CN106533724B - Method, device and system for monitoring and optimizing Network Function Virtualization (NFV) network - Google Patents
Method, device and system for monitoring and optimizing Network Function Virtualization (NFV) network Download PDFInfo
- Publication number
- CN106533724B CN106533724B CN201510580186.7A CN201510580186A CN106533724B CN 106533724 B CN106533724 B CN 106533724B CN 201510580186 A CN201510580186 A CN 201510580186A CN 106533724 B CN106533724 B CN 106533724B
- Authority
- CN
- China
- Prior art keywords
- monitoring
- network
- nfv
- vnf
- strategy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention provides a method, a device and a system for monitoring and optimizing a Network Function Virtualization (NFV) network, wherein the method comprises the following steps: acquiring a monitoring requirement for monitoring the NFV network; collecting data in a virtual network element VNF to be monitored according to monitoring requirements; analyzing the acquired data according to a preset analysis strategy rule to determine a first network state of the NFV network; determining a first processing strategy which needs to be executed for optimizing the NFV network according to the first network state; according to the first processing strategy, the NFV network is optimized, and the embodiment of the invention can automatically monitor and dynamically optimize the NFV network.
Description
Technical Field
The invention relates to the field of core networks, in particular to a method, a device and a system for monitoring and optimizing a Network Function Virtualization (NFV) network.
Background
Network Function Virtualization (NFV) was originally proposed by operators in the European Telecommunications Standardization Institute (ETSI), and aims to solve the problems of long Network construction period, poor flexibility, high cost and high operation pressure of operators by using a standard information technology Virtualization technology. The specific implementation mode is to implement the functions of the traditional physical network equipment on the virtual machine in a software mode. By the method, the traditional separated single physical network equipment can be intensively deployed on one physical equipment in a software mode, physical resources are shared, and the efficiency and the cost of network equipment deployment, upgrading and operation and maintenance are improved.
Network operators manage the network better by correlating and analyzing data collected from the user data plane and the control plane, including making clear of network usage, subscriber dynamics, content paths, Service-level agreements (SLA) and any network anomalies, etc. Network dynamics caused by malware and Denial of Service (DoS) attacks can be detected and repaired. Such monitoring mechanisms are often prevalent for different types of networks, such as operator networks, enterprise networks, etc., as well as for different parts of the network, such as core networks, access networks, etc. With the application of NFV technology, the interfaces to access security monitoring are different. For example, one virtual network element (VNF), or interfaces between multiple VNFs on the same virtual machine manager (hypervisor), may be hidden, making probing of desired data for monitoring difficult. In some scenarios, to reduce latency, non-standardized interfaces may be used, interfaces between Virtual Machines (VMs) are used directly, or direct communication through hypervisors or the like, requiring a new security monitoring architecture.
The NFV security group of ETSI proposes an NFV security monitoring logic architecture, and mainly implements security monitoring of traffic for an NFV network. Wherein: the VNF, VNFC components, Hypervisor, and physical platform all have NFV Security Services Agents (SSA) installed thereon, which receives and executes Security monitoring policies; NFV Security Service Providers (SSP) are installed in a virtual resource management center (VIM) and a virtual network element management center (VNFM), and are responsible for receiving Security monitoring policy orchestration from an NFV Security Service Controller (SSC) and interacting with other VIM/VNFM components, thereby enabling policies to be transmitted through a plurality of systems that constitute the NFVI/VNF. In addition, the NFV SSP is also capable of accepting metrology data from multiple NFV SSA and performing some analysis based on the data; the NFV SSC is a Network System (NS) level and System level security monitoring orchestrator that interfaces with external security systems, security databases, and policy engines. The NFV SSC orchestrates the security policies of the NS and system, which may be located as a trusted third party in the network functions virtualization scheduling center (NFVO). The NFV Security Monitoring analysis System (Security Monitoring analysis System) can perform collection of Security measurement information from the NFV System and can analyze threats and anomalies present in the information.
