CN108769289A - A kind of network address resources Visualized management system - Google Patents
A kind of network address resources Visualized management system Download PDFInfo
- Publication number
- CN108769289A CN108769289A CN201810553382.9A CN201810553382A CN108769289A CN 108769289 A CN108769289 A CN 108769289A CN 201810553382 A CN201810553382 A CN 201810553382A CN 108769289 A CN108769289 A CN 108769289A
- Authority
- CN
- China
- Prior art keywords
- network address
- unit
- resources
- address resources
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/04—Real-time or near real-time messaging, e.g. instant messaging [IM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5053—Lease time; Renewal aspects
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a kind of network address resources Visualized management systems.The system comprises network address resources acquisition module, network address resources display module and network address resources update modules;The network address resources acquisition module obtains the all-network address resource of Intranet;The network address resources display module generates network address resources list according to the network address resources and is shown;The network address resources update module updates the network address resources list according to the modification operation carried out to the network address resources, the real-time update and visualization for realizing network address resources are shown, effectively prevent manual operation appearance it is artificial slip, IP address resource the problems such as being duplicatedly distributed, improve the safety management level of static network address resource in the network address resources efficiency of management and intranet environment.
Description
Technical field
The present invention relates to network resource management technical fields, more particularly to a kind of network address resources visualized management system
System.
Background technology
Currently, inner net computer terminal mainly by DHCP (Dynamic Host Configuration Protocol,
Dynamic address management agreement) carry out dynamic IP (Internet Protocol, the agreement interconnected between network) resource allocation pipe
Reason has molding management equipment, management process and management method, but remaining static IP resource such as server, network and safety
The a large amount of equipment such as equipment, printer, all kinds of particular terminals still with the artificial statistics of administrative staff, judgement, distribution and combs
Based on, daily when carrying out the work such as operation and maintenance, malfunction elimination, there are larger pressure, are larger " blind in a management
Area ".
The management of existing static ip address is mainly carried out by operating the form of electrical form, is needing to distribute IP address
When, verify whether IP address resource is occupied using ping orders first, then carries out distribution and the record of IP address, finally
IP address relevant information after record distribution.There are following disadvantages for such management mode:(1) since electrical form is artificial
Operation, inevitably will appear artificial careless omission;(2) multiple administrators co-operate a electrical form, and operation interface is not visible, operates
Record can not audit, change after the skimble-scamble phenomenon of data happen occasionally;(3) since data are without uniformity, often will appear
IP address conflict leads to duplicate allocation and the waste of IP address resource, while during malfunction elimination and Security incident handling
It is not easy positioning failure, there are risk hidden danger, it is possible to cause serious consequence.If network address resources lack effective pipe
Reason, may result in the decline of network availability and service quality or even the collapse of network.
Invention content
The object of the present invention is to provide a kind of network address resources Visualized management systems, to realize network address resources
Visualized management improves the safety management water of static network address resource in the network address resources efficiency of management and intranet environment
It is flat.
To achieve the above object, the present invention provides following schemes:
A kind of network address resources Visualized management system, the system comprises:Network address resources acquisition module, network
Address resource display module and network address resources update module;
The network address resources acquisition module, the all-network address resource for obtaining Intranet;The network address
Resource includes IP address, MAC Address, computer name, user name, purposes description, OS Type, access switch name, hands over
It changes planes IP, access switch port, modification time, the admin name for operation of modifying, serve port;
The network address resources display module, for generating network address resources list according to the network address resources
And it is shown;
The network address resources update module, for obtaining the modification operation carried out to the network address resources, and
The network address resources list is updated according to modification operation.
Optionally, the network address resources display module specifically includes:
Network address resources entry generation unit, for by the corresponding MAC Address of the IP address, computer name,
User name, purposes description, OS Type, access switch name, interchanger IP, access switch port, modification time, into
The admin name of row modification operation, serve port correspond to and generate a network address resources entry;
Network address resources display unit, for arranging a plurality of network address resources entry, described in generation
Network address resources list is simultaneously shown.
Optionally, the network address resources update module specifically includes:
Operation judging unit is changed, operation is modified to the network address resources for judging whether, acquisition the
One judging result;
Modification operation acquiring unit is to be modified to the network address resources for working as first judging result
When operation, modification action type and concrete modification operational order are obtained;The modification action type includes addition, distributes and delete
It removes;
Network address resources adding device is used for when the modification action type is addition, according to the concrete modification
Operational order adds the network address resources;
Network address resources allocation unit is used for when the modification action type is distribution, according to the concrete modification
Operational order distributes the network address resources;
Network address resources deleting unit is used for when the modification action type is to delete, according to the concrete modification
Operational order deletes the network address resources.
Optionally, the system also includes:Network address resources statistical module;The network address resources statistical module packet
Include utilization rate statistic unit, time point statistic unit and administrator's statistic unit;
The utilization rate statistic unit, the utilization rate for counting the network address resources in each network segment according to the network segment
And it shows;
The time point statistic unit, modification time for counting the network address resources according to time point are simultaneously shown
Show;
Administrator's statistic unit, for modifying operation to the network address resources according to administrator's statistics
Admin name simultaneously shows.
