CN108769289A - A kind of network address resources Visualized management system - Google Patents

A kind of network address resources Visualized management system Download PDF

Info

Publication number
CN108769289A
CN108769289A CN201810553382.9A CN201810553382A CN108769289A CN 108769289 A CN108769289 A CN 108769289A CN 201810553382 A CN201810553382 A CN 201810553382A CN 108769289 A CN108769289 A CN 108769289A
Authority
CN
China
Prior art keywords
network address
unit
resources
address resources
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810553382.9A
Other languages
Chinese (zh)
Other versions
CN108769289B (en
Inventor
廖炎平
吕涛
任晔峰
过昕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Liqian Intelligent Technology Co.,Ltd.
Original Assignee
Jinhua Guangzhou Cheng Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinhua Guangzhou Cheng Technology Co Ltd filed Critical Jinhua Guangzhou Cheng Technology Co Ltd
Priority to CN201810553382.9A priority Critical patent/CN108769289B/en
Publication of CN108769289A publication Critical patent/CN108769289A/en
Application granted granted Critical
Publication of CN108769289B publication Critical patent/CN108769289B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5053Lease time; Renewal aspects

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a kind of network address resources Visualized management systems.The system comprises network address resources acquisition module, network address resources display module and network address resources update modules;The network address resources acquisition module obtains the all-network address resource of Intranet;The network address resources display module generates network address resources list according to the network address resources and is shown;The network address resources update module updates the network address resources list according to the modification operation carried out to the network address resources, the real-time update and visualization for realizing network address resources are shown, effectively prevent manual operation appearance it is artificial slip, IP address resource the problems such as being duplicatedly distributed, improve the safety management level of static network address resource in the network address resources efficiency of management and intranet environment.

