CN1317849C - Network management system and method - Google Patents
Network management system and method Download PDFInfo
- Publication number
- CN1317849C CN1317849C CNB021112517A CN02111251A CN1317849C CN 1317849 C CN1317849 C CN 1317849C CN B021112517 A CNB021112517 A CN B021112517A CN 02111251 A CN02111251 A CN 02111251A CN 1317849 C CN1317849 C CN 1317849C
- Authority
- CN
- China
- Prior art keywords
- network management
- application server
- client
- protocol
- management system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Abstract
The present invention discloses a network management system and a method. A three-layer structure of the network management system is composed of a client, an application server and managed objects; the network management communication protocol is used for the communication between the application server and the managed objects, and the application server and the managed objects are both positioned in a secure network environment; the client communicates with the application server by using a communication protocol which is suitable for the Internet environment through the Internet; the application server is responsible for parsing a message request from the client, converts the message request into a request of a corresponding network management protocol, sends the request to the managed objects, converts the related data of the managed objects into a corresponding message, and sends the message to the client. By using the network management system and the method of the present invention, the security of the managed equipment in the Internet environment can be enhanced, and the present invention is suitable for the network management field of data communication, especially under the Internet environment.
Description
Technical field:
The present invention relates to a kind of field of network management of data communication, particularly the method for unifying of the NMS in internet environment.
Background technology:
Along with the development of network, communication and computer software technology, most of enterprises face the globalization competition.The computer system of modern enterprise comprises various device, and is distributed in the whole nation even all over the world.This just needs a kind of software can be easily by computer system and the various device of internet management with the monitoring various places.And the existing network management software majority of most of enterprises all is based on traditional Client.Following problem is arranged today that this pattern prevails in the Internet:
1, be example based on network management system based on Simple Network Management Protocol (SNMP).Because SNMP is one of the agreement of the application layer of TCP/IP, so client is in order to manage corresponding apparatus, just may need correct h.323-configured gateway or route to carry out network management by SNMP.At first for general user, correct h.323-configured gateway or route may be the comparison difficulties; Secondly in internet environment, client must be able to be set up the connection of User Datagram Protoco (UDP) (UDP) to managed devices, and this is unsafe in internet environment.Be not suitable for the network environment of the Internet more based on other the network management system of procotol.
2, for the sake of security, the equipment in most of networks need be at the host address of proxy for equipment end configuration network management system.If do not dispose the host address of this network management system in the equipment disposition table, proxy for equipment is the request of not handling network management system.Network management system also just can not have been carried out the operation of network of relation management.In internet environment, the IP address of most of clients is by the ISP dynamic assignment, and the uncertainty of IP address causes the infeasible of network management.In some cases, client may need could access means to act on behalf of through fire compartment wall.At this time, proxy for equipment and network management system can not directly connect.This is the network management that is difficult to realize internet environment for the network management based on customer end/server mode.
3, from the angle of safety.If do not have separator between the network equipment and the Internet, can there be potential safety hazard.And in many network management protocols, security consideration is fewer.With the snmp protocol is example, all safety is proposed total solution in first, second version of snmp protocol, and just goes here and there the simple control of carrying out authority by group.If proxy for equipment is exposed in the internet environment, unique hacker can analyze the content that the UDP message just can be known group's string by the network message analysis tool.If store sensitive data in the network management information storehouse of the network equipment, this will be very large potential safety hazard.Though the simple network management communication protocol third edition has had solution preferably, implements more complicated, and existing most equipment is not supported.
And because the network management system of internet environment must guarantee safety, so managed devices must be positioned in the secure network, Internet user's visit must guarantee safety through the filtration of fire compartment wall.The existing NMS method of unifying can't well solve the problem of this respect.
Summary of the invention:
The present invention has overcome the deficiency of existing network management system, has proposed a kind of secure network management system in internet environment.
The invention allows for a kind of network management, client can be passed through the Internet, and through fire compartment wall managed device is carried out safe network management.
Network management system of the present invention comprises: client, application server, managed object; Network management communication protocol is used in communication between application server and the managed object, all is arranged in secure network environment; Client adopts communication protocol and the application server communication that is suitable for internet environment by the Internet; Application server is responsible for resolving the message request of client, and is converted into the request of corresponding network management communication protocol, sends to managed object, and the related data of managed object is converted into corresponding message sends to client.
Described managed object is managed device or managed device agency.
Network management communication protocol between described application server and the managed object is Simple Network Management Protocol, telecommunicatioin network management agreement or Q3 agreement.
Communication protocol between described client and the application server is http protocol, Simple Mail Transfer protocol, NNTP or Simple Object Access Protocol.
Between described client and the application server fire compartment wall can be set, guarantee the safety of secure network environment.