Optionally, the system also includes:Differentiated control module;The differentiated control module includes that classification account registration is single
Member, classification account log in unit, normal user permission acquiring unit, common management administrator's authority acquiring unit and super keepe power
Limit acquiring unit;
The classification account registering unit, for registering super keepe account, common management administrator's account and ordinary user
Account;
The classification account logs in unit, for the super keepe account, common management administrator's account and described
The login of ordinary user's account;
The normal user permission acquiring unit after being logged in for ordinary user's account, obtains normal user permission;
The normal user permission only includes checking for the network address resources list;
Common management administrator's authority acquiring unit after being logged in for common management administrator's account, obtains common management
Member's permission;Common management administrator's permission includes checking and changing operation to the network address resources list;
The super keepe authority acquiring unit obtains super management after being logged in for the super keepe account
Member's permission;The super keepe permission include to the network address resources list checked and changed operation and it is right
The normal user permission and common management administrator's permission are managed.
Optionally, the system also includes:IP address monitoring module;The IP address monitoring module includes recycling address money
Source acquiring unit, online address resource acquisition unit, exception IP judging units, IP abnormal alarms information generating unit, first row
Table alarm unit and the first alarm mail transmission unit;
The recycling address resource acquiring unit, for obtaining the IP address recycled;
The online address resource acquisition unit, for obtaining online IP address;
The exception IP judging units, for judge the IP address recycled and the online IP address whether phase
Together, the second judging result is obtained;
The IP abnormal alarms information generating unit, for being the IP address recycled when second judging result
When identical as the online IP address, IP abnormal alarm information is generated;
The first list alarm unit, for the institute by the IP abnormal alarms information belonging to the online IP address
It states and is shown in network address resources entry;
The first alarm mail transmission unit, for the IP abnormal alarms information through mail to be sent to administrator
Mailbox.
Optionally, the system also includes:IP service monitoring modules;The IP service monitorings module includes that serve port obtains
Take unit, serve port to show, serve port judging unit and service open-ended unit;
The serve port acquiring unit, all serve ports opened for obtaining each IP address;
The IP address is added in the serve port display unit, all serve ports for opening the IP address
In the affiliated network address resources entry and shown;
The serve port judging unit, for judging the serve port, whether it is necessary to openings, obtain third and judge
As a result;
The serve port open cell, for being that it is necessary to openings for the serve port when the third judging result
When, maintain the open serve port.
Optionally, the system also includes:Physics changes alarm module;The physics change alarm module includes physical bit
Set information acquisition unit, the first physical location change judging unit, the second physical location change judging unit, physics change alarm
Information generating unit, the second list alarm unit and the second alarm mail transmission unit;
The physical location information acquiring unit, for obtaining the corresponding current MAC address of the IP address in real time and working as
The switch port of preceding access;
First physical location changes judging unit, for judging belonging to the current MAC address and the IP address
The network address resources entry in the MAC Address that records it is whether identical, obtain the 4th judging result;
Second physical location changes judging unit, for judging the switch port being currently accessed and the IP
Whether the access switch port recorded in the network address resources entry belonging to address is identical, obtains the 5th and judges
As a result;
The physics changes warning message generation unit, for working as the 4th judging result or the 5th judging result
In any one for be when, generate physical location change warning message;
The second list alarm unit, for the physical location to be changed warning message belonging to the IP address
It is shown in the network address resources entry;
The second alarm mail transmission unit, for physical location change warning message to be sent to by mail
Administrator's mailbox.
According to specific embodiment provided by the invention, the invention discloses following technique effects:
A kind of network address resources Visualized management system provided by the invention, including network address resources acquisition module,
Network address resources display module and network address resources update module;The network address resources acquisition module obtains Intranet
All-network address resource;The network address resources display module generates network address resources according to the network address resources
List is simultaneously shown;The network address resources update module operates more according to the modification carried out to the network address resources
The new network address resources list, the real-time update and visualization for realizing network address resources are shown, effectively prevent people
Artificial careless omission that work operation occurs, IP address resource the problems such as being duplicatedly distributed, improve the network address resources efficiency of management with
The safety management level of static network address resource in intranet environment.
Description of the drawings
It in order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, below will be to institute in embodiment
Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the present invention
Example, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these attached drawings
Obtain other attached drawings.
Fig. 1 is a kind of structural schematic diagram of network address resources Visualized management system provided by the invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The object of the present invention is to provide a kind of network address resources Visualized management systems, to realize network address resources
Visualized management improves the safety management water of static network address resource in the network address resources efficiency of management and intranet environment
It is flat.
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, below in conjunction with the accompanying drawings and specific real
Applying mode, the present invention is described in further detail.