Description

A kind of network address resources Visualized management system
Technical field
The present invention relates to network resource management technical fields, more particularly to a kind of network address resources visualized management system System.
Background technology
Currently, inner net computer terminal mainly by DHCP (Dynamic Host Configuration Protocol, Dynamic address management agreement) carry out dynamic IP (Internet Protocol, the agreement interconnected between network) resource allocation pipe Reason has molding management equipment, management process and management method, but remaining static IP resource such as server, network and safety The a large amount of equipment such as equipment, printer, all kinds of particular terminals still with the artificial statistics of administrative staff, judgement, distribution and combs Based on, daily when carrying out the work such as operation and maintenance, malfunction elimination, there are larger pressure, are larger " blind in a management Area ".
The management of existing static ip address is mainly carried out by operating the form of electrical form, is needing to distribute IP address When, verify whether IP address resource is occupied using ping orders first, then carries out distribution and the record of IP address, finally IP address relevant information after record distribution.There are following disadvantages for such management mode:(1) since electrical form is artificial Operation, inevitably will appear artificial careless omission;(2) multiple administrators co-operate a electrical form, and operation interface is not visible, operates Record can not audit, change after the skimble-scamble phenomenon of data happen occasionally;(3) since data are without uniformity, often will appear IP address conflict leads to duplicate allocation and the waste of IP address resource, while during malfunction elimination and Security incident handling It is not easy positioning failure, there are risk hidden danger, it is possible to cause serious consequence.If network address resources lack effective pipe Reason, may result in the decline of network availability and service quality or even the collapse of network.
Invention content
The object of the present invention is to provide a kind of network address resources Visualized management systems, to realize network address resources Visualized management improves the safety management water of static network address resource in the network address resources efficiency of management and intranet environment It is flat.
To achieve the above object, the present invention provides following schemes:
A kind of network address resources Visualized management system, the system comprises:Network address resources acquisition module, network Address resource display module and network address resources update module;
The network address resources acquisition module, the all-network address resource for obtaining Intranet;The network address Resource includes IP address, MAC Address, computer name, user name, purposes description, OS Type, access switch name, hands over It changes planes IP, access switch port, modification time, the admin name for operation of modifying, serve port;
The network address resources display module, for generating network address resources list according to the network address resources And it is shown;
The network address resources update module, for obtaining the modification operation carried out to the network address resources, and The network address resources list is updated according to modification operation.
Optionally, the network address resources display module specifically includes:
Network address resources entry generation unit, for by the corresponding MAC Address of the IP address, computer name, User name, purposes description, OS Type, access switch name, interchanger IP, access switch port, modification time, into The admin name of row modification operation, serve port correspond to and generate a network address resources entry;
Network address resources display unit, for arranging a plurality of network address resources entry, described in generation Network address resources list is simultaneously shown.
Optionally, the network address resources update module specifically includes:
Operation judging unit is changed, operation is modified to the network address resources for judging whether, acquisition the One judging result;
Modification operation acquiring unit is to be modified to the network address resources for working as first judging result When operation, modification action type and concrete modification operational order are obtained;The modification action type includes addition, distributes and delete It removes;
Network address resources adding device is used for when the modification action type is addition, according to the concrete modification Operational order adds the network address resources;
Network address resources allocation unit is used for when the modification action type is distribution, according to the concrete modification Operational order distributes the network address resources;
Network address resources deleting unit is used for when the modification action type is to delete, according to the concrete modification Operational order deletes the network address resources.
Optionally, the system also includes:Network address resources statistical module;The network address resources statistical module packet Include utilization rate statistic unit, time point statistic unit and administrator's statistic unit;
The utilization rate statistic unit, the utilization rate for counting the network address resources in each network segment according to the network segment And it shows;
The time point statistic unit, modification time for counting the network address resources according to time point are simultaneously shown Show;
Administrator's statistic unit, for modifying operation to the network address resources according to administrator's statistics Admin name simultaneously shows.
Optionally, the system also includes:Differentiated control module;The differentiated control module includes that classification account registration is single Member, classification account log in unit, normal user permission acquiring unit, common management administrator's authority acquiring unit and super keepe power Limit acquiring unit;
The classification account registering unit, for registering super keepe account, common management administrator's account and ordinary user Account;
The classification account logs in unit, for the super keepe account, common management administrator's account and described The login of ordinary user's account;
The normal user permission acquiring unit after being logged in for ordinary user's account, obtains normal user permission; The normal user permission only includes checking for the network address resources list;
Common management administrator's authority acquiring unit after being logged in for common management administrator's account, obtains common management Member's permission;Common management administrator's permission includes checking and changing operation to the network address resources list;
The super keepe authority acquiring unit obtains super management after being logged in for the super keepe account Member's permission;The super keepe permission include to the network address resources list checked and changed operation and it is right The normal user permission and common management administrator's permission are managed.
Optionally, the system also includes:IP address monitoring module;The IP address monitoring module includes recycling address money Source acquiring unit, online address resource acquisition unit, exception IP judging units, IP abnormal alarms information generating unit, first row Table alarm unit and the first alarm mail transmission unit;
The recycling address resource acquiring unit, for obtaining the IP address recycled;
The online address resource acquisition unit, for obtaining online IP address;
The exception IP judging units, for judge the IP address recycled and the online IP address whether phase Together, the second judging result is obtained;
The IP abnormal alarms information generating unit, for being the IP address recycled when second judging result When identical as the online IP address, IP abnormal alarm information is generated;
The first list alarm unit, for the institute by the IP abnormal alarms information belonging to the online IP address It states and is shown in network address resources entry;