However, the current NFV security monitoring system has the following defects: the current standard draft only introduces the functions of each module of the whole system, and does not introduce a specific operation flow. In addition, the system adds a large number of interfaces, increases the complexity of the existing network system for docking and upgrading, and adds service-related functions inside a virtual resource management and orchestration system (MANO), but the MANO is not suitable for executing excessive service-related capabilities. Meanwhile, with the development of big data and converged communication, more types of flow data can be used for richer analysis and decision-making.
In addition, the system only relates to the safety monitoring part of the flow, and does not relate to the safety management of the network (such as the issuing of the safety strategy of a firewall and the like) and the automatic repairing of the problems (for example, if a new protection wall is found to be needed, a software development kit is newly started).
Disclosure of Invention
The embodiment of the invention aims to provide a method, a device and a system for monitoring and optimizing a Network Function Virtualization (NFV) network, which can automatically monitor and dynamically optimize the NFV network.
In order to achieve the above object, an embodiment of the present invention provides a method for monitoring and optimizing a Network Function Virtualization (NFV) network, where the method includes:
acquiring a monitoring requirement for monitoring the NFV network;
collecting data in a virtual network element VNF to be monitored according to monitoring requirements;
analyzing the acquired data according to a preset analysis strategy rule to determine a first network state of the NFV network;
determining a first processing strategy which needs to be executed for optimizing the NFV network according to the first network state;
and optimizing and arranging the NFV network according to the first processing strategy.
The method includes acquiring a monitoring requirement for monitoring an NFV network, specifically:
acquiring a starting request when NFV network service is started, and acquiring a monitoring requirement for monitoring an NFV network from the starting request; or
Monitoring requirements for monitoring the NFV network are obtained from a user input interface.
Wherein, according to the monitoring requirement, data are collected in the virtual network element VNF to be monitored, which specifically includes:
analyzing the monitoring requirement to obtain a first monitoring object and a first monitoring purpose;
according to the unique identifier of the NFV network service or the VNF characteristic contained in the first monitoring object, querying and acquiring the unique identifier of the VNF to be monitored from a network function virtualization scheduling center;
determining a first monitoring strategy which corresponds to a first monitoring object and a first monitoring purpose and needs to be executed for monitoring the NFV network according to a preset corresponding relation between the monitoring object and the monitoring purpose and the monitoring strategy;
sending a monitoring instruction to the network element management system according to the unique identifier of the VNF and the first monitoring policy so that the network element management system configures the first monitoring policy into the VNF;
and in the operation process of the VNF, filtering data flow passing through the VNF according to a first monitoring strategy to obtain data.
The method comprises the following steps of determining a first processing strategy to be executed for optimizing the NFV network according to a first network state, specifically:
and determining a first processing strategy corresponding to the first network state according to the preset corresponding relation between the network state and the processing strategy.
The method comprises the following steps of optimizing and arranging an NFV network according to a first processing strategy, and specifically comprises the following steps:
performing whole-network arrangement according to a first processing strategy to obtain a strategy execution instruction string, and detecting the strategy execution instruction string;
when the policy execution instruction string is detected to be used for carrying out security configuration on the corresponding VNF, the policy execution instruction string is sent to a network element management system, so that the network element management system carries out security configuration on the corresponding VNF;
and when the policy execution instruction string is detected to be used for virtual resource management, sending the policy execution instruction string to the virtual resource management system so that the virtual resource management system executes the VNF lifecycle management operation.
An embodiment of the present invention further provides an apparatus for monitoring and optimizing a network function virtualized NFV network, where the apparatus includes:
the acquiring module is used for acquiring monitoring requirements for monitoring the NFV network;
the acquisition module is used for acquiring data in the virtual network element VNF to be monitored according to the monitoring requirement;
the analysis module is used for analyzing the acquired data according to a preset analysis strategy rule to determine a first network state of the NFV network;
the determining module is used for determining a first processing strategy which needs to be executed for optimizing the NFV network according to the first network state;
and the arranging module is used for optimizing and arranging the NFV network according to the first processing strategy.