A kind of network management that the present invention proposes, implementation step is as follows:
1) protocol processor of client selection and application server communication;
2) the protocol processor example dissolves a stream handle and uses for client;
3) client will send to stream handle to the relevant information of managed object network management;
4) stream handle is set up and the writing to each other of application server, and the client-side information that receives is changed into the transmissible message of agreement sends to application server;
5) application server is with all requests response respectively to client of the mode of multithreading;
6) message information that receives of application server analysis, and call the application programming interfaces of network management communication protocol;
7) application server is finished interacting message with managed object by network management communication protocol, and application programming interfaces and the stream handle of result by network management communication protocol returned client.
Network management of the present invention has strengthened the fail safe of managed devices in the internet environment.
Client after the improvement just can be used different communication protocol by using different protocol processors, and these protocol processors all can self-defined and exchange.This all has extraordinary flexibility for different user's requests and environmental requirement.Can make the internet client can be by the proxy for equipment of firewall access in the internal network.
Description of drawings:
Fig. 1 is the overall construction drawing of network management system of the present invention;
Fig. 2 is the schematic diagram of network management of the present invention;
Fig. 3 is the client communication process chart in the network management of the present invention;
Fig. 4 is the application server processes flow chart in the network management of the present invention;
Fig. 5 is the networking schematic diagram that network management system of the present invention is used;
Embodiment:
Further describe network management system of the present invention below in conjunction with Fig. 1:
System construction drawing as shown in Figure 1, network management system of the present invention adopts three-layer architecture, and three-layer architecture is carried out following division:
Client 11 is ground floor, i.e. presentation layer; The second layer is an application server 12; The 3rd layer is managed object 13.Client 11 can be communicated by letter with application server 12 through fire compartment wall.Application server 12 and managed object 13 are all in secure network environment, and communication is used is existing network management communication protocol as SNMP, telecommunicatioin network management agreement, Q3 agreement or the like, are example with SNMP among Fig. 1.
Communication protocol between client 11 and the application server 12 can adopt the communication protocol that is suitable for internet environment.As http protocol, Simple Mail Transfer protocol, NNTP, Simple Object Access Protocol SOAP or the like, be example with the http protocol among Fig. 1.The carrier of information can use simple text or use the XML file format.
Application server 12 except finish respectively with client 11 and managed object 13 between communicate by letter, also to resolve the request of client 11, and be converted into the request of corresponding NMP.Except and managed object 13 between carry out mutual, also related data to be converted into corresponding message and send it back client 11.
Below just adopt http protocol to communicate by letter at client and server end, server end and management object adopt the typical case of snmp protocol to discuss.
System forms:
Application server 12 mainly is to be made of Servlet (server-side dynamic pages) engine 23, realizes the WWW service of dynamic Service end; Also comprise SNMP API (SNMP application programming interfaces) 24, be used to realize SNMP communication.
The object of being managed 13 can be the proxy for equipment 25 of any support SNMP.
With reference to network management schematic diagram shown in Figure 2, the association requests of client 11 is communicated by letter by the WEB application server 12 in http protocol processor 21 and intermediate layer.Application server 12 is resolved the HTTP header information, and the request of client 11 is converted into the relevant parameter of SNMP, and is responsible for request is sent to the agency 25 of managed device and receives response message, returns response by HTTP again and gives client 11.
As can be seen from the above, communication process is a more complicated.In order to simplify the intractability of application client, need be with communication process and content separate processes.The processing of content is relevant with corresponding business, varies for its processing procedure of different equipment, here is not discussed.Focus on the processing of communication here.In order to handle the communication of various protocols, the notion of protocol processor has been proposed.Because the communication process of different agreement is diverse, thus can be according to the different different protocol processors of communication protocol exploitation, and the business development personnel select for use different protocol processors to get final product according to different situations in software development then.Like this, the service logic developer just can share out the work and help one another with the communication software developer.Service logic developer only pays attention to business, i.e. the processing of Content of Communication; The protocol processor developer only is concerned about the processing of communication protocol details.
In the core library of Java language, comprised many protocol processors commonly used, as: FTP, TELNET, HTTP or the like.When using Java to carry out the exploitation of application program, can use the http protocol processor.But the efficient during http protocol processor processing http communication that Java provides is very low.Because in Java, need wait for during the returning of data that practical communication finishes after, yet under long situation of communication process time, the client just needs to wait for the very long time.Therefore, can simplify it, as: the POST and the GET method that only need to realize http protocol get final product, and make the data of service end response in time to return like this.
Describe network management of the present invention in detail in conjunction with Fig. 3 and 4 more below.
Client communication handling process as shown in Figure 3, application client was at first selected protocol processor for use before mutual with service end, select for use the http protocol processor of simplification to handle here.By providing the http communication agreement needed relevant parameter, as: server address, http port number or the like, self-defining stream handle 22 of protocol processor 21 instantiations returns to client.Client-side program need provide the relevant information of relevant SNMP operation to stream handle 22, as: managed object agency's IP address, SNMP port numbers, group's string or the like.Stream handle 22 is set up TCP with service end 12 and is connected, and then above-mentioned relevant parameter is converted into the form of HTTP message, sends to service end.
With reference to application server processes flow process shown in Figure 4, application server uses the Servlet engine 23 of Java to realize dynamic HTTP service in order to realize the HTTP service.Common network management information storehouse 26 query manipulation MIB-Get, MIB-Set, SNMP-Walk, SNMP-GetNext four general Servlet classes have been developed respectively.Start the Servlet engine when starting the WEB-application server, server just can carry out HTTP and serve.Servlet in the Servlet engine of server just is written in the internal memory by instantiation and the corresponding service of beginning after being employed program client or browser client visit.
The Servlet engine 23 of service end monitors after the request of client, can call corresponding Servlet example in the mode of multithreading response is made in all users' request.The Servlet example of service end calls SNMP API by the parameter information of analyzing the HTTP request and the managed device agency carries out the mutual of SNMP, then the result is sent it back client by HTTP.
A SOCKS server has been installed in the networking signal that network management system is as shown in Figure 5 used between client and application server.For the sake of security, fire compartment wall does not allow contacting directly between the Internet and the internal network.And must finish the task of agent communication by SOCKS server.Here, agency service is a HTTP Proxy.This time, client was selected http protocol processor and corresponding stream handle for use.Like this, client just can be by the application server of firewall access in the internal network.Application server is by the parsing to client-requested, and the NMP and the corresponding equipment agency that will select client to require communicate.And the data result of needs returned to client.Managed object can directly be a managed device, also can finish network management to managed device by the agency.
Claims (8)
1. a network management system is characterized in that, described network management system comprises: client, application server, managed object; Network management communication protocol is used in communication between application server and the managed object, all is arranged in secure network environment; Client adopts communication protocol and the application server communication that is suitable for internet environment by the Internet; Application server is responsible for resolving the message request of client, and is converted into the request of corresponding network management communication protocol, sends to managed object, and the related data of managed object is converted into corresponding message sends to client.
2. a kind of network management system according to claim 1 is characterized in that, described managed object is managed device or managed device agency.
3. a kind of network management system according to claim 1 is characterized in that, described client comprises: protocol processor, be responsible for handling the protocol processes between client and the application server; Stream handle is responsible for connecting with application server.
4. a kind of network management system according to claim 1 is characterized in that, described application server comprises: the dynamic page engine, realize the WWW service of application server end; Application programming interfaces are used to realize communicating by letter of application server and managed object.
5. according to claim 1 or 2 or 3 or 4 described a kind of network management system, it is characterized in that the network management communication protocol between described application server and the described managed object is Simple Network Management Protocol, telecommunicatioin network management agreement or Q3 agreement.
6. according to claim 1 or 2 or 3 or 4 described a kind of network management system, it is characterized in that the communication protocol between described client and the described application server is http protocol, Simple Mail Transfer protocol, NNTP or Simple Object Access Protocol.
7. according to claim 1 or 2 or 3 or 4 described a kind of network management system, it is characterized in that, between described client and the application server fire compartment wall is set.