The first alarm mail transmission unit, for the IP abnormal alarms information through mail to be sent to administrator Mailbox.
Optionally, the system also includes:IP service monitoring modules;The IP service monitorings module includes that serve port obtains Take unit, serve port to show, serve port judging unit and service open-ended unit;
The serve port acquiring unit, all serve ports opened for obtaining each IP address;
The IP address is added in the serve port display unit, all serve ports for opening the IP address In the affiliated network address resources entry and shown;
The serve port judging unit, for judging the serve port, whether it is necessary to openings, obtain third and judge As a result;
The serve port open cell, for being that it is necessary to openings for the serve port when the third judging result When, maintain the open serve port.
Optionally, the system also includes:Physics changes alarm module;The physics change alarm module includes physical bit Set information acquisition unit, the first physical location change judging unit, the second physical location change judging unit, physics change alarm Information generating unit, the second list alarm unit and the second alarm mail transmission unit;
The physical location information acquiring unit, for obtaining the corresponding current MAC address of the IP address in real time and working as The switch port of preceding access;
First physical location changes judging unit, for judging belonging to the current MAC address and the IP address The network address resources entry in the MAC Address that records it is whether identical, obtain the 4th judging result;
Second physical location changes judging unit, for judging the switch port being currently accessed and the IP Whether the access switch port recorded in the network address resources entry belonging to address is identical, obtains the 5th and judges As a result;
The physics changes warning message generation unit, for working as the 4th judging result or the 5th judging result In any one for be when, generate physical location change warning message;
The second list alarm unit, for the physical location to be changed warning message belonging to the IP address It is shown in the network address resources entry;
The second alarm mail transmission unit, for physical location change warning message to be sent to by mail Administrator's mailbox.
According to specific embodiment provided by the invention, the invention discloses following technique effects:
A kind of network address resources Visualized management system provided by the invention, including network address resources acquisition module, Network address resources display module and network address resources update module;The network address resources acquisition module obtains Intranet All-network address resource;The network address resources display module generates network address resources according to the network address resources List is simultaneously shown;The network address resources update module operates more according to the modification carried out to the network address resources The new network address resources list, the real-time update and visualization for realizing network address resources are shown, effectively prevent people Artificial careless omission that work operation occurs, IP address resource the problems such as being duplicatedly distributed, improve the network address resources efficiency of management with The safety management level of static network address resource in intranet environment.
Description of the drawings
It in order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, below will be to institute in embodiment Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the present invention Example, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these attached drawings Obtain other attached drawings.
Fig. 1 is a kind of structural schematic diagram of network address resources Visualized management system provided by the invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
The object of the present invention is to provide a kind of network address resources Visualized management systems, to realize network address resources Visualized management improves the safety management water of static network address resource in the network address resources efficiency of management and intranet environment It is flat.
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, below in conjunction with the accompanying drawings and specific real Applying mode, the present invention is described in further detail.
Existing network resource management center, IDC (Internet Data Center, Internet data center) region have More information system and the server apparatus carried for it, reaching the standard grade, run, is offline etc. for each information system have formd The management process of effect, but due to various real (intersectoral coordination, administrator's levels etc.) or the original of history (handing-over, forgetting etc.) The case where cause, management not in place, management absence, also happens occasionally, and at the same time, also and none technology is to each equipment or information The upper offline situation of system is monitored in real time, and there are larger managerial security risks.For this purpose, the present invention provides a kind of nets Network address resource Visualized management system improves network address resources management to realize the visualized management of network address resources The safety management level of static network address resource in efficiency and intranet environment.
Fig. 1 is a kind of structural schematic diagram of network address resources Visualized management system provided by the invention.Referring to Fig. 1, A kind of network address resources Visualized management system provided by the invention includes network address resources acquisition module 101, network Location resource display module 102, network address resources update module 103, network address resources statistical module 104, differentiated control mould Block 105, IP address monitoring module 106, IP service monitorings module 107 and physics change alarm module 108.
The network address resources acquisition module 101, the all-network address resource for obtaining Intranet, the institute of Intranet There are network address resources to be obtained by the network segment.The network address resources mainly include the particular use of each network segment, specifically Including IP address, MAC Address, computer name, user name, purposes description, OS Type, access switch name, interchanger IP, access switch port, modification time, the admin name for operation of modifying, serve port.The IP address and MAC Address, computer name, user name, purposes description, OS Type, access switch name, interchanger IP, access switch end Mouth, modification time, the admin name for operation of modifying and serve port correspond.The IP address includes static IP Address and dynamic IP addressing.
The network address resources display module 102, for generating network address resources according to the network address resources List is simultaneously shown.Specifically unified visualization can be carried out to the all-network address resource of Intranet on system software interface Show and analyzes.
The network address resources display module 102 specifically includes:
Network address resources entry generation unit, for by the corresponding MAC Address of the IP address, computer name, User name, purposes description, OS Type, access switch name, interchanger IP, access switch port, modification time, into The admin name of row modification operation, serve port correspond to and generate a network address resources entry;
Network address resources display unit, for arranging a plurality of network address resources entry, described in generation Network address resources list is simultaneously shown.