Wherein, the acquisition module includes:
a first obtaining unit, configured to obtain a start request when an NFV network service is started, and obtain a monitoring requirement for monitoring the NFV network from the start request; or
And the second acquisition unit is used for acquiring the monitoring requirement for monitoring the NFV network from the user input interface.
Wherein, the collection module includes:
the third acquisition unit is used for analyzing the monitoring requirement to acquire a first monitoring object and a first monitoring purpose;
the first unit is used for querying and acquiring the unique identifier of the VNF to be monitored from the network function virtualization scheduling center according to the unique identifier of the NFV network service or the VNF characteristic contained in the first monitoring object;
a second unit, configured to determine, according to a preset correspondence between a monitoring object and a monitoring purpose and a monitoring policy, a first monitoring policy that needs to be executed for monitoring the NFV network and corresponds to the first monitoring object and the first monitoring purpose;
a third unit, configured to send a monitoring instruction to the network element management system according to the unique identifier of the VNF and the first monitoring policy, so that the network element management system configures the first monitoring policy in the VNF;
and the acquisition unit is used for filtering the data flow passing through the VNF according to a first monitoring strategy in the operation process of the VNF to acquire data.
Wherein the determining module comprises:
and the determining unit is used for determining a first processing strategy corresponding to the first network state according to the preset corresponding relation between the network state and the processing strategy.
Wherein, the arrangement module includes:
the arranging unit is used for carrying out whole-network arrangement according to a first processing strategy to obtain a strategy execution instruction string, detecting the strategy execution instruction string, triggering the first sending unit when detecting that the strategy execution instruction string is used for carrying out security configuration on a corresponding VNF, and triggering the second sending unit when detecting that the strategy execution instruction string is used for carrying out virtual resource management;
the first sending unit is used for sending the policy execution instruction string to the network element management system according to the triggering of the arranging unit so that the network element management system can perform security configuration on the corresponding VNF;
and the second sending unit is used for sending the policy execution instruction string to the virtual resource management system according to the trigger of the arranging unit so that the virtual resource management system executes the VNF life cycle management operation.
The embodiment of the invention also provides a system for monitoring and optimizing the Network Function Virtualization (NFV) network, which comprises the device for monitoring and optimizing the NFV network.
Wherein the system is a network management system.
The scheme of the invention at least comprises the following beneficial effects:
in the embodiment of the invention, data are collected in the virtual network element VNF to be monitored according to the obtained monitoring requirement for monitoring the NFV network, the collected data are analyzed according to the preset analysis strategy rule, the first network state of the NFV network is determined, then the first processing strategy which needs to be executed for optimizing the NFV network is determined according to the first network state, and the NFV network is optimized according to the first processing strategy, so that the effects of automatically monitoring and dynamically optimizing the NFV network are achieved under the condition that the existing interface is fully utilized.
Drawings
Fig. 1 is a flow chart of a method of monitoring and optimizing a network function virtualization, NFV, network in a first embodiment of the invention;
FIG. 2 is a flowchart of step S12 in FIG. 1 according to a first embodiment of the present invention;
fig. 3 is a schematic structural diagram of an apparatus for monitoring and optimizing a network function virtualization NFV network according to a second embodiment of the present invention;
fig. 4 is an OSS architecture diagram of a device including a monitoring and optimization network function virtualization, NFV, network in a third embodiment of the invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
First embodiment
As shown in fig. 1, a first embodiment of the present invention provides a method for monitoring and optimizing a network function virtualized NFV network, the method including:
step S11, acquiring monitoring requirements for monitoring the NFV network;
in the first embodiment of the present invention, the monitoring requirement for monitoring the NFV network may be obtained by obtaining a start request when the NFV network service is started and obtaining a monitoring requirement for monitoring the NFV network from the start request, that is, the monitoring requirement is automatically triggered when the NFV network service is started. Of course, the monitoring requirement for monitoring the NFV network may also be obtained from the user input interface, that is, the monitoring requirement may be input by the user at the user input interface according to the monitoring experience or the service requirement.
Step S12, according to the monitoring requirement, collecting data in the virtual network element VNF to be monitored;
step S13, analyzing the collected data according to a preset analysis strategy rule to determine a first network state of the NFV network;
in the first embodiment of the present invention, before step S13 is executed, it is necessary to acquire an analysis policy rule. It can be understood that the analysis policy rule may be added by the user in advance according to the experience of the monitoring process, or may be added by the user through an interface subsequently according to the network service requirement.
In the first embodiment of the present invention, the first network status may be security threats (e.g., DOS attacks, etc.) existing in the NFV network, a traffic status of the NFV network (e.g., traffic exceeds a network processing load, etc.), a user behavior of the NFV network (e.g., large-scale access to a certain network resource, etc.).
Step S14, determining a first processing strategy to be executed for optimizing the NFV network according to the first network state;
in the first embodiment of the present invention, a first processing policy corresponding to a first network state may be determined according to a preset correspondence between the network state and the processing policy. It should be noted that, before step S14 is executed, the correspondence between the network status and the processing policy needs to be acquired. It can be understood that the corresponding relationship between the network state and the processing policy may be added by the user in advance according to the experience of monitoring and processing, or may be added by the user through an interface subsequently according to the network service requirement.
And step S15, optimizing and arranging the NFV network according to the first processing strategy.
In the first embodiment of the present invention, data is collected in a virtual network element VNF to be monitored according to an obtained monitoring requirement for monitoring an NFV network, the collected data is analyzed according to a preset analysis policy rule, a first network state of the NFV network is determined, a first processing policy to be executed for optimizing the NFV network is determined according to the first network state, and the NFV network is optimized according to the first processing policy, so that the problems of incapability of performing security management on the NFV network and automatic repair of the problems are solved, and the effects of automatically monitoring and dynamically optimizing the NFV network are achieved while fully utilizing an existing interface.
As shown in fig. 2, in the first embodiment of the present invention, the step S12 specifically includes:
step S21, analyzing the monitoring requirement to obtain a first monitoring object and a first monitoring purpose;
in the first embodiment of the present invention, the first monitored object may include one or both of the unique identifier of the NFV network service and the feature information of the VNF.
Step S22, according to the unique identifier of the NFV network service or the VNF characteristic contained in the first monitoring object, querying and acquiring the unique identifier of the VNF to be monitored from the network function virtualization scheduling center;
step S23, determining a first monitoring strategy which corresponds to the first monitoring object and the first monitoring purpose and is required to be executed for monitoring the NFV network according to the preset corresponding relation between the monitoring object and the monitoring purpose and the monitoring strategy;
in the first embodiment of the present invention, before step S23 is executed, the corresponding relationship between the monitoring object and the monitoring purpose and the monitoring policy needs to be obtained, so that when step S23 is executed, the first monitoring policy that needs to be executed for monitoring the NFV network and corresponds to the first monitoring object and the first monitoring purpose (e.g., deep packet inspection, intrusion inspection, etc.) can be determined. The monitoring policy may include information such as an acquisition frequency, a format of acquired data, and a protocol parameter.
Step S24, sending a monitoring instruction to the network element management system according to the unique identifier of the VNF and the first monitoring policy, so that the network element management system configures the first monitoring policy to the VNF;
in the first embodiment of the present invention, the reason why the network element management system configures the first monitoring policy into the VNF is to clearly know the type of data to be collected (e.g., malformed information body, header, traffic statistics, etc.) when performing the subsequent step S25.
Step S25, in the operation process of the VNF, filtering the data flow passing through the VNF according to the first monitoring policy, and acquiring data.
In a first embodiment of the present invention, during the operation of the VNF, data flow passing through the VNF is filtered inside the VNF according to a first monitoring policy, and data is acquired.