Existing network resource management center, IDC (Internet Data Center, Internet data center) region have
More information system and the server apparatus carried for it, reaching the standard grade, run, is offline etc. for each information system have formd
The management process of effect, but due to various real (intersectoral coordination, administrator's levels etc.) or the original of history (handing-over, forgetting etc.)
The case where cause, management not in place, management absence, also happens occasionally, and at the same time, also and none technology is to each equipment or information
The upper offline situation of system is monitored in real time, and there are larger managerial security risks.For this purpose, the present invention provides a kind of nets
Network address resource Visualized management system improves network address resources management to realize the visualized management of network address resources
The safety management level of static network address resource in efficiency and intranet environment.
Fig. 1 is a kind of structural schematic diagram of network address resources Visualized management system provided by the invention.Referring to Fig. 1,
A kind of network address resources Visualized management system provided by the invention includes network address resources acquisition module 101, network
Location resource display module 102, network address resources update module 103, network address resources statistical module 104, differentiated control mould
Block 105, IP address monitoring module 106, IP service monitorings module 107 and physics change alarm module 108.
The network address resources acquisition module 101, the all-network address resource for obtaining Intranet, the institute of Intranet
There are network address resources to be obtained by the network segment.The network address resources mainly include the particular use of each network segment, specifically
Including IP address, MAC Address, computer name, user name, purposes description, OS Type, access switch name, interchanger
IP, access switch port, modification time, the admin name for operation of modifying, serve port.The IP address and MAC
Address, computer name, user name, purposes description, OS Type, access switch name, interchanger IP, access switch end
Mouth, modification time, the admin name for operation of modifying and serve port correspond.The IP address includes static IP
Address and dynamic IP addressing.
The network address resources display module 102, for generating network address resources according to the network address resources
List is simultaneously shown.Specifically unified visualization can be carried out to the all-network address resource of Intranet on system software interface
Show and analyzes.
The network address resources display module 102 specifically includes:
Network address resources entry generation unit, for by the corresponding MAC Address of the IP address, computer name,
User name, purposes description, OS Type, access switch name, interchanger IP, access switch port, modification time, into
The admin name of row modification operation, serve port correspond to and generate a network address resources entry;
Network address resources display unit, for arranging a plurality of network address resources entry, described in generation
Network address resources list is simultaneously shown.
Investigation client is needed in failure, when there are divulging a secret the information security events such as needs evidence obtaining, passes through tradition
IP address or the modes such as user login name to come location client end often time-consuming and laborious, need to carry out such as interchanger, DHCP
Server, AD (Windows ActiveDirectories, Microsoft Active Directory) pre-control, network log-in management etc. covers system
Or the combination of equipment, it could finally determine the information such as the identity, the identity of client, physical location of user, waste analysis and take
" prime time " of card.The present invention integrates all network address money of Intranet by the network address resources display module 102
The corresponding MAC Address of each IP address, computer name, user name, purposes description, OS Type, access are handed in source
Change planes name, interchanger IP, access switch port, modification time, the admin name for operation of modifying, serve port generate
One network address resources entry is simultaneously shown.When failure needs to investigate client, the information such as collects evidence in the needs that occurring divulging a secret
When security incident, the network address resources list can be directly accessed, according to the network address resources belonging to each IP address
Entry can directly acquire the information such as the identity of user, the identity of client, physical location, and acquisition of information is accurate, timely, effectively
The safety management level for improving dynamic and static network address resources in intranet environment realizes " can look into controllable " of equipment, improves
Working efficiency, reduces security risk.
The network address resources update module 103, for obtaining the modification operation carried out to the network address resources,
And the network address resources list is updated according to modification operation.
The network address resources update module 103 specifically includes modification operation judging unit, modification operates acquiring unit,
Network address resources adding device, network address resources allocation unit and network address resources deleting unit are used for auditing system
Addition, distribution and the corresponding IP resource operations of deletion of administrator.The system manager includes common management administrator and super pipe
Reason person.
The modification operation judging unit, for judging whether system manager repaiies the network address resources
Change operation, obtains the first judging result.
The modification operates acquiring unit, is to be carried out to the network address resources for working as first judging result
When modification operation, modification action type and concrete modification operational order are obtained;The modification action type include addition, distribution and
It deletes.
The network address resources adding device is used for when the modification action type is addition, according to described specific
Modification operational order adds the corresponding position in the network address resources to the network address resources list.
The network address resources allocation unit is used for when the modification action type is distribution, according to described specific
Modification operational order distributes the corresponding position in the network address resources to the network address resources list.
The network address resources deleting unit is used for when the modification action type is to delete, according to described specific
Operational order is changed, the network address resources are deleted from the corresponding position in the network address resources list.
, can be with real-time update IP address list in this way by the network address resources update module 103, administrative staff are just
Can from the network address resources list the open-and-shut distribution condition for obtaining existing IP resources, also can audit resources quilt
Who dispenses, what purposes is made, and realizes the visualized management of network address resources.