Investigation client is needed in failure, when there are divulging a secret the information security events such as needs evidence obtaining, passes through tradition IP address or the modes such as user login name to come location client end often time-consuming and laborious, need to carry out such as interchanger, DHCP Server, AD (Windows ActiveDirectories, Microsoft Active Directory) pre-control, network log-in management etc. covers system Or the combination of equipment, it could finally determine the information such as the identity, the identity of client, physical location of user, waste analysis and take " prime time " of card.The present invention integrates all network address money of Intranet by the network address resources display module 102 The corresponding MAC Address of each IP address, computer name, user name, purposes description, OS Type, access are handed in source Change planes name, interchanger IP, access switch port, modification time, the admin name for operation of modifying, serve port generate One network address resources entry is simultaneously shown.When failure needs to investigate client, the information such as collects evidence in the needs that occurring divulging a secret When security incident, the network address resources list can be directly accessed, according to the network address resources belonging to each IP address Entry can directly acquire the information such as the identity of user, the identity of client, physical location, and acquisition of information is accurate, timely, effectively The safety management level for improving dynamic and static network address resources in intranet environment realizes " can look into controllable " of equipment, improves Working efficiency, reduces security risk.
The network address resources update module 103, for obtaining the modification operation carried out to the network address resources, And the network address resources list is updated according to modification operation.
The network address resources update module 103 specifically includes modification operation judging unit, modification operates acquiring unit, Network address resources adding device, network address resources allocation unit and network address resources deleting unit are used for auditing system Addition, distribution and the corresponding IP resource operations of deletion of administrator.The system manager includes common management administrator and super pipe Reason person.
The modification operation judging unit, for judging whether system manager repaiies the network address resources Change operation, obtains the first judging result.
The modification operates acquiring unit, is to be carried out to the network address resources for working as first judging result When modification operation, modification action type and concrete modification operational order are obtained;The modification action type include addition, distribution and It deletes.
The network address resources adding device is used for when the modification action type is addition, according to described specific Modification operational order adds the corresponding position in the network address resources to the network address resources list.
The network address resources allocation unit is used for when the modification action type is distribution, according to described specific Modification operational order distributes the corresponding position in the network address resources to the network address resources list.
The network address resources deleting unit is used for when the modification action type is to delete, according to described specific Operational order is changed, the network address resources are deleted from the corresponding position in the network address resources list.
, can be with real-time update IP address list in this way by the network address resources update module 103, administrative staff are just Can from the network address resources list the open-and-shut distribution condition for obtaining existing IP resources, also can audit resources quilt Who dispenses, what purposes is made, and realizes the visualized management of network address resources.
Further, the network address resources statistical module 104 includes utilization rate statistic unit, time point statistic unit With administrator's statistic unit, the distribution service condition of each network address resources can be counted.
The utilization rate statistic unit, the utilization rate for counting the network address resources in each network segment according to the network segment And it shows.The existing utilization rate of statistics network address resource, the network resource utilization dispensed is presented with percentage, Foundation can be provided for the reasonable distribution of network address resources.
The time point statistic unit, the modification time for counting the network address resources according to time point, and It is shown in the network address resources list;
Administrator's statistic unit, for modifying operation to the network address resources according to administrator's statistics Admin name, and shown in the network address resources list.
It, can real-time record modification time and modification personnel, reality in this way when the network address resources list is changed Showed IP address modification, distribution look into it is controllable, when effectively preventing multiple administrators and co-operating a electrical form, due to The skimble-scamble phenomenon of data after modification caused by operation interface is not visible, operation note can not audit, while with also avoiding IP Network address resources caused by the duplicate allocation of location resource waste problem.
In order to improve the security performance of network address resources management, network address resources visualized management provided by the invention System also achieves the authority classification management to each network segment network address resources.System permission is divided into two-stage, is divided into administrator Account and ordinary user's account are responsible for other administrators or ordinary user wherein there are one super keepe account admin for acquiescence The foundation of account and the distribution of permission use.System manager can change and (increase, distribution, delete) network address resources, can To allow specific network address resources to be managed by specific administrator.Ordinary user can only check current network address resources Distribution and service condition, lack of competence modification.Super keepe account can audit the operation of common management administrator and ordinary user Situation.
Specifically, the differentiated control module 105 includes classification account registering unit, is classified account login unit, is common User right acquiring unit, common management administrator's authority acquiring unit and super keepe authority acquiring unit.
The classification account registering unit, for registering super keepe account, common management administrator's account and ordinary user Account;
The classification account logs in unit, for the super keepe account, common management administrator's account and described The login of ordinary user's account;
The normal user permission acquiring unit after being logged in for ordinary user's account, obtains normal user permission; The normal user permission only includes checking for the network address resources list;
Common management administrator's authority acquiring unit after being logged in for common management administrator's account, obtains common management Member's permission;Common management administrator's permission includes checking and changing operation to the network address resources list;
The super keepe authority acquiring unit obtains super management after being logged in for the super keepe account Member's permission;The super keepe permission include to the network address resources list checked and changed operation and it is right The normal user permission and common management administrator's permission are managed.
Also there is network address resources Visualized management system provided by the invention IP address and service to continue monitoring function. Wherein, IP address monitoring function, by timing scan detect IP address online situation, abnormal behaviour such as IP has been recycled but The IP address for situations such as line, system are offline but IP is online is alarmed.Mainly by integrating NMAP (Network on backstage Mapper, network mapping device) network port scanning plug-in unit, timer-triggered scheduler plan is set, the whole network address resource is detected, it is main Online address resource is collected by PING and port scan.After information is collected, online and non-online IP address passes through not With network logo icons distinguish.Still show that survival exists after IP address resource is recovered in the system, but by network detection Line then illustrates that the address resource is illegally occupied, at this point, system can be by way of log event alarm in homepage corresponding network segment Display can also be confirmed by way of mail is arranged and sends by administrator.