8. a network management is characterized in that, performing step is:
1) protocol processor of client selection and application server communication;
2) described protocol processor example dissolves a stream handle and uses for described client;
3) described client will send to described stream handle to the relevant information of managed object network management;
4) writing to each other of described stream handle foundation and described application server, and the client-side information that receives is changed into the transmissible message of agreement and sends to described application server;
5) described application server is with all requests response respectively to described client of the mode of multithreading;
6) message information that receives of described application server analysis, and call the application programming interfaces of network management communication protocol;
7) described application server is finished interacting message with described managed object by network management communication protocol, and application programming interfaces and the described stream handle of result by network management communication protocol returned client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021112517A CN1317849C (en) | 2002-03-30 | 2002-03-30 | Network management system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021112517A CN1317849C (en) | 2002-03-30 | 2002-03-30 | Network management system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1449157A CN1449157A (en) | 2003-10-15 |
| CN1317849C true CN1317849C (en) | 2007-05-23 |
Family
ID=28680511
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB021112517A Expired - Lifetime CN1317849C (en) | 2002-03-30 | 2002-03-30 | Network management system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1317849C (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100364270C (en) * | 2003-12-16 | 2008-01-23 | 北京航空航天大学 | Dynamically constructed network management method |
| CN1921480A (en) * | 2005-08-22 | 2007-02-28 | 华为技术有限公司 | Method and system for realizing application business |
| CN102883284A (en) * | 2012-09-06 | 2013-01-16 | 大唐移动通信设备有限公司 | Network management method and system based on mobile terminal |
| CN103684822A (en) * | 2012-09-12 | 2014-03-26 | 中国移动通信集团公司 | Method and equipment for managing network equipment |
| CN103064385B (en) * | 2012-12-21 | 2016-03-02 | 深圳市国电科技通信有限公司 | A kind of electric power information monitoring system and wireless networking method thereof |
| CN105653374B (en) | 2014-11-12 | 2020-04-28 | 华为技术有限公司 | Method, device and system for executing distributed transaction resources |
| WO2020024303A1 (en) * | 2018-08-03 | 2020-02-06 | 华为技术有限公司 | Data collection method and apparatus |
| CN109787845A (en) * | 2019-03-25 | 2019-05-21 | 国家计算机网络与信息安全管理中心 | A method of based on the snmp management network equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1142296A (en) * | 1994-02-28 | 1997-02-05 | 英国电讯有限公司 | Data storage device |
| WO1998004067A1 (en) * | 1996-07-19 | 1998-01-29 | Cisco Systems, Inc. | Method and apparatus for providing multiple management interfaces to a network device |
| WO2000018069A1 (en) * | 1998-09-22 | 2000-03-30 | Nokia Networks Oy | Process and device for managing at least one network element in a telecommunication network |
| CN1258416A (en) * | 1997-03-28 | 2000-06-28 | 艾利森电话股份有限公司 | Use of web technology for subscriber management activities |
| CN1290093A (en) * | 1999-09-27 | 2001-04-04 | 深圳市华为技术有限公司 | Method and implementing interconnection between LAN by telecommunication network |
-
2002
- 2002-03-30 CN CNB021112517A patent/CN1317849C/en not_active Expired - Lifetime
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1142296A (en) * | 1994-02-28 | 1997-02-05 | 英国电讯有限公司 | Data storage device |
| WO1998004067A1 (en) * | 1996-07-19 | 1998-01-29 | Cisco Systems, Inc. | Method and apparatus for providing multiple management interfaces to a network device |
| CN1258416A (en) * | 1997-03-28 | 2000-06-28 | 艾利森电话股份有限公司 | Use of web technology for subscriber management activities |
| WO2000018069A1 (en) * | 1998-09-22 | 2000-03-30 | Nokia Networks Oy | Process and device for managing at least one network element in a telecommunication network |
| CN1290093A (en) * | 1999-09-27 | 2001-04-04 | 深圳市华为技术有限公司 | Method and implementing interconnection between LAN by telecommunication network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1449157A (en) | 2003-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP3980596B2 (en) | Method and system for remotely and dynamically configuring a server | |
| EP1025507B1 (en) | Combined internet and data access system | |
| US7543289B2 (en) | Method for accessing and collaborating between servlets located on different Java virtual machines | |
| US8151281B2 (en) | Method and system of mapping at least one web service to at least one OSGi service | |
| US7441008B2 (en) | Method for correlating transactions and messages | |
| CA2543753C (en) | Method and system for accessing and managing virtual machines | |
| US8468541B2 (en) | Event driven sendfile | |
| EP0822692A2 (en) | A client object API and gateway to enable OLTP via the internet | |
| US20070124475A1 (en) | Creating proxies from service description metadata at runtime | |
| US20130086594A1 (en) | Execution of applications distributed across a plurality of computing devices | |
| JPH11312153A (en) | Method and device for managing work load between object servers | |
| WO1995017063A1 (en) | Object-oriented secured communications system | |
| WO2009006058A2 (en) | Management of external hardware appliances in a distributed operating system | |
| CN1317849C (en) | Network management system and method | |
| EP2656591B1 (en) | DNS proxy service for multi-core platforms | |
| JP4009591B2 (en) | Domain naming system (DNS) for accessing databases | |
| WO1999060459A2 (en) | Method and apparatus for effective traffic localization through domain name system | |
| CN100352198C (en) | Method and system for processing a request for a plurality of web services | |
| US6799215B1 (en) | Method and apparatus for providing logical unit definitions for telenet servers | |
| US20050193119A1 (en) | Method, system and program product for resolving prerequisites for a client device in an open service gateway initiative (OSGi) framework | |
| US8250236B2 (en) | Method and apparatus for translating a web services address | |
| CN115516842A (en) | Orchestration broker service | |
| RU2798799C1 (en) | Method for collecting and storing network data obtained from broadcasting an ip address | |
| CN1787538A (en) | Method for computer positioning of dynamic IP selective calling network | |
| CA2210206C (en) | Internet application access server apparatus and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term |
Granted publication date: 20070523 |
|
| CX01 | Expiry of patent term |