In a first embodiment of the present invention, the step S15 is specifically: the method comprises the steps of firstly carrying out whole-network arrangement according to a first processing strategy to obtain a strategy execution instruction string, detecting the strategy execution instruction string, sending the strategy execution instruction string to a network element management system when detecting that the strategy execution instruction string is used for carrying out security configuration on a corresponding VNF, so that the network Element Management System (EMS) carries out security configuration on the corresponding VNF, and sending the strategy execution instruction string to a virtual resource management system (MANO) when detecting that the strategy execution instruction string is used for carrying out virtual resource management so that the virtual resource management system carries out VNF life cycle management operation, for example, when the processing capacity of a certain virtual network element needs to be increased, enabling the virtual resource management system to carry out online capacity reduction and capacity expansion of a virtual network function.
Second embodiment
As shown in fig. 3, a second embodiment of the present invention provides an apparatus for monitoring and optimizing a network function virtualized NFV network, the apparatus including:
an obtaining module 31, configured to obtain a monitoring requirement for monitoring an NFV network;
the collecting module 32 is configured to collect data in the virtual network element VNF to be monitored according to a monitoring requirement;
the analysis module 33 is configured to analyze the acquired data according to a preset analysis policy rule, and determine a first network state of the NFV network;
a determining module 34, configured to determine, according to the first network state, a first processing policy that needs to be executed to optimize the NFV network;
and the arranging module 35 is configured to perform optimized arranging on the NFV network according to the first processing policy.
Wherein, the obtaining module 31 includes:
a first obtaining unit, configured to obtain a start request when an NFV network service is started, and obtain a monitoring requirement for monitoring the NFV network from the start request; or
And the second acquisition unit is used for acquiring the monitoring requirement for monitoring the NFV network from the user input interface.
Wherein the determining module 34 comprises:
and the determining unit is used for determining a first processing strategy corresponding to the first network state according to the preset corresponding relation between the network state and the processing strategy.
Wherein, the collection module 32 includes:
the third acquisition unit is used for analyzing the monitoring requirement to acquire a first monitoring object and a first monitoring purpose;
the first unit is used for querying and acquiring the unique identifier of the VNF to be monitored from the network function virtualization scheduling center according to the unique identifier of the NFV network service or the VNF characteristic contained in the first monitoring object;
a second unit, configured to determine, according to a preset correspondence between a monitoring object and a monitoring purpose and a monitoring policy, a first monitoring policy that needs to be executed for monitoring the NFV network and corresponds to the first monitoring object and the first monitoring purpose;
a third unit, configured to send a monitoring instruction to the network element management system according to the unique identifier of the VNF and the first monitoring policy, so that the network element management system configures the first monitoring policy in the VNF;
and the acquisition unit is used for filtering the data flow passing through the VNF according to a first monitoring strategy in the operation process of the VNF to acquire data.
In a second embodiment of the invention, in order to improve the accuracy in acquiring the data, the above-mentioned acquisition unit is arranged in the VNF,
wherein, the arranging module 35 includes:
an arranging unit for
Performing whole-network arrangement according to a first processing strategy to obtain a strategy execution instruction string, detecting the strategy execution instruction string, triggering a first sending unit when detecting that the strategy execution instruction string is used for performing security configuration on a corresponding VNF, and triggering a second sending unit when detecting that the strategy execution instruction string is used for performing virtual resource management;
the first sending unit is used for sending the policy execution instruction string to the network element management system according to the triggering of the arranging unit so that the network element management system can perform security configuration on the corresponding VNF;
and the second sending unit is used for sending the policy execution instruction string to the virtual resource management system according to the trigger of the arranging unit so that the virtual resource management system executes the VNF life cycle management operation.
In the second embodiment of the present invention, the apparatus acquires data in a virtual network element VNF to be monitored according to an acquired monitoring requirement for monitoring an NFV network, analyzes the acquired data according to a preset analysis policy rule, determines a first network state of the NFV network, then determines a first processing policy to be executed for optimizing the NFV network according to the first network state, and optimizes the NFV network according to the first processing policy, so that the problems of security management of the NFV network and automatic repair of the problems are solved, and an effect of automatically monitoring and dynamically optimizing the NFV network is achieved while fully utilizing an existing interface.
It should be noted that, in the second embodiment of the present invention, the acquisition module 32, the analysis module 33, and the determination module 34 are all provided with an interface that is open to the outside, so that a user can conveniently adjust the correspondence between the monitoring object and the monitoring purpose in the acquisition module 32 and the monitoring policy, the analysis policy rule in the analysis module 33, and the correspondence between the network state in the determination module 34 and the processing policy according to the business requirement.
It should be further noted that the apparatus for monitoring and optimizing a network function virtualized NFV network provided in the second embodiment of the present invention is an apparatus applying the above method, that is, all embodiments of the above method are applicable to the apparatus and can achieve the same or similar beneficial effects.
Third embodiment
A third embodiment of the present invention provides a system for monitoring and optimizing a network function virtualized NFV network, which includes the above apparatus for monitoring and optimizing a network function virtualized NFV network.
In a third embodiment of the present invention, the system may be an independent entity or a network management system, which is specifically determined by a deployment instance or an operator, and the corresponding new interface may also reuse the original interface according to the deployment location. For example, as an Operation Support System (OSS) shown in fig. 4, it should be noted that, in fig. 4, the functions of the third acquiring unit, the first unit, the second unit and the third unit in the acquiring module and the acquiring module are all completed by the arranging module.
It should be further noted that the system provided by the third embodiment of the present invention is a system including the above-mentioned apparatus for monitoring and optimizing network function virtualization NFV network, that is, all embodiments of the above-mentioned apparatus are applicable to the system, and can achieve the same or similar beneficial effects.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (10)
1. A method of monitoring and optimizing a network function virtualization, NFV, network, the method comprising:
acquiring a monitoring requirement for monitoring the NFV network;
according to the monitoring requirement, collecting data in a virtual network element VNF to be monitored comprises: analyzing the monitoring requirement to obtain a first monitoring object and a first monitoring purpose; querying and acquiring a unique identifier of a VNF to be monitored from a network function virtualization scheduling center according to the unique identifier of the NFV network service or the VNF characteristic contained in the first monitoring object; determining a first monitoring strategy which corresponds to the first monitoring object and the first monitoring purpose and is required to be executed for monitoring the NFV network according to a preset corresponding relation between the monitoring object and the monitoring purpose and the monitoring strategy; sending a monitoring instruction to a network element management system according to the unique identifier of the VNF and the first monitoring policy, so that the network element management system configures the first monitoring policy into the VNF;
in the operation process of the VNF, filtering data flow flowing through the VNF according to the first monitoring strategy to obtain the data;
analyzing the acquired data according to a preset analysis strategy rule to determine a first network state of the NFV network;
determining a first processing strategy which needs to be executed for optimizing the NFV network according to the first network state;
and optimizing and arranging the NFV network according to the first processing strategy.
2. The method according to claim 1, wherein the obtaining of the monitoring requirement for monitoring the NFV network specifically comprises:
acquiring a starting request when the NFV network service is started, and acquiring a monitoring requirement for monitoring the NFV network from the starting request; or
Monitoring requirements for monitoring the NFV network are obtained from a user input interface.
3. The method according to claim 1, wherein the performing optimization orchestration on the NFV network according to the first processing policy specifically includes:
performing whole-network arrangement according to the first processing strategy to obtain a strategy execution instruction string, and detecting the strategy execution instruction string;
when the policy execution instruction string is detected to be used for carrying out security configuration on the corresponding VNF, the policy execution instruction string is sent to a network element management system, so that the network element management system carries out security configuration on the corresponding VNF;
when the policy execution instruction string is detected to be used for virtual resource management, the policy execution instruction string is sent to a virtual resource management system, so that the virtual resource management system executes VNF lifecycle management operation.
4. The method according to claim 1, wherein the determining, according to the first network state, a first processing policy that needs to be executed to optimize the NFV network specifically includes:
and determining the first processing strategy corresponding to the first network state according to the preset corresponding relation between the network state and the processing strategy.
5. An apparatus for monitoring and optimizing a network function virtualization, NFV, network, the apparatus comprising:
the acquiring module is used for acquiring monitoring requirements for monitoring the NFV network;
the acquisition module is used for acquiring data in the virtual network element VNF to be monitored according to the monitoring requirement; the collection module includes:
the third acquisition unit is used for analyzing the monitoring requirement to acquire a first monitoring object and a first monitoring purpose;
a first unit, configured to query and acquire, from a network function virtualization scheduling center, a unique identifier of a VNF to be monitored according to a unique identifier of an NFV network service or a VNF feature included in the first monitored object;
a second unit, configured to determine, according to a preset correspondence between a monitoring object and a monitoring purpose and a monitoring policy, a first monitoring policy that needs to be executed for monitoring the NFV network and corresponds to the first monitoring object and the first monitoring purpose;
a third unit, configured to send a monitoring instruction to a network element management system according to the unique identifier of the VNF and the first monitoring policy, so that the network element management system configures the first monitoring policy in the VNF;
the acquisition unit is used for filtering data flow passing through the VNF according to the first monitoring strategy in the operation process of the VNF to acquire the data;
the analysis module is used for analyzing the acquired data according to a preset analysis strategy rule to determine a first network state of the NFV network;
a determining module, configured to determine, according to the first network state, a first processing policy that needs to be executed to optimize the NFV network;
and the arranging module is used for carrying out optimized arranging on the NFV network according to the first processing strategy.
6. The apparatus of claim 5, wherein the acquisition module comprises:
a first obtaining unit, configured to obtain a start request when the NFV network service is started, and obtain a monitoring requirement for monitoring the NFV network from the start request; or
And the second acquisition unit is used for acquiring the monitoring requirement for monitoring the NFV network from the user input interface.
7. The apparatus of claim 5, wherein the orchestration module comprises:
the arranging unit is used for carrying out whole-network arrangement according to the first processing strategy to obtain a strategy execution instruction string, detecting the strategy execution instruction string, triggering the first sending unit when detecting that the strategy execution instruction string is used for carrying out security configuration on a corresponding VNF, and triggering the second sending unit when detecting that the strategy execution instruction string is used for carrying out virtual resource management;
the first sending unit is used for sending the policy execution instruction string to a network element management system according to the trigger of the arranging unit so that the network element management system can perform security configuration on a corresponding VNF;
and the second sending unit is used for sending the policy execution instruction string to a virtual resource management system according to the trigger of the arranging unit so that the virtual resource management system executes VNF lifecycle management operation.
8. The apparatus of claim 5, wherein the means for determining comprises:
and the determining unit is used for determining the first processing strategy corresponding to the first network state according to the preset corresponding relation between the network state and the processing strategy.
9. A system for monitoring and optimizing a network functions virtualized NFV network, characterized in that the system comprises an apparatus for monitoring and optimizing a network functions virtualized NFV network according to any of the claims 5-8.