Specifically, the IP address monitoring module 106 includes recycling address resource acquiring unit, online address resource acquisition Unit, exception IP judging units, IP abnormal alarms information generating unit, first list alarm unit and the first alarm mail are sent Unit;
The recycling address resource acquiring unit, for obtaining the IP address recycled;
The online address resource acquisition unit, for obtaining online IP address;
The exception IP judging units, for judge the IP address recycled and the online IP address whether phase Together, the second judging result is obtained;
The IP abnormal alarms information generating unit, for being the IP address recycled when second judging result When identical as the online IP address, IP abnormal alarm information is generated;
The first list alarm unit, for the institute by the IP abnormal alarms information belonging to the online IP address It states and is shown in network address resources entry;
The first alarm mail transmission unit, for the IP abnormal alarms information through mail to be sent to administrator Mailbox.
IP service monitoring functions show the opening status of corresponding port, in time mainly by the monitoring of IP serve ports Track the particular use of IP resources.Plug-in unit is scanned by integrating the NMAP network ports on backstage, Internet resources are scheduled and are swept It retouches, all serve ports that each address resource opens all is set out.It, can after coming out the case where open port To combine operation system purposes, judging this resource, whether it is necessary to this open generic ports, to realize the optimization of network address resources Management.
Specifically, the IP service monitorings module 107 include serve port acquiring unit, serve port show, server-side Mouth judging unit and service open-ended unit.
The serve port acquiring unit, all serve ports opened for obtaining each IP address;
The IP address is added in the serve port display unit, all serve ports for opening the IP address In the affiliated network address resources entry and shown;
The serve port judging unit, for judging the serve port, whether it is necessary to openings, obtain third and judge As a result;
The serve port open cell, for being that it is necessary to openings for the serve port when the third judging result When, maintain the open serve port.
In addition, network address resources Visualized management system provided by the invention also has IP address and equipment investigation management Function.By integrated AD domain systems, IP address, MAC Address, login account, the computer name etc. of logged-in user are obtained in real time Information accomplishes the real-name management of IP address.And by integrating SNMP (Simple Network Management Protocol, Simple Network Management Protocol), obtain in real time each interchanger ARP (Address Resolution Protocol, Address resolution protocol) information such as table, mac address table, the physical location of each equipment is positioned in real time, and to the physics of equipment change etc. Behavior is timely alerted.
Wherein, the control of the domains AD is the Active Directory system of Microsoft, is managed collectively the user account of all internal address resources.It is logical It crosses and uses api interface, regular schedule plan is set, go on the domains AD control server to obtain IP address, MAC Address, login account, meter The network address resources information such as calculation machine name, then correspondence matching is associated in the network address resources list, thus With the specifically used person of definite network resource whom can be, accomplish that system of real name closes management.Meanwhile procotol is disclosed by SNMP, if Calling plan is set, is logged on on each interchanger by api interface, (IP address and the corresponding of MAC are closed the ARP table of acquisition System), in mac address table (MAC Address and port correspondence) data correlation to system database, with re-mapping the network On the Resources list of location, IP address and MAC Address, interchanger access interface, interchanger VLAN (Virtual can be presented in this way Local Area Network, virtual LAN) correspondence, the data obtained every time can all do in background system database It is primary to compare, just illustrate that on-position is changed when finding that information is inconsistent, system generates a change and accuses at this time It is alert, it can also notify administrator by lettergram mode.
The realization of B/S software architectures can be used in network address resources Visualized management system provided by the invention, and administrator is logical It crosses WEB interface and manages the system.Front and back end is all made of popular and ripe development language and tool, passes through LDAP (Lightweight Directory Access Protocol, Light Directory Access Protocol) domains slitless connection AD are controlled, and are passed through Snmp protocol reads exchanger information, realizes the system of real name of IP address, and by monitor analyze existing IP resources use and Line situation, the particular use and physical location for tracking IP resources, realize the real-time centralized management of network address resources.
Specifically, the physics change alarm module 108 includes:
Physical location information acquiring unit, for obtaining the corresponding current MAC address of the IP address in real time and currently connecing The switch port entered;
First physical location changes judging unit, for judging the current MAC address and the institute belonging to the IP address It whether identical states the MAC Address recorded in network address resources entry, obtains the 4th judging result;
Second physical location changes judging unit, for judging the switch port being currently accessed and the IP address Whether the access switch port recorded in the affiliated network address resources entry is identical, obtains the 5th and judges knot Fruit;
Physics changes warning message generation unit, for when in the 4th judging result or the 5th judging result Meaning one changes warning message when being, to generate physical location;
The second list alarm unit, for the physical location to be changed warning message belonging to the IP address It is shown in the network address resources entry;
The second alarm mail transmission unit, for physical location change warning message to be sent to by mail Administrator's mailbox.
As it can be seen that network address resources Visualized management system provided by the invention, is replaced using network address resources list Original electrical form inefficient way to manage realizes the fining of full-mesh network address resource and visualization centralized management, real The operation audit, state alarm and statistical analysis for having showed network address resources distribution, can make system manager and ordinary user The network address resources distribution condition of the whole network is grasped in time, and convenient and efficient inquiry network address resources correspondence ensure that IP Resource will not be duplicatedly distributed, it is therefore prevented that IP conflicts.It is held in conjunction with the practical use of IP address by the scanning and detection of timing The online situation of continuous monitoring IP address, the particular use of scanning probe IP resources monitor the current state of IP address, show simultaneously The opening status of corresponding port carries out alarm notification in real time, reduces safety management hidden danger.Pass through the integrated domains AD and SNMP moulds Block, the system of real name information and location information for obtaining IP address also achieve physical bit while realizing IP address system of real name The real-time tracing set enhances client event disposing capacity and safety management performance, improves general safety O&M and management It is horizontal.
Principle and implementation of the present invention are described for specific case used herein, and above example is said The bright method and its core concept for being merely used to help understand the present invention;Meanwhile for those of ordinary skill in the art, foundation The thought of the present invention, there will be changes in the specific implementation manner and application range.In conclusion the content of the present specification is not It is interpreted as limitation of the present invention.

Claims (8)

1. a kind of network address resources Visualized management system, which is characterized in that including:Network address resources acquisition module, net Network address resource display module and network address resources update module;
The network address resources acquisition module, the all-network address resource for obtaining Intranet;The network address resources Including IP address, MAC Address, computer name, user name, purposes description, OS Type, access switch name, interchanger IP, access switch port, modification time, the admin name for operation of modifying, serve port;
The network address resources display module is gone forward side by side for generating network address resources list according to the network address resources Row display;
The network address resources update module operates the modification that the network address resources carry out for obtaining, and according to The modification operation updates the network address resources list.
2. network address resources Visualized management system according to claim 1, which is characterized in that the network address money Source display module specifically includes:
Network address resources entry generation unit is used for the corresponding MAC Address of the IP address, computer name, user Name, OS Type, access switch name, interchanger IP, access switch port, modification time, is repaiied at purposes description Change the admin name of operation, serve port corresponds to and generates a network address resources entry;
Network address resources display unit generates the network for arranging a plurality of network address resources entry Address resource list is simultaneously shown.
3. network address resources Visualized management system according to claim 2, which is characterized in that the network address money Source update module specifically includes:
Operation judging unit is changed, operation is modified to the network address resources for judging whether, first is obtained and sentences Disconnected result;
Modification operation acquiring unit is to be modified operation to the network address resources for working as first judging result When, obtain modification action type and concrete modification operational order;The modification action type includes addition, distribution and deletes;
Network address resources adding device, for when the modification action type is addition, being operated according to the concrete modification The network address resources are added in instruction;
Network address resources allocation unit, for when the modification action type is distribution, being operated according to the concrete modification Instruction distributes the network address resources;
Network address resources deleting unit, for when the modification action type is to delete, being operated according to the concrete modification The network address resources are deleted in instruction.
4. network address resources Visualized management system according to claim 3, which is characterized in that the system is also wrapped It includes:Network address resources statistical module;The network address resources statistical module includes utilization rate statistic unit, time point statistics Unit and administrator's statistic unit;
The utilization rate statistic unit, for counting the utilization rate of the network address resources in each network segment according to the network segment and showing Show;
The time point statistic unit, modification time and display for counting the network address resources according to time point;
Administrator's statistic unit, the management for operation of modifying to the network address resources according to administrator's statistics Member's title is simultaneously shown.
5. network address resources Visualized management system according to claim 4, which is characterized in that the system is also wrapped It includes:Differentiated control module;The differentiated control module includes classification account registering unit, classification account login unit, commonly uses Family authority acquiring unit, common management administrator's authority acquiring unit and super keepe authority acquiring unit;
The classification account registering unit, for registering super keepe account, common management administrator's account and ordinary user's account;
The classification account logs in unit, for the super keepe account, common management administrator's account and described common The login of user account;
The normal user permission acquiring unit after being logged in for ordinary user's account, obtains normal user permission;It is described Normal user permission only includes checking for the network address resources list;
Common management administrator's authority acquiring unit after being logged in for common management administrator's account, obtains common management administrator's power Limit;Common management administrator's permission includes checking and changing operation to the network address resources list;
The super keepe authority acquiring unit after being logged in for the super keepe account, obtains super keepe power Limit;The super keepe permission includes being checked and being changed operation to the network address resources list and to described Normal user permission and common management administrator's permission are managed.
6. network address resources Visualized management system according to claim 5, which is characterized in that the system is also wrapped It includes:IP address monitoring module;The IP address monitoring module includes recycling address resource acquiring unit, online address resource acquisition Unit, exception IP judging units, IP abnormal alarms information generating unit, first list alarm unit and the first alarm mail are sent Unit;
The recycling address resource acquiring unit, for obtaining the IP address recycled;
The online address resource acquisition unit, for obtaining online IP address;
The exception IP judging units, for judging whether the IP address recycled and the online IP address are identical, obtain Obtain the second judging result;
The IP abnormal alarms information generating unit, for being the IP address recycled and institute when second judging result State online IP address it is identical when, generate IP abnormal alarm information;
The first list alarm unit, for the net by the IP abnormal alarms information belonging to the online IP address It is shown in network address resource entry;
The first alarm mail transmission unit, for the IP abnormal alarms information through mail to be sent to administrator's postal Case.
7. network address resources Visualized management system according to claim 6, which is characterized in that the system is also wrapped It includes:IP service monitoring modules;The IP service monitorings module include serve port acquiring unit, serve port show, server-side Mouth judging unit and service open-ended unit;
The serve port acquiring unit, all serve ports opened for obtaining each IP address;
The serve port display unit, all serve ports for opening the IP address are added belonging to the IP address The network address resources entry in and shown;
The serve port judging unit, for judging the serve port, whether it is necessary to openings, obtain third judging result;
The serve port open cell, for when it is necessary to when opening, tie up for the serve port for the third judging result Hold the open serve port.
8. network address resources Visualized management system according to claim 7, which is characterized in that the system is also wrapped It includes:Physics changes alarm module;The physics change alarm module includes physical location information acquiring unit, the first physical location Change judging unit, the second physical location change judging unit, physics change warning message generation unit, the secondary series statistical tables and reports Alert unit and the second alarm mail transmission unit;
The physical location information acquiring unit, for obtaining the corresponding current MAC address of the IP address in real time and currently connecing The switch port entered;
First physical location changes judging unit, for judging the current MAC address and the institute belonging to the IP address It whether identical states the MAC Address recorded in network address resources entry, obtains the 4th judging result;
Second physical location changes judging unit, for judging the switch port being currently accessed and the IP address Whether the access switch port recorded in the affiliated network address resources entry is identical, obtains the 5th and judges knot Fruit;
The physics changes warning message generation unit, for when in the 4th judging result or the 5th judging result Meaning one changes warning message when being, to generate physical location;
The second list alarm unit, described in by physical location change warning message belonging to the IP address It is shown in network address resources entry;
The second alarm mail transmission unit, for physical location change warning message to be sent to management by mail Member's mailbox.
CN201810553382.9A 2018-05-31 2018-05-31 Network address resource visualization management system Active CN108769289B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810553382.9A CN108769289B (en) 2018-05-31 2018-05-31 Network address resource visualization management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810553382.9A CN108769289B (en) 2018-05-31 2018-05-31 Network address resource visualization management system