Further, the network address resources statistical module 104 includes utilization rate statistic unit, time point statistic unit
With administrator's statistic unit, the distribution service condition of each network address resources can be counted.
The utilization rate statistic unit, the utilization rate for counting the network address resources in each network segment according to the network segment
And it shows.The existing utilization rate of statistics network address resource, the network resource utilization dispensed is presented with percentage,
Foundation can be provided for the reasonable distribution of network address resources.
The time point statistic unit, the modification time for counting the network address resources according to time point, and
It is shown in the network address resources list;
Administrator's statistic unit, for modifying operation to the network address resources according to administrator's statistics
Admin name, and shown in the network address resources list.
It, can real-time record modification time and modification personnel, reality in this way when the network address resources list is changed
Showed IP address modification, distribution look into it is controllable, when effectively preventing multiple administrators and co-operating a electrical form, due to
The skimble-scamble phenomenon of data after modification caused by operation interface is not visible, operation note can not audit, while with also avoiding IP
Network address resources caused by the duplicate allocation of location resource waste problem.
In order to improve the security performance of network address resources management, network address resources visualized management provided by the invention
System also achieves the authority classification management to each network segment network address resources.System permission is divided into two-stage, is divided into administrator
Account and ordinary user's account are responsible for other administrators or ordinary user wherein there are one super keepe account admin for acquiescence
The foundation of account and the distribution of permission use.System manager can change and (increase, distribution, delete) network address resources, can
To allow specific network address resources to be managed by specific administrator.Ordinary user can only check current network address resources
Distribution and service condition, lack of competence modification.Super keepe account can audit the operation of common management administrator and ordinary user
Situation.
Specifically, the differentiated control module 105 includes classification account registering unit, is classified account login unit, is common
User right acquiring unit, common management administrator's authority acquiring unit and super keepe authority acquiring unit.
The classification account registering unit, for registering super keepe account, common management administrator's account and ordinary user
Account;
The classification account logs in unit, for the super keepe account, common management administrator's account and described
The login of ordinary user's account;
The normal user permission acquiring unit after being logged in for ordinary user's account, obtains normal user permission;
The normal user permission only includes checking for the network address resources list;
Common management administrator's authority acquiring unit after being logged in for common management administrator's account, obtains common management
Member's permission;Common management administrator's permission includes checking and changing operation to the network address resources list;
The super keepe authority acquiring unit obtains super management after being logged in for the super keepe account
Member's permission;The super keepe permission include to the network address resources list checked and changed operation and it is right
The normal user permission and common management administrator's permission are managed.
Also there is network address resources Visualized management system provided by the invention IP address and service to continue monitoring function.
Wherein, IP address monitoring function, by timing scan detect IP address online situation, abnormal behaviour such as IP has been recycled but
The IP address for situations such as line, system are offline but IP is online is alarmed.Mainly by integrating NMAP (Network on backstage
Mapper, network mapping device) network port scanning plug-in unit, timer-triggered scheduler plan is set, the whole network address resource is detected, it is main
Online address resource is collected by PING and port scan.After information is collected, online and non-online IP address passes through not
With network logo icons distinguish.Still show that survival exists after IP address resource is recovered in the system, but by network detection
Line then illustrates that the address resource is illegally occupied, at this point, system can be by way of log event alarm in homepage corresponding network segment
Display can also be confirmed by way of mail is arranged and sends by administrator.
Specifically, the IP address monitoring module 106 includes recycling address resource acquiring unit, online address resource acquisition
Unit, exception IP judging units, IP abnormal alarms information generating unit, first list alarm unit and the first alarm mail are sent
Unit;
The recycling address resource acquiring unit, for obtaining the IP address recycled;
The online address resource acquisition unit, for obtaining online IP address;
The exception IP judging units, for judge the IP address recycled and the online IP address whether phase
Together, the second judging result is obtained;
The IP abnormal alarms information generating unit, for being the IP address recycled when second judging result
When identical as the online IP address, IP abnormal alarm information is generated;
The first list alarm unit, for the institute by the IP abnormal alarms information belonging to the online IP address
It states and is shown in network address resources entry;
The first alarm mail transmission unit, for the IP abnormal alarms information through mail to be sent to administrator
Mailbox.
IP service monitoring functions show the opening status of corresponding port, in time mainly by the monitoring of IP serve ports
Track the particular use of IP resources.Plug-in unit is scanned by integrating the NMAP network ports on backstage, Internet resources are scheduled and are swept
It retouches, all serve ports that each address resource opens all is set out.It, can after coming out the case where open port
To combine operation system purposes, judging this resource, whether it is necessary to this open generic ports, to realize the optimization of network address resources
Management.
Specifically, the IP service monitorings module 107 include serve port acquiring unit, serve port show, server-side
Mouth judging unit and service open-ended unit.
The serve port acquiring unit, all serve ports opened for obtaining each IP address;
The IP address is added in the serve port display unit, all serve ports for opening the IP address
In the affiliated network address resources entry and shown;
The serve port judging unit, for judging the serve port, whether it is necessary to openings, obtain third and judge
As a result;
The serve port open cell, for being that it is necessary to openings for the serve port when the third judging result
When, maintain the open serve port.
In addition, network address resources Visualized management system provided by the invention also has IP address and equipment investigation management
Function.By integrated AD domain systems, IP address, MAC Address, login account, the computer name etc. of logged-in user are obtained in real time
Information accomplishes the real-name management of IP address.And by integrating SNMP (Simple Network Management
Protocol, Simple Network Management Protocol), obtain in real time each interchanger ARP (Address Resolution Protocol,
Address resolution protocol) information such as table, mac address table, the physical location of each equipment is positioned in real time, and to the physics of equipment change etc.
Behavior is timely alerted.
Wherein, the control of the domains AD is the Active Directory system of Microsoft, is managed collectively the user account of all internal address resources.It is logical
It crosses and uses api interface, regular schedule plan is set, go on the domains AD control server to obtain IP address, MAC Address, login account, meter
The network address resources information such as calculation machine name, then correspondence matching is associated in the network address resources list, thus
With the specifically used person of definite network resource whom can be, accomplish that system of real name closes management.Meanwhile procotol is disclosed by SNMP, if
Calling plan is set, is logged on on each interchanger by api interface, (IP address and the corresponding of MAC are closed the ARP table of acquisition
System), in mac address table (MAC Address and port correspondence) data correlation to system database, with re-mapping the network
On the Resources list of location, IP address and MAC Address, interchanger access interface, interchanger VLAN (Virtual can be presented in this way
Local Area Network, virtual LAN) correspondence, the data obtained every time can all do in background system database
It is primary to compare, just illustrate that on-position is changed when finding that information is inconsistent, system generates a change and accuses at this time
It is alert, it can also notify administrator by lettergram mode.
The realization of B/S software architectures can be used in network address resources Visualized management system provided by the invention, and administrator is logical
It crosses WEB interface and manages the system.Front and back end is all made of popular and ripe development language and tool, passes through LDAP
(Lightweight Directory Access Protocol, Light Directory Access Protocol) domains slitless connection AD are controlled, and are passed through
Snmp protocol reads exchanger information, realizes the system of real name of IP address, and by monitor analyze existing IP resources use and
Line situation, the particular use and physical location for tracking IP resources, realize the real-time centralized management of network address resources.
Specifically, the physics change alarm module 108 includes:
Physical location information acquiring unit, for obtaining the corresponding current MAC address of the IP address in real time and currently connecing
The switch port entered;
First physical location changes judging unit, for judging the current MAC address and the institute belonging to the IP address
It whether identical states the MAC Address recorded in network address resources entry, obtains the 4th judging result;
Second physical location changes judging unit, for judging the switch port being currently accessed and the IP address
Whether the access switch port recorded in the affiliated network address resources entry is identical, obtains the 5th and judges knot
Fruit;
Physics changes warning message generation unit, for when in the 4th judging result or the 5th judging result
Meaning one changes warning message when being, to generate physical location;
The second list alarm unit, for the physical location to be changed warning message belonging to the IP address
It is shown in the network address resources entry;
The second alarm mail transmission unit, for physical location change warning message to be sent to by mail
Administrator's mailbox.
As it can be seen that network address resources Visualized management system provided by the invention, is replaced using network address resources list
Original electrical form inefficient way to manage realizes the fining of full-mesh network address resource and visualization centralized management, real
The operation audit, state alarm and statistical analysis for having showed network address resources distribution, can make system manager and ordinary user
The network address resources distribution condition of the whole network is grasped in time, and convenient and efficient inquiry network address resources correspondence ensure that IP
Resource will not be duplicatedly distributed, it is therefore prevented that IP conflicts.It is held in conjunction with the practical use of IP address by the scanning and detection of timing
The online situation of continuous monitoring IP address, the particular use of scanning probe IP resources monitor the current state of IP address, show simultaneously
The opening status of corresponding port carries out alarm notification in real time, reduces safety management hidden danger.Pass through the integrated domains AD and SNMP moulds
Block, the system of real name information and location information for obtaining IP address also achieve physical bit while realizing IP address system of real name
The real-time tracing set enhances client event disposing capacity and safety management performance, improves general safety O&M and management
It is horizontal.
Principle and implementation of the present invention are described for specific case used herein, and above example is said
The bright method and its core concept for being merely used to help understand the present invention;Meanwhile for those of ordinary skill in the art, foundation
The thought of the present invention, there will be changes in the specific implementation manner and application range.In conclusion the content of the present specification is not
It is interpreted as limitation of the present invention.
Claims (8)
1. a kind of network address resources Visualized management system, which is characterized in that including:Network address resources acquisition module, net
Network address resource display module and network address resources update module;
The network address resources acquisition module, the all-network address resource for obtaining Intranet;The network address resources
Including IP address, MAC Address, computer name, user name, purposes description, OS Type, access switch name, interchanger
IP, access switch port, modification time, the admin name for operation of modifying, serve port;
The network address resources display module is gone forward side by side for generating network address resources list according to the network address resources
Row display;
The network address resources update module operates the modification that the network address resources carry out for obtaining, and according to
The modification operation updates the network address resources list.
2. network address resources Visualized management system according to claim 1, which is characterized in that the network address money
Source display module specifically includes:
Network address resources entry generation unit is used for the corresponding MAC Address of the IP address, computer name, user
Name, OS Type, access switch name, interchanger IP, access switch port, modification time, is repaiied at purposes description
Change the admin name of operation, serve port corresponds to and generates a network address resources entry;
Network address resources display unit generates the network for arranging a plurality of network address resources entry
Address resource list is simultaneously shown.
3. network address resources Visualized management system according to claim 2, which is characterized in that the network address money
Source update module specifically includes:
Operation judging unit is changed, operation is modified to the network address resources for judging whether, first is obtained and sentences
Disconnected result;
Modification operation acquiring unit is to be modified operation to the network address resources for working as first judging result
When, obtain modification action type and concrete modification operational order;The modification action type includes addition, distribution and deletes;
Network address resources adding device, for when the modification action type is addition, being operated according to the concrete modification
The network address resources are added in instruction;
Network address resources allocation unit, for when the modification action type is distribution, being operated according to the concrete modification
Instruction distributes the network address resources;
Network address resources deleting unit, for when the modification action type is to delete, being operated according to the concrete modification
The network address resources are deleted in instruction.
4. network address resources Visualized management system according to claim 3, which is characterized in that the system is also wrapped
It includes:Network address resources statistical module;The network address resources statistical module includes utilization rate statistic unit, time point statistics
Unit and administrator's statistic unit;
The utilization rate statistic unit, for counting the utilization rate of the network address resources in each network segment according to the network segment and showing
Show;
The time point statistic unit, modification time and display for counting the network address resources according to time point;
Administrator's statistic unit, the management for operation of modifying to the network address resources according to administrator's statistics
Member's title is simultaneously shown.
5. network address resources Visualized management system according to claim 4, which is characterized in that the system is also wrapped
It includes:Differentiated control module;The differentiated control module includes classification account registering unit, classification account login unit, commonly uses
Family authority acquiring unit, common management administrator's authority acquiring unit and super keepe authority acquiring unit;
The classification account registering unit, for registering super keepe account, common management administrator's account and ordinary user's account;
The classification account logs in unit, for the super keepe account, common management administrator's account and described common
The login of user account;
The normal user permission acquiring unit after being logged in for ordinary user's account, obtains normal user permission;It is described
Normal user permission only includes checking for the network address resources list;
Common management administrator's authority acquiring unit after being logged in for common management administrator's account, obtains common management administrator's power
Limit;Common management administrator's permission includes checking and changing operation to the network address resources list;
The super keepe authority acquiring unit after being logged in for the super keepe account, obtains super keepe power
Limit;The super keepe permission includes being checked and being changed operation to the network address resources list and to described
Normal user permission and common management administrator's permission are managed.
6. network address resources Visualized management system according to claim 5, which is characterized in that the system is also wrapped
It includes:IP address monitoring module;The IP address monitoring module includes recycling address resource acquiring unit, online address resource acquisition
Unit, exception IP judging units, IP abnormal alarms information generating unit, first list alarm unit and the first alarm mail are sent
Unit;
The recycling address resource acquiring unit, for obtaining the IP address recycled;
The online address resource acquisition unit, for obtaining online IP address;
The exception IP judging units, for judging whether the IP address recycled and the online IP address are identical, obtain
Obtain the second judging result;
The IP abnormal alarms information generating unit, for being the IP address recycled and institute when second judging result
State online IP address it is identical when, generate IP abnormal alarm information;
The first list alarm unit, for the net by the IP abnormal alarms information belonging to the online IP address
It is shown in network address resource entry;
The first alarm mail transmission unit, for the IP abnormal alarms information through mail to be sent to administrator's postal
Case.
7. network address resources Visualized management system according to claim 6, which is characterized in that the system is also wrapped
It includes:IP service monitoring modules;The IP service monitorings module include serve port acquiring unit, serve port show, server-side
Mouth judging unit and service open-ended unit;
The serve port acquiring unit, all serve ports opened for obtaining each IP address;
The serve port display unit, all serve ports for opening the IP address are added belonging to the IP address
The network address resources entry in and shown;
The serve port judging unit, for judging the serve port, whether it is necessary to openings, obtain third judging result;
The serve port open cell, for when it is necessary to when opening, tie up for the serve port for the third judging result
Hold the open serve port.
8. network address resources Visualized management system according to claim 7, which is characterized in that the system is also wrapped
It includes:Physics changes alarm module;The physics change alarm module includes physical location information acquiring unit, the first physical location
Change judging unit, the second physical location change judging unit, physics change warning message generation unit, the secondary series statistical tables and reports
Alert unit and the second alarm mail transmission unit;
The physical location information acquiring unit, for obtaining the corresponding current MAC address of the IP address in real time and currently connecing
The switch port entered;
First physical location changes judging unit, for judging the current MAC address and the institute belonging to the IP address
It whether identical states the MAC Address recorded in network address resources entry, obtains the 4th judging result;
Second physical location changes judging unit, for judging the switch port being currently accessed and the IP address
Whether the access switch port recorded in the affiliated network address resources entry is identical, obtains the 5th and judges knot
Fruit;
The physics changes warning message generation unit, for when in the 4th judging result or the 5th judging result
Meaning one changes warning message when being, to generate physical location;
The second list alarm unit, described in by physical location change warning message belonging to the IP address
It is shown in network address resources entry;
The second alarm mail transmission unit, for physical location change warning message to be sent to management by mail
Member's mailbox.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810553382.9A CN108769289B (en) | 2018-05-31 | 2018-05-31 | Network address resource visualization management system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810553382.9A CN108769289B (en) | 2018-05-31 | 2018-05-31 | Network address resource visualization management system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108769289A true CN108769289A (en) | 2018-11-06 |
CN108769289B CN108769289B (en) | 2021-08-03 |
Family
ID=64001687
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810553382.9A Active CN108769289B (en) | 2018-05-31 | 2018-05-31 | Network address resource visualization management system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108769289B (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110620682A (en) * | 2019-08-26 | 2019-12-27 | 奇安信科技集团股份有限公司 | Resource information acquisition method and device, storage medium and terminal |
CN110943984A (en) * | 2019-11-25 | 2020-03-31 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
CN112004161A (en) * | 2020-07-09 | 2020-11-27 | 视联动力信息技术股份有限公司 | Processing method and device of address resources, terminal equipment and storage medium |
CN112579560A (en) * | 2020-08-21 | 2021-03-30 | 中国科学院国家授时中心 | Monitoring control management system and method |
CN114143225A (en) * | 2021-11-03 | 2022-03-04 | 中盈优创资讯科技有限公司 | Method and device for dynamically monitoring abnormal active address based on network detection technology |
CN114448935A (en) * | 2022-01-05 | 2022-05-06 | 中盈优创资讯科技有限公司 | Automatic pushing processing method and device for IP address availability alarm |
CN115550317A (en) * | 2022-09-19 | 2022-12-30 | 中国工商银行股份有限公司 | Network resource management method, device, computer equipment and storage medium |
CN115550203A (en) * | 2022-12-01 | 2022-12-30 | 杭州中电安科现代科技有限公司 | Visualization method, device, equipment and medium for flow communication information |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101083557A (en) * | 2007-06-29 | 2007-12-05 | 中兴通讯股份有限公司 | SNMP based IP network cluster managerial approach |
CN102571550A (en) * | 2010-12-30 | 2012-07-11 | 北京亿阳信通软件研究院有限公司 | General information interaction platform and method |
CN103312836A (en) * | 2013-06-28 | 2013-09-18 | 国家电网公司 | Large local network internet protocol (IP) address administration method |
CN103379179A (en) * | 2012-04-17 | 2013-10-30 | 中兴通讯股份有限公司 | Method and system for planning network IP address |
CN104184616A (en) * | 2014-08-08 | 2014-12-03 | 国家电网公司 | Intelligent management system for local area network resources |
CN105391815A (en) * | 2015-10-22 | 2016-03-09 | 广州咨元信息科技有限公司 | Internet IP address resource collection and centralized management method |
US20160218993A1 (en) * | 2001-12-18 | 2016-07-28 | Perftech, Inc. | Internet provider subscriber communications system |
-
2018
- 2018-05-31 CN CN201810553382.9A patent/CN108769289B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160218993A1 (en) * | 2001-12-18 | 2016-07-28 | Perftech, Inc. | Internet provider subscriber communications system |
CN101083557A (en) * | 2007-06-29 | 2007-12-05 | 中兴通讯股份有限公司 | SNMP based IP network cluster managerial approach |
CN102571550A (en) * | 2010-12-30 | 2012-07-11 | 北京亿阳信通软件研究院有限公司 | General information interaction platform and method |
CN103379179A (en) * | 2012-04-17 | 2013-10-30 | 中兴通讯股份有限公司 | Method and system for planning network IP address |
CN103312836A (en) * | 2013-06-28 | 2013-09-18 | 国家电网公司 | Large local network internet protocol (IP) address administration method |
CN104184616A (en) * | 2014-08-08 | 2014-12-03 | 国家电网公司 | Intelligent management system for local area network resources |