10. The system of claim 9, wherein the system is a network management system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510580186.7A CN106533724B (en) | 2015-09-11 | 2015-09-11 | Method, device and system for monitoring and optimizing Network Function Virtualization (NFV) network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510580186.7A CN106533724B (en) | 2015-09-11 | 2015-09-11 | Method, device and system for monitoring and optimizing Network Function Virtualization (NFV) network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106533724A CN106533724A (en) | 2017-03-22 |
| CN106533724B true CN106533724B (en) | 2020-02-11 |
Family
ID=58348114
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510580186.7A Active CN106533724B (en) | 2015-09-11 | 2015-09-11 | Method, device and system for monitoring and optimizing Network Function Virtualization (NFV) network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106533724B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107872339B (en) * | 2016-09-27 | 2022-11-18 | 中兴通讯股份有限公司 | Operation and maintenance implementation method and device in virtual network and virtual network system |
| CN108989070A (en) * | 2017-05-31 | 2018-12-11 | 中兴通讯股份有限公司 | Virtualize network element O&M method, NFVO and VNFM network element |
| CN109257240B (en) | 2017-07-12 | 2021-02-23 | 上海诺基亚贝尔股份有限公司 | Method and device for monitoring performance of virtualized network functional unit |
| CN107682182A (en) * | 2017-09-14 | 2018-02-09 | 郑州云海信息技术有限公司 | A kind of alarm method and system for realizing virtualization network load monitoring |
| CN110971439A (en) * | 2018-09-30 | 2020-04-07 | 中兴通讯股份有限公司 | Policy decision method and device, system, storage medium, policy decision unit and cluster |
| CN111371570B (en) * | 2018-12-25 | 2023-03-10 | 中国移动通信集团广东有限公司 | Fault detection method and device for NFV network |
| CN111082960B9 (en) * | 2019-04-15 | 2023-01-24 | 中兴通讯股份有限公司 | Data processing method and device |
| CN111901154B (en) * | 2020-07-04 | 2022-05-27 | 烽火通信科技股份有限公司 | Safety architecture system based on NFV and safety deployment and safety threat processing method |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104378262A (en) * | 2013-12-13 | 2015-02-25 | 国家计算机网络与信息安全管理中心 | Intelligent monitoring analyzing method and system under cloud computing |
-
2015
- 2015-09-11 CN CN201510580186.7A patent/CN106533724B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104378262A (en) * | 2013-12-13 | 2015-02-25 | 国家计算机网络与信息安全管理中心 | Intelligent monitoring analyzing method and system under cloud computing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106533724A (en) | 2017-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106533724B (en) | Method, device and system for monitoring and optimizing Network Function Virtualization (NFV) network | |
| CN110752961B (en) | Techniques for secure personalization of secure monitoring of virtual network functions | |
| US9794272B2 (en) | Method and apparatus for monitoring malicious traffic in communication networks | |
| US10756999B2 (en) | Virtualized network function information obtaining method, apparatus, and system | |
| US10997047B2 (en) | Automatic selection of agent-based or agentless monitoring | |
| EP3657753A1 (en) | Technologies for scalable security architecture of virtualized networks | |
| CN105052076B (en) | Network element management system and network element management method based on cloud computing | |
| CN103812726A (en) | Automated testing method and device for data communication equipment | |
| EP2681870A1 (en) | Technique for determining correlated events in a communication system | |
| KR20130125389A (en) | Method and apparatus for network analysis | |
| US10341182B2 (en) | Method and system for detecting network upgrades | |
| US11811844B2 (en) | Product validation based on simulated enhanced calling or messaging communications services in telecommunications network | |
| JP2016527786A (en) | Network test method, data collection method thereof, network test apparatus and system | |
| US20230020480A1 (en) | Unified query tool for network function virtualization architecture | |
| GB2553784A (en) | Management of log data in electronic devices | |
| Liyanage et al. | Software defined security monitoring in 5G networks | |
| CN108604996B (en) | Strategy transmission method and device in NFV system | |
| Tang et al. | AI testing framework for next-G O-RAN networks: Requirements, design, and research opportunities | |
| KR102162024B1 (en) | Apparatus and method for checking problem of mobile communication network using operational logic modeling and comparative analysis | |
| CN113965355A (en) | SOC-based illegal IP (Internet protocol) provincial network plugging method and device | |
| CN108093075A (en) | A kind of implementation method of application system gray scale issue | |
| Xie et al. | Service assurance architecture in NFV | |
| CN107911410A (en) | Distributed Services process resource consumes statistical method and device | |
| US20220292374A1 (en) | Dynamic parameter collection tuning | |
| KR20180125739A (en) | Apparatus and method for scaling for virtual network functions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |