Routing Protocol information; Mac address information; Vlan information etc.;
For example: displaying contents in the show version order of Cisco's ios device is classified as device operating system version class.
Step 3: in the information of having classified, the screening key content is won;
For example: front 2 row of displaying contents in the show version order of Cisco's ios device are won out.
Step 4:, to the information of winning out, carry out specific identifier, so that the later stage is carried out relevant treatment.Each category information all can be given specific identifier and this device name is stored in the lump.
For example: the content affix device name that will as above win and version character, to identify what information which platform equipment this is, storage afterwards.
The network equipment order that this method is selected, often one or several all comprises clear and definite relevant facility information, and these information can clearly reflect the state of this equipment in collected moment.After collecting this category information, these information are carried out distinctive classification, summary, sign and storage, namely complete this method of work.
The present invention is not limited to above-mentioned preferred forms; anyone can draw other various forms of products under enlightenment of the present invention; no matter but do any variation on its shape or structure; every have identical with a application or akin technical scheme, within all dropping on protection scope of the present invention.