Publications (2)

Publication Number Publication Date
CN108769289A true CN108769289A (en) 2018-11-06
CN108769289B CN108769289B (en) 2021-08-03

Family

ID=64001687

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810553382.9A Active CN108769289B (en) 2018-05-31 2018-05-31 Network address resource visualization management system

Country Status (1)

Country Link
CN (1) CN108769289B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110620682A (en) * 2019-08-26 2019-12-27 奇安信科技集团股份有限公司 Resource information acquisition method and device, storage medium and terminal
CN110943984A (en) * 2019-11-25 2020-03-31 中国联合网络通信集团有限公司 Asset safety protection method and device
CN112004161A (en) * 2020-07-09 2020-11-27 视联动力信息技术股份有限公司 Processing method and device of address resources, terminal equipment and storage medium
CN112579560A (en) * 2020-08-21 2021-03-30 中国科学院国家授时中心 Monitoring control management system and method
CN114143225A (en) * 2021-11-03 2022-03-04 中盈优创资讯科技有限公司 Method and device for dynamically monitoring abnormal active address based on network detection technology
CN114448935A (en) * 2022-01-05 2022-05-06 中盈优创资讯科技有限公司 Automatic pushing processing method and device for IP address availability alarm
CN115550317A (en) * 2022-09-19 2022-12-30 中国工商银行股份有限公司 Network resource management method, device, computer equipment and storage medium
CN115550203A (en) * 2022-12-01 2022-12-30 杭州中电安科现代科技有限公司 Visualization method, device, equipment and medium for flow communication information

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101083557A (en) * 2007-06-29 2007-12-05 中兴通讯股份有限公司 SNMP based IP network cluster managerial approach
CN102571550A (en) * 2010-12-30 2012-07-11 北京亿阳信通软件研究院有限公司 General information interaction platform and method
CN103312836A (en) * 2013-06-28 2013-09-18 国家电网公司 Large local network internet protocol (IP) address administration method
CN103379179A (en) * 2012-04-17 2013-10-30 中兴通讯股份有限公司 Method and system for planning network IP address
CN104184616A (en) * 2014-08-08 2014-12-03 国家电网公司 Intelligent management system for local area network resources
CN105391815A (en) * 2015-10-22 2016-03-09 广州咨元信息科技有限公司 Internet IP address resource collection and centralized management method
US20160218993A1 (en) * 2001-12-18 2016-07-28 Perftech, Inc. Internet provider subscriber communications system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160218993A1 (en) * 2001-12-18 2016-07-28 Perftech, Inc. Internet provider subscriber communications system
CN101083557A (en) * 2007-06-29 2007-12-05 中兴通讯股份有限公司 SNMP based IP network cluster managerial approach
CN102571550A (en) * 2010-12-30 2012-07-11 北京亿阳信通软件研究院有限公司 General information interaction platform and method
CN103379179A (en) * 2012-04-17 2013-10-30 中兴通讯股份有限公司 Method and system for planning network IP address
CN103312836A (en) * 2013-06-28 2013-09-18 国家电网公司 Large local network internet protocol (IP) address administration method
CN104184616A (en) * 2014-08-08 2014-12-03 国家电网公司 Intelligent management system for local area network resources
CN105391815A (en) * 2015-10-22 2016-03-09 广州咨元信息科技有限公司 Internet IP address resource collection and centralized management method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
刘辉舟: "《市县供电企业信息网络地址精细化管理和终端准入安全审计方法研究》", 《通讯世界》 *
杨钰: "《基于IP地址的供电公司信息管理系统》", 《软件》 *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110620682B (en) * 2019-08-26 2023-01-06 奇安信科技集团股份有限公司 Resource information acquisition method and device, storage medium and terminal
CN110620682A (en) * 2019-08-26 2019-12-27 奇安信科技集团股份有限公司 Resource information acquisition method and device, storage medium and terminal
CN110943984A (en) * 2019-11-25 2020-03-31 中国联合网络通信集团有限公司 Asset safety protection method and device
CN110943984B (en) * 2019-11-25 2021-09-28 中国联合网络通信集团有限公司 Asset safety protection method and device
CN112004161A (en) * 2020-07-09 2020-11-27 视联动力信息技术股份有限公司 Processing method and device of address resources, terminal equipment and storage medium
CN112004161B (en) * 2020-07-09 2024-05-28 视联动力信息技术股份有限公司 Address resource processing method and device, terminal equipment and storage medium
CN112579560A (en) * 2020-08-21 2021-03-30 中国科学院国家授时中心 Monitoring control management system and method
CN114143225A (en) * 2021-11-03 2022-03-04 中盈优创资讯科技有限公司 Method and device for dynamically monitoring abnormal active address based on network detection technology
CN114448935A (en) * 2022-01-05 2022-05-06 中盈优创资讯科技有限公司 Automatic pushing processing method and device for IP address availability alarm
CN114448935B (en) * 2022-01-05 2024-01-05 中盈优创资讯科技有限公司 Automatic pushing processing method and device for IP address availability alarm
CN115550317A (en) * 2022-09-19 2022-12-30 中国工商银行股份有限公司 Network resource management method, device, computer equipment and storage medium
CN115550317B (en) * 2022-09-19 2024-05-28 中国工商银行股份有限公司 Network resource management method, device, computer equipment and storage medium
CN115550203A (en) * 2022-12-01 2022-12-30 杭州中电安科现代科技有限公司 Visualization method, device, equipment and medium for flow communication information
CN115550203B (en) * 2022-12-01 2023-03-10 杭州中电安科现代科技有限公司 Visualization method, device, equipment and medium for traffic communication information

Also Published As

Publication number Publication date
CN108769289B (en) 2021-08-03

Similar Documents

Publication Publication Date Title
CN108769289A (en) A kind of network address resources Visualized management system
CN105119750B (en) A kind of safe operation management platform system of distributed information based on big data
CN105139139B (en) Data processing method and device and system for O&M audit
CN109831327A (en) IMS full service network based on big data analysis monitors intelligent operation support system
US7185366B2 (en) Security administration server and its host server
CN102158360B (en) Network fault self-diagnosis method based on causal relationship positioning of time factors
CN106059087B (en) A kind of intelligent substation vulnerability analysis assessment system
CN105721198B (en) A kind of video monitoring system Log security auditing method
CN212259006U (en) Network security management equipment
CN111092869A (en) Security management and control method for terminal access to office network and authentication server
CN108960456A (en) Private clound secure, integral operation platform
CN108900541A (en) One kind being directed to cloud data center SDN Security Situation Awareness Systems and method
CN105282772A (en) Wireless network data communication equipment monitoring system and equipment monitoring method
CN106412113A (en) Energy cloud service system and communication method thereof
CN106131023A (en) A kind of Information Security Risk strength identifies system
CN108270716A (en) A kind of audit of information security method based on cloud computing
CN107426191A (en) A kind of leak early warning and emergency response automatic warning system
CN106779485B (en) SOA architecture-based comprehensive management system and data processing method
CN106055984A (en) Classified management method applied to security baseline software
CN107659618A (en) A kind of cloud auditing system
CN110430265A (en) A kind of method and device obtaining server and inter-exchange corresponding relationship
CN105072386A (en) Video networking system based on multicast technologies and state monitoring method
CN114553471A (en) Tenant safety management system
CN112333020A (en) Network security monitoring and data message analyzing system based on quintuple
CN106911510A (en) The availability monitoring system and method for network admittance system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20210708

Address after: 510600 room 603, 6 / F, No.15 software Road, Tianhe District, Guangzhou City, Guangdong Province

Applicant after: Guangdong Liqian Intelligent Technology Co.,Ltd.

Address before: C1, 12th floor, Everbright Bank building, 689 Tianhe North Road, Tianhe District, Guangzhou, Guangdong 510000

Applicant before: GUANGZHOU JINHUACHENG TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant