CN103746860A - Network monitoring system and method thereof in virtual environment - Google Patents
Network monitoring system and method thereof in virtual environment Download PDFInfo
- Publication number
- CN103746860A CN103746860A CN201310512044.8A CN201310512044A CN103746860A CN 103746860 A CN103746860 A CN 103746860A CN 201310512044 A CN201310512044 A CN 201310512044A CN 103746860 A CN103746860 A CN 103746860A
- Authority
- CN
- China
- Prior art keywords
- monitoring
- virtual machine
- guest virtual
- network
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network monitoring system and a method thereof in the virtual environment. The network monitoring system is disposed in a privilege virtual machine to carry out network monitoring over a plurality of client virtual machines. The network monitoring system comprises an initialization module, a data transmission monitoring module and a data reception monitoring module. The initialization module is used for creating log files and arranging monitor points. The data transmission monitoring module and the data reception monitoring module are used for simultaneously monitoring external transmission data and reception data of the plurality of client virtual machines respectively, and storing obtained monitor information to be used in the network monitoring. The invention achieves the fine grit network monitoring system and the method thereof in the virtual environment.
Description
Technical field
The present invention relates to the network request monitoring in virtualized environment, particularly relate to the fine-granularity network access request monitoring of dividing according to virtual machine.
Background technology
Intel Virtualization Technology results from the sixties in last century, and IBM has proposed virtualized concept, and this technology is applied to the System/370 system of IBM.Up to the present, Intel Virtualization Technology has been applied to a lot of industries and field, and will have widely and use in future.By Intel Virtualization Technology, can improve the utilance of server, improve the stability of service and the portability of robustness and software, in addition, the safety problem that Intel Virtualization Technology is also resolution system due to its outstanding isolation provides a kind of thinking.
Xen is a kind of widely used virtualization software, its critical piece is Virtual Machine Manager layer (Virtual Machine Monitor, hereinafter to be referred as VMM), the franchise virtual machine Domain0(that comprises management tool is hereinafter to be referred as Dom0), and guest virtual machine (hereinafter to be referred as DomU), wherein, VMM layer operates between guest virtual machine and hardware, Dom0 and DomU operate on VMM layer, the special character of Dom0 is, it has the management tool of other DomU of management, and the interface of communicating by letter with VMM, thereby reach the object that Xen virtual environment is controlled.Dom0 end also comprises the interface that receives DomU hardware access information, is called rear end and drives, and rear end drives the hardware requests that can receive DomU all on Same Physical machine, and is driven these requests are unified to process by access real equipment.
Network virtual is one of Intel Virtualization Technology major issue that need to solve.The solution of Xen is to set up virtual bridge for each guest virtual machine, the network access request of each guest virtual machine by with the sharing channel of Dom0 pass to Dom0 rear end drive, by the rear end disk drive of Dom0, request is carried out to related resolution again, be packaged into the true network interface card activation bit of access and be distributed to the true network interface card driving on physical machine.
The guest virtual machine of half virtualization architecture is only supported in the initial design of Xen, this requires guest virtual machine to install can drive the headend equipment driving of communicating by letter with the rear end of Dom0, therefore, this just need to modify to guest virtual machine, this just causes early stage Xen can only support to be provided with the guest virtual machine of (SuSE) Linux OS, and along with the CPU manufacturers such as Intel and AMD have proposed the Intel Virtualization Technology of hardware, Xen can support without Windows and the (SuSE) Linux OS revised at present, utilize hardware to carry out virtualized guest virtual machine and become hardware virtual machine (Hardware-based Virtual Machine, hereinafter to be referred as HVM).
Network information monitoring is performance evaluation and the very important technology of safety protection field.In Xen, provide a kind of instrument XenMon that can monitor I/O request number of times, but this instrument only carries out record from the angle of counting, and can not obtain the specifying information of network request operation, be unfavorable for carrying out the concrete data analysis that safety is relevant.
Chinese patent CN101436966A discloses a kind of " network monitoring under virtual machine environment and analytical system ", it has been analyzed in virtualized environment, different virtual machine moves the warfare that multiple I/O intensive applications cause, but, in this patent, supervisory control system has been placed in monitored virtual machine, and just test purposes, can not be used for general scene.
Name is called and in " Proceedings of the International Conference & Workshop on Emerging Trends in Technology(technology new trend international conference and seminar) ", discloses the document that one piece of name is called " HawkEye solutions:a network intrusion detection system.(hawkeye solution: a kind of Network Intrusion Detection System) ", author is: I Mukhopadhyay, M Chakraborty, S Chakrabarti, within open day, be: on March 14th, 2011, introduced the fixed security strategy of a kind of use and monitored network has been carried out to the technology of intrusion detection, but, this technology can not be used in virtualized environment.
Summary of the invention
Technical problem to be solved by this invention is to provide a kind of network monitoring system and the method thereof under virtualized environment, what mainly pay close attention to is the fine-granularity network access request monitoring of dividing according to virtual machine, solve under virtualized environment of the prior art information monitoring accuracy low, the problem such as fail safe is not high.
For achieving the above object, the invention provides the network monitoring system under a kind of virtualized environment, it is characterized in that, described network monitoring system is deployed in franchise virtual machine, and multiple guest virtual machines are carried out to network monitoring, and described network monitoring system comprises:
Initialization module: for creating log file, control point is set;
Data send monitoring module: for monitor the external transmission data of described multiple guest virtual machines simultaneously, and the monitor message getting is stored, for network monitoring;
Data receiver monitoring module: the external data receiving for monitor described multiple guest virtual machine simultaneously, and the described monitor message getting is stored, for network monitoring.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, described initialization module comprises:
Create log file module: for creating log file, record the described monitor message of described multiple guest virtual machines;
Control point arranges module: at described multiple guest virtual machines, control point function being set, and monitoring articulates function;
Knock-down module: articulate for described control point function and described monitoring are articulated to function, to described monitor message is articulated to function from described control point function passes to described monitoring, and store described monitor message into described log file.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, described data send monitoring module and comprise:
Send monitoring modular: by the described control point function arranging, monitor described transmission data and externally send in the transmission function of described franchise virtual machine;
Send address acquisition module: in described transmission data, obtain source MAC;
Send address mapping module: obtain the sign ID of the described guest virtual machine that described source MAC is corresponding, set up the mapping relations between described source MAC and described guest virtual machine sign ID;
Send memory module: according to described guest virtual machine sign ID, separately record described monitor message, and described monitor message is separately stored in described log file, for network monitoring according to described guest virtual machine sign ID.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, described data receiver monitoring module comprises:
Receive monitoring modular: by the described control point function arranging, monitor and receive described external data arrival in the receiver function of described franchise virtual machine;
Receiver address acquisition module: obtain target MAC (Media Access Control) address in described reception data;
Receiver address mapping block: obtain the sign ID of the described guest virtual machine that described target MAC (Media Access Control) address is corresponding, set up the mapping relations between described target MAC (Media Access Control) address and described guest virtual machine sign ID;
Receive memory module: according to described guest virtual machine sign ID, record respectively reception monitor message, and described reception monitor message is stored in described log file, for network monitoring according to described guest virtual machine sign ID.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, described transmission data and described reception data acquisition skb data structure.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, described monitor message comprises: described sending/receiving packet temporal information, described sending/receiving data package size and described sending/receiving packet content.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, the mapping between described object/source MAC and described guest virtual machine sign ID realizes by Xenstore file system technology.
Network monitoring system under above-mentioned virtualized environment, is characterized in that, described log file adopts relay file system technology to realize.
The invention provides the method for monitoring network under a kind of virtualized environment, be applicable to the network monitoring system under virtual environment, described network monitoring system is deployed in franchise virtual machine, and multiple guest virtual machines are carried out to network monitoring, it is characterized in that, described method for monitoring network comprises:
Initialization step: for creating log file, control point is set;
Data send monitoring step: for monitor the external transmission data of described multiple guest virtual machine simultaneously, and the monitor message getting is stored, for network monitoring;
Data receiver monitoring step: the external data receiving for monitor described multiple guest virtual machine simultaneously, and the described monitor message getting is stored, for network monitoring;
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, described initialization step comprises:
Create log file step: for creating log file, record the described monitor message of described multiple guest virtual machines;
Control point setting steps: at described multiple guest virtual machines, control point function being set, and monitoring articulates function;
Articulate step: for described control point function and described monitoring are articulated to function, articulate, to described monitor message is articulated to function from described control point function passes to described monitoring, and stored by described log file module.
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, described data sending step comprises:
Send monitoring step: by the described control point function arranging, monitor described transmission data and externally send in the transmission function of back-end network card driver;
Send address acquisition step: in described transmission data, obtain source MAC;
Send address mapping step: obtain the sign ID of the described guest virtual machine that described source MAC is corresponding, set up the mapping relations between described source MAC and described guest virtual machine sign ID;
Send storing step: according to described guest virtual machine sign ID, separately record described monitor message, and described monitor message is separately stored in described log file, for network monitoring according to described guest virtual machine sign ID.
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, described data receiver step comprises:
Receive monitoring step: by the described control point function arranging, monitor and receive described external data arrival in the receiver function of back-end network card driver;
Receiver address obtaining step: obtain target MAC (Media Access Control) address in described reception packet;
Receiver address mapping step: obtain the sign ID of the described guest virtual machine that described target MAC (Media Access Control) address is corresponding, set up the mapping relations between described target MAC (Media Access Control) address and described guest virtual machine sign ID;
Receive storing step: according to described guest virtual machine sign ID, record respectively reception monitor message, and described reception monitor message is stored in described log file, for network monitoring according to described guest virtual machine sign ID.
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, described transmission data and described reception data acquisition skb data structure.
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, described monitor message comprises: described sending/receiving packet temporal information, described sending/receiving data package size and described sending/receiving packet content.
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, the mapping between described object/source MAC and described guest virtual machine sign ID realizes by Xenstore file system technology.
Method for monitoring network under above-mentioned virtualized environment, is characterized in that, described log file adopts relay file system technology to realize.
Compared with prior art, what the network monitoring system under virtualized environment of the present invention and method were mainly paid close attention to is the fine-granularity network access information monitoring in Xen virtualized environment, by monitor component being deployed in beyond monitored virtual machine, accuracy and the fail safe of guarantee information monitoring.
Accompanying drawing explanation
Fig. 1 is virtualized environment guest virtual machine access to netwoks schematic flow sheet;
Fig. 2 is virtualized environment network monitoring system schematic diagram;
Fig. 3 is virtualized environment network monitoring system detailed maps;
Fig. 4 is virtualized environment method for monitoring network schematic flow sheet;
Fig. 5 is virtualized environment method for monitoring network initialization schematic flow sheet;
Fig. 6 is for sending process data packet monitoring schematic flow sheet;
Fig. 7 is for receiving process data packet monitoring schematic flow sheet
Wherein, Reference numeral:
1 network monitoring system
2 initialization modules 3 send monitoring module
4 receive monitoring module
21 create log file module 22 control points arranges module
23 knock-down module
31 send monitoring modular 32 sends address acquisition module
33 send address mapping module 34 sends memory module
41 receive monitoring modular 42 receiver address acquisition modules
43 receiver address mapping blocks 44 receive memory module
S1~S3, S11~S13, S21~S24, S31~S34: the administration step of various embodiments of the present invention
Embodiment
Below in conjunction with the drawings and specific embodiments, describe the present invention, but not as a limitation of the invention.
Below in conjunction with the drawings and specific embodiments, the present invention is described further.
As shown in Figure 1, virtualized environment lower network supervisory control system 1 is deployed in Dom0 kernel spacing, does not need user that any other information is provided.Because the access to netwoks behavior of all DomU in same physical machine all needs to drive through the rear end network interface card of Dom0, therefore, at rear end network interface card, driving into row receives packet operation and sends packet operation place interpolation control point function, when having data to drive by rear end equipment, can carry out record by control point mechanism so at every turn.
This preferred embodiment adopts the virtual guest virtual machine of Xen half that 32 or 64 (SuSE) Linux OS are installed, network monitoring system 1 is deployed in the Dom0 kernel spacing of Xen, the control point mechanism that all guest virtual machines are followed the trail of by the kernel of tracepoint is monitored.The elementary cell of the network access request of guest virtual machine is skb structure, and each skb structure includes its target MAC (Media Access Control) address and source MAC address information.In processing procedure, can determine which DomU this request sends from or be forwarded to by resolving the MAC Address recording in skb, and the Xenstore file system technology that needs Xen to provide, this technology by the ID of each virtual machine with and corresponding bridge MAC Address carried out record, therefore, can and then find the ID of its corresponding DomU by the parsing to bridge address.And the Relay technology that needs Linux to provide, from linux kernel to user's space, carry out efficient data transmission, the monitor message getting is stored in Relay file.But the present invention is not limited to this, any those of ordinary skill in the art, can change accordingly as required and be out of shape.
As shown in Figure 2, network monitoring system 1 comprises: initialization module 2, data send monitoring module 3 and data receiver monitoring module 4.Initialization module 2, for creating relay file, arranges control point function; Data send monitoring module 3 for monitor the external transmission data of all DomU simultaneously, and the data that get are divided according to DomU ID and separate storage; The external data that data receiver monitoring module 4 receives for monitor all DomU simultaneously, and the data that get are divided according to DomU ID and separate storage, for network monitoring.
As shown in Figure 3, initialization module 2 comprises: establishment log file module 21, control point arrange module 22 and knock-down module 23.Create log file module 21 for creating relay file, record the monitor message of all DomU; Control point arranges module 22 for control point function is set at DomU, and monitoring articulates function; The registration function that knock-down module 23 provides by tracepoint articulates function by control point function and monitoring and articulates, to monitor message is articulated to function from control point function passes to monitoring, and a point different DomU ID stores monitor message in relay file.
As shown in Figure 3, data transmission monitoring module 3 comprises: send monitoring modular 31, send address acquisition module 32, send address mapping module 33, send memory module 34.Send monitoring module 31 and monitored externally transmission of data by the control point function arranging in the transmission function of back-end network card driver; Send address acquisition module 32 and obtain source MAC in the skb data structure that sends data; Send address mapping module 33 and obtain the DomU ID that source MAC is corresponding, set up the mapping relations between source MAC and DomU ID; Send memory module 34 and separately record monitor message according to DomU ID, and monitor message is separately stored in relay file, for network monitoring according to DomU ID.
As shown in Figure 3, data receiver monitoring module 4 comprises: receive monitoring modular 41, receiver address acquisition module 42, receiver address mapping block 43, receive memory module 44.Receive monitoring module 41 and monitored external data arrival by the control point function arranging in the receiver function of back-end network card driver; Receiver address acquisition module 42 obtains target MAC (Media Access Control) address in the skb structure that receives data; Receiver address mapping block 43 obtains the DomU ID that target MAC (Media Access Control) address is corresponding, sets up the mapping relations between target MAC (Media Access Control) address and DomU ID; Receive memory module 44 and record respectively reception monitor message according to DomU ID, and reception monitor message is stored into respectively in relay file, for network monitoring according to DomU ID.
As shown in Figure 4, realize the method for virtual environment lower network monitoring, step is as follows:
S1: create relay file, control point and monitoring function are set;
S2: for monitor the external transmission data of all DomU simultaneously, and the monitor message getting is separately stored according to DomU ID, for network monitoring;
S3: the external data receiving for monitor all DomU simultaneously, and the monitor message getting is separately stored according to DomU ID, for network monitoring;
As shown in Figure 5, realize the method for virtual environment lower network monitoring, initialization step is as follows:
S11: create the relay file for record data packet generation time, source and destination and packet content;
S12: the control point that needs monitoring is set, these control points are articulated to relevant control point function, when these control points are triggered, the control point function of meeting Automatically invoked association.The statement of control point will be used the statement mode of tracepoint, first state control point structure with and the parameter information that needs, tracepoint mechanism can generate a control point function thus; When control point is set, the control point function of this generation need to be inserted in the function that needs to monitor, in network transmission packet function and reception packet function, through this process, when this function is arrived in each execution, all can carry out this control point function;
S13: the registration function that monitoring program is used tracepoint to provide, control point function and monitoring are articulated to function to be connected, like this when control point function is called, capital is called monitoring and is articulated function, and by the parameter obtaining be delivered to monitoring articulate in function, by monitoring, articulate function and process and store.
As shown in Figure 6, realize the method for virtual environment lower network monitoring, send monitoring step as follows:
S21. guest virtual machine need to send packet, comprises the information for DomU under judging such as source MAC and target MAC (Media Access Control) address information in packet, and data content information;
S22. the transmission function tracepoint monitoring point that rear end network interface card drives has detected packets need transmission;
S23. obtain the source address MAC Address recording in packet;
S24. read Xenstore information, obtain the ID of DomU corresponding to this MAC Address, according to monitoring demand, the information of the needs monitoring such as temporal information, data package size, packet content is stored.
As shown in Figure 7, realize the method for virtual environment lower network monitoring, receive monitoring step as follows:
S31. packet arrives rear end equipment driving, comprises the information for DomU under judging such as source MAC and target MAC (Media Access Control) address information in packet, and data content information;
S32. the receiver function tracepoint monitoring point that rear end equipment drives has detected that packet arrives;
S33. obtain the destination address MAC Address recording in packet;
S34. read Xenstore information, obtain the ID of DomU corresponding to this MAC Address, according to monitoring demand, the information of the needs monitoring such as temporal information, data package size, packet content is stored.
Certainly; the present invention also can have other various embodiments; in the situation that not deviating from spirit of the present invention and essence thereof; those of ordinary skill in the art are when making according to the present invention various corresponding changes and distortion, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (16)
1. the network monitoring system under virtualized environment, is characterized in that, described network monitoring system is deployed in franchise virtual machine, and multiple guest virtual machines are carried out to network monitoring, and described network monitoring system comprises:
Initialization module: for creating log file, control point is set;
Data send monitoring module: for monitor the external transmission data of described multiple guest virtual machines simultaneously, and the monitor message getting is stored, for network monitoring;
Data receiver monitoring module: the external data receiving for monitor described multiple guest virtual machine simultaneously, and the described monitor message getting is stored, for network monitoring.
2. the network monitoring system under virtualized environment according to claim 1, is characterized in that, described initialization module comprises:
Create log file module: for creating log file, record the described monitor message of described multiple guest virtual machines;
Control point arranges module: at described multiple guest virtual machines, control point function being set, and monitoring articulates function;
Knock-down module: articulate for described control point function and described monitoring are articulated to function, to described monitor message is articulated to function from described control point function passes to described monitoring, and store described monitor message into described log file.
3. the network monitoring system under virtualized environment according to claim 1, is characterized in that, described data send monitoring module and comprise:
Send monitoring modular: by the described control point function arranging, monitor described transmission data and externally send in the transmission function of described franchise virtual machine;
Send address acquisition module: in described transmission data, obtain source MAC;
Send address mapping module: obtain the sign ID of the described guest virtual machine that described source MAC is corresponding, set up the mapping relations between described source MAC and described guest virtual machine sign ID;
Send memory module: according to described guest virtual machine sign ID, separately record described monitor message, and described monitor message is separately stored in described log file, for network monitoring according to described guest virtual machine sign ID.
4. the network monitoring system under virtualized environment according to claim 1, is characterized in that, described data receiver monitoring module comprises:
Receive monitoring modular: by the described control point function arranging, monitor and receive described external data arrival in the receiver function of described franchise virtual machine;
Receiver address acquisition module: obtain target MAC (Media Access Control) address in described reception data;
Receiver address mapping block: obtain the sign ID of the described guest virtual machine that described target MAC (Media Access Control) address is corresponding, set up the mapping relations between described target MAC (Media Access Control) address and described guest virtual machine sign ID;
Receive memory module: according to described guest virtual machine sign ID, record respectively reception monitor message, and described reception monitor message is stored in described log file, for network monitoring according to described guest virtual machine sign ID.
5. the network monitoring system under virtualized environment according to claim 1, is characterized in that, described transmission data and described reception data acquisition skb data structure.
6. the network monitoring system under virtualized environment according to claim 1, is characterized in that, described monitor message comprises: described sending/receiving packet temporal information, described sending/receiving data package size and described sending/receiving packet content.
7. the network monitoring system under virtualized environment according to claim 1, is characterized in that, the mapping between described object/source MAC and described guest virtual machine sign ID realizes by Xenstore file system technology.
8. the network monitoring system under virtualized environment according to claim 1, is characterized in that, described log file adopts relay file system technology to realize.
9. the method for monitoring network under a virtualized environment, be applicable to the network monitoring system under virtual environment, described network monitoring system is deployed in franchise virtual machine, and multiple guest virtual machines are carried out to network monitoring, it is characterized in that, described method for monitoring network comprises:
Initialization step: for creating log file, control point is set;
Data send monitoring step: for monitor the external transmission data of described multiple guest virtual machine simultaneously, and the monitor message getting is stored, for network monitoring;
Data receiver monitoring step: the external data receiving for monitor described multiple guest virtual machine simultaneously, and the described monitor message getting is stored, for network monitoring.
10. the method for monitoring network under virtualized environment according to claim 9, is characterized in that, described initialization step comprises:
Create log file step: for creating log file, record the described monitor message of described multiple guest virtual machines;
Control point setting steps: at described multiple guest virtual machines, control point function being set, and monitoring articulates function;
Articulate step: for described control point function and described monitoring are articulated to function, articulate, to described monitor message is articulated to function from described control point function passes to described monitoring, and stored by described log file module.
Method for monitoring network under 11. virtualized environments according to claim 9, is characterized in that, described data sending step comprises:
Send monitoring step: by the described control point function arranging, monitor described transmission data and externally send in the transmission function of back-end network card driver;
Send address acquisition step: in described transmission data, obtain source MAC;
Send address mapping step: obtain the sign ID of the described guest virtual machine that described source MAC is corresponding, set up the mapping relations between described source MAC and described guest virtual machine sign ID;
Send storing step: according to described guest virtual machine sign ID, separately record described monitor message, and described monitor message is separately stored in described log file, for network monitoring according to described guest virtual machine sign ID.
Method for monitoring network under 12. virtualized environments according to claim 9, is characterized in that, described data receiver step comprises:
Receive monitoring step: by the described control point function arranging, monitor and receive described external data arrival in the receiver function of back-end network card driver;
Receiver address obtaining step: obtain target MAC (Media Access Control) address in described reception packet;
Receiver address mapping step: obtain the sign ID of the described guest virtual machine that described target MAC (Media Access Control) address is corresponding, set up the mapping relations between described target MAC (Media Access Control) address and described guest virtual machine sign ID;
Receive storing step: according to described guest virtual machine sign ID, record respectively reception monitor message, and described reception monitor message is stored in described log file, for network monitoring according to described guest virtual machine sign ID.
Method for monitoring network under 13. virtualized environments according to claim 9, is characterized in that, described transmission data and described reception data acquisition skb data structure.
Method for monitoring network under 14. virtualized environments according to claim 9, is characterized in that, described monitor message comprises: described sending/receiving packet temporal information, described sending/receiving data package size and described sending/receiving packet content.
Method for monitoring network under 15. virtualized environments according to claim 9, is characterized in that, the mapping between described object/source MAC and described guest virtual machine sign ID realizes by Xenstore file system technology.
Method for monitoring network under 16. virtualized environments according to claim 9, is characterized in that, described log file adopts relay file system technology to realize.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310512044.8A CN103746860A (en) | 2013-10-25 | 2013-10-25 | Network monitoring system and method thereof in virtual environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310512044.8A CN103746860A (en) | 2013-10-25 | 2013-10-25 | Network monitoring system and method thereof in virtual environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103746860A true CN103746860A (en) | 2014-04-23 |
Family
ID=50503851
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310512044.8A Pending CN103746860A (en) | 2013-10-25 | 2013-10-25 | Network monitoring system and method thereof in virtual environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103746860A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104598842A (en) * | 2015-02-03 | 2015-05-06 | 中国电子科技集团公司第三十研究所 | Segmentation method for trust domain of virtual machine monitor |
| CN104702469A (en) * | 2015-03-27 | 2015-06-10 | 北京奇虎科技有限公司 | Method for monitoring network data, entity machine virtual device and network system |
| CN113709004A (en) * | 2021-09-03 | 2021-11-26 | 天津津航计算技术研究所 | Monitoring method for receiving flow during master-slave mode network port binding in Linux system |
-
2013
- 2013-10-25 CN CN201310512044.8A patent/CN103746860A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104598842A (en) * | 2015-02-03 | 2015-05-06 | 中国电子科技集团公司第三十研究所 | Segmentation method for trust domain of virtual machine monitor |
| CN104598842B (en) * | 2015-02-03 | 2018-05-01 | 中国电子科技集团公司第三十研究所 | A kind of monitor of virtual machine trusts domain splitting method |
| CN104702469A (en) * | 2015-03-27 | 2015-06-10 | 北京奇虎科技有限公司 | Method for monitoring network data, entity machine virtual device and network system |
| CN104702469B (en) * | 2015-03-27 | 2019-02-12 | 北京奇虎科技有限公司 | Method, physical machine virtual unit and the network system of monitoring network |
| CN113709004A (en) * | 2021-09-03 | 2021-11-26 | 天津津航计算技术研究所 | Monitoring method for receiving flow during master-slave mode network port binding in Linux system |
| CN113709004B (en) * | 2021-09-03 | 2023-06-06 | 天津津航计算技术研究所 | Monitoring method for receiving flow in master-slave mode network port binding process in Linux system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9237164B2 (en) | Systems and methods for capturing, replaying, or analyzing time-series data | |
| CN102870377A (en) | Monitoring method and device for virtual port | |
| US9906547B2 (en) | Mechanism to augment IPS/SIEM evidence information with process history snapshot and application window capture history | |
| US9253156B2 (en) | Dynamically defining network access rules | |
| US11509505B2 (en) | Method and apparatus for operating smart network interface card | |
| US8856585B2 (en) | Hardware failure mitigation | |
| CN109479013B (en) | Logging of traffic in a computer network | |
| CN108205619B (en) | Multi-user management method and device based on android system | |
| CN109101200B (en) | Disk storage system of cross-network real-time bidirectional synchronization | |
| JP2013073405A (en) | Monitoring device, control method and control program | |
| CN117280327A (en) | Detecting data center large scale interruptions through near real time/offline data using machine learning models | |
| US11734430B2 (en) | Configuration of a memory controller for copy-on-write with a resource controller | |
| CN110837407A (en) | Server-free cloud service system, resource management method thereof and electronic equipment | |
| CN103746860A (en) | Network monitoring system and method thereof in virtual environment | |
| US10209905B2 (en) | Reusing storage blocks of a file system | |
| US20140289198A1 (en) | Tracking and maintaining affinity of machines migrating across hosts or clouds | |
| US10114947B1 (en) | Systems and methods for logging processes within containers | |
| CN112235300B (en) | Cloud virtual network vulnerability detection method, system, device and electronic equipment | |
| US10635475B2 (en) | Migration-adjusted problem ticket analysis and consolidation | |
| CN107688441B (en) | Method and device for realizing storage virtualization | |
| CN107480033B (en) | Virtual machine blue screen detection method and equipment | |
| US20160034548A1 (en) | System and Method for Obtaining Automated Scaling of a Virtual Desktop Environment | |
| KR101837935B1 (en) | Receiving packet storage apparatus for improving data search performance based on whole packet storage and method therefor | |
| US11297086B2 (en) | Correlation-based network security | |
| CN111443983B (en) | Application program virtualization method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140423 |
|
| RJ01 | Rejection of invention patent application after publication |