CN105391815A (en) * | 2015-10-22 | 2016-03-09 | 广州咨元信息科技有限公司 | Internet IP address resource collection and centralized management method |
Non-Patent Citations (2)
Title |
---|
刘辉舟: "《市县供电企业信息网络地址精细化管理和终端准入安全审计方法研究》", 《通讯世界》 * |
杨钰: "《基于IP地址的供电公司信息管理系统》", 《软件》 * |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110620682B (en) * | 2019-08-26 | 2023-01-06 | 奇安信科技集团股份有限公司 | Resource information acquisition method and device, storage medium and terminal |
CN110620682A (en) * | 2019-08-26 | 2019-12-27 | 奇安信科技集团股份有限公司 | Resource information acquisition method and device, storage medium and terminal |
CN110943984A (en) * | 2019-11-25 | 2020-03-31 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
CN110943984B (en) * | 2019-11-25 | 2021-09-28 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
CN112004161A (en) * | 2020-07-09 | 2020-11-27 | 视联动力信息技术股份有限公司 | Processing method and device of address resources, terminal equipment and storage medium |
CN112004161B (en) * | 2020-07-09 | 2024-05-28 | 视联动力信息技术股份有限公司 | Address resource processing method and device, terminal equipment and storage medium |
CN112579560A (en) * | 2020-08-21 | 2021-03-30 | 中国科学院国家授时中心 | Monitoring control management system and method |
CN114143225A (en) * | 2021-11-03 | 2022-03-04 | 中盈优创资讯科技有限公司 | Method and device for dynamically monitoring abnormal active address based on network detection technology |
CN114448935A (en) * | 2022-01-05 | 2022-05-06 | 中盈优创资讯科技有限公司 | Automatic pushing processing method and device for IP address availability alarm |
CN114448935B (en) * | 2022-01-05 | 2024-01-05 | 中盈优创资讯科技有限公司 | Automatic pushing processing method and device for IP address availability alarm |
CN115550317A (en) * | 2022-09-19 | 2022-12-30 | 中国工商银行股份有限公司 | Network resource management method, device, computer equipment and storage medium |
CN115550317B (en) * | 2022-09-19 | 2024-05-28 | 中国工商银行股份有限公司 | Network resource management method, device, computer equipment and storage medium |
CN115550203A (en) * | 2022-12-01 | 2022-12-30 | 杭州中电安科现代科技有限公司 | Visualization method, device, equipment and medium for flow communication information |
CN115550203B (en) * | 2022-12-01 | 2023-03-10 | 杭州中电安科现代科技有限公司 | Visualization method, device, equipment and medium for traffic communication information |
Also Published As
Publication number | Publication date |
---|---|
CN108769289B (en) | 2021-08-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108769289A (en) | A kind of network address resources Visualized management system | |
CN105119750B (en) | A kind of safe operation management platform system of distributed information based on big data | |
CN105139139B (en) | Data processing method and device and system for O&M audit | |
CN109831327A (en) | IMS full service network based on big data analysis monitors intelligent operation support system | |
US7185366B2 (en) | Security administration server and its host server | |
CN102158360B (en) | Network fault self-diagnosis method based on causal relationship positioning of time factors | |
CN106059087B (en) | A kind of intelligent substation vulnerability analysis assessment system | |
CN105721198B (en) | A kind of video monitoring system Log security auditing method | |
CN212259006U (en) | Network security management equipment | |
CN111092869A (en) | Security management and control method for terminal access to office network and authentication server | |
CN108960456A (en) | Private clound secure, integral operation platform | |
CN108900541A (en) | One kind being directed to cloud data center SDN Security Situation Awareness Systems and method | |
CN105282772A (en) | Wireless network data communication equipment monitoring system and equipment monitoring method | |
CN106412113A (en) | Energy cloud service system and communication method thereof | |
CN106131023A (en) | A kind of Information Security Risk strength identifies system | |
CN108270716A (en) | A kind of audit of information security method based on cloud computing | |
CN107426191A (en) | A kind of leak early warning and emergency response automatic warning system | |
CN106779485B (en) | SOA architecture-based comprehensive management system and data processing method | |
CN106055984A (en) | Classified management method applied to security baseline software | |
CN107659618A (en) | A kind of cloud auditing system | |
CN110430265A (en) | A kind of method and device obtaining server and inter-exchange corresponding relationship | |
CN105072386A (en) | Video networking system based on multicast technologies and state monitoring method | |
CN114553471A (en) | Tenant safety management system | |
CN112333020A (en) | Network security monitoring and data message analyzing system based on quintuple | |
CN106911510A (en) | The availability monitoring system and method for network admittance system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20210708 Address after: 510600 room 603, 6 / F, No.15 software Road, Tianhe District, Guangzhou City, Guangdong Province Applicant after: Guangdong Liqian Intelligent Technology Co.,Ltd. Address before: C1, 12th floor, Everbright Bank building, 689 Tianhe North Road, Tianhe District, Guangzhou, Guangdong 510000 Applicant before: GUANGZHOU JINHUACHENG TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |