CN204481839U - A kind of On-line network monitoring device - Google Patents
A kind of On-line network monitoring device Download PDFInfo
- Publication number
- CN204481839U CN204481839U CN201520117162.3U CN201520117162U CN204481839U CN 204481839 U CN204481839 U CN 204481839U CN 201520117162 U CN201520117162 U CN 201520117162U CN 204481839 U CN204481839 U CN 204481839U
- Authority
- CN
- China
- Prior art keywords
- module
- user
- monitoring device
- line network
- network monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
This application discloses a kind of On-line network monitoring device, be applied between the network user, it is characterized in that, this On-line network monitoring device comprises: at least one transceiver module, analysis module, memory module and forwarding module, wherein, transceiver module couples mutually with described analysis module; Analysis module couples mutually with described transceiver module, memory module and forwarding module respectively; Memory module couples mutually with described analysis module; Forwarding module, couples mutually with described analysis module and memory module respectively.On-line network monitoring device of the present utility model, as long as be connected in network link by this On-line network monitoring device, namely can detect all transmission data through this link, and configuration is simple, is convenient to dispose.
Description
Technical field
The utility model belongs to communication test field, comprises test and the maintenance of ethernet network, to test and the maintenance of partial wideband, client's special line and group's network, relates to a kind of On-line network monitoring device.
Background technology
Go through years development, the Internet has become the important component part of Global Internet development.The Internet overall permeation to the every field of economic society, promotes the whole world to development of information.
In order to the sound development of maintaining network, need network supervision department, at any time the safety of monitor network information, avoid the generation of the network crime.Therefore network detection system is needed.
There is following shortcoming in network monitor of the prior art:
1. prevailing network detection system, huge and complicated, is not easy to promote.
2. a lot of small company demand of having company's internal network to detect, but do not have enough economic strengths to buy the network detection system of costliness.
3. prevailing network detection system, configuration is complicated.Require higher to operator quality.
Utility model content
The purpose of this utility model is to overcome above-mentioned deficiency, provides a kind of On-line network monitoring device.
To achieve these goals, the technical solution adopted in the utility model is: a kind of On-line network monitoring device, is applied between the network user, and this On-line network monitoring device comprises: at least one transceiver module, analysis module, memory module and forwarding module, wherein
Described transceiver module, couples mutually with described analysis module, for carrying out break-through operation to the packet through this On-line network monitoring device link, is sent to described analysis module;
Described analysis module, couple mutually with described transceiver module, memory module and forwarding module respectively, for carrying out Scanning Detction to the described packet of break-through, the transceiving data bag of each user of statistics and analysis and occupied bandwidth information, obtain suspicious user information, and be sent to described memory module and forwarding module respectively;
Described memory module, couples mutually with described analysis module, for storing the transceiving data bag of each user of statistics and analysis that described analysis module sends;
Described forwarding module, couples mutually with described analysis module and memory module respectively, for being forwarded to monitoring department to the transceiving data bag of user and occupied bandwidth information.
Preferably, described analysis module, the packet being further used for being sent by described transceiver module according to MAC, IP, MPLS or VLAN carries out information classification and sequence, also for modifying and intercept operation to described packet.
Preferably, described analysis module, couple mutually with described transceiver module, memory module and forwarding module respectively, for carrying out Scanning Detction to the described packet of break-through, be further, described analysis module, couples mutually with described transceiver module, memory module and forwarding module respectively, for carrying out Scanning Detction by MAC, IP, MPLS, VLAN or the described packet of the User Defined condition of scanning to break-through.
The utility model also provides a kind of method of testing applying above-mentioned On-line network monitoring device, comprising:
Described On-line network monitoring device is connected in tested network, break-through operation is carried out to the packet through link;
Scanning Detction is carried out by MAC, IP, MPLS, VLAN or the described packet of the User Defined condition of scanning to break-through;
According to online scanning information, to the user meeting scans content, sort according to MAC, IP, MPLS or VLAN, add up transceiving data bag and the occupied bandwidth information of each user;
Store the transceiving data bag of described each user;
Monitoring department is forwarded to the transceiving data bag of user and occupied bandwidth information.
Preferably, also comprise: according to MAC, IP, MPLS or VLAN, described packet is carried out information classification and sequence, also for modifying and intercept operation to described packet.
The utility model also provides a kind of method of testing applying above-mentioned On-line network monitoring device, comprising:
Be connected in tested network by described On-line network monitoring device, described On-line network monitoring device is in break-through pattern, directly carries out forwarding operation to the packet received;
User arranges the station address needing statistics;
By station address, parse the IP address corresponding with it;
Being scanned across all packets of described On-line network monitoring device place link, adding up meeting the content detecting IP;
Analyze described packet, obtain the user MAC and the IP address that connect this website;
Counting user sends the number of times and time that connect web site requests, and record websites response user connects the time of website, subtracts and clicks the time difference, obtain the time delay of user's online according to the response time;
Click the number of times of each website according to users all in the statistical test time, and ask and the time delay met with a response at every turn;
Generate testing journal sheet, be transmitted to monitoring department.
Compared with prior art, On-line network monitoring device of the present utility model, has following beneficial effect:
(1) as long as be connected in network link by this On-line network monitoring device, namely can detect all transmission data through this link, configuration is simple, is convenient to dispose.
(2) can realize carrying out extraction and analysis, link trace to the network information.
(3) can modify to specifying information, be convenient to intercept particular content.
(4) simple to operate, fail safe is high, can not affect or interrupt the information transmission of user.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide further understanding of the present application, and form a application's part, the schematic description and description of the application, for explaining the application, does not form the improper restriction to the application.In the accompanying drawings:
Fig. 1 is the On-line network monitoring structure drawing of device of embodiment 1;
Fig. 2 is the On-line network monitoring method flow diagram of embodiment 1;
Fig. 3 is the On-line network monitoring method flow diagram of embodiment 3;
Fig. 4 is the On-line network monitoring application of installation schematic diagram of embodiment 2;
Fig. 5 is the On-line network monitoring application of installation schematic diagram of embodiment 3.
Embodiment
As employed some vocabulary to censure specific components in the middle of specification and claim.Those skilled in the art should understand, and hardware manufacturer may call same assembly with different noun.This specification and claims are not used as with the difference of title the mode distinguishing assembly, but are used as the criterion of differentiation with assembly difference functionally." comprising " as mentioned in the middle of specification and claim is in the whole text an open language, therefore should be construed to " comprise but be not limited to "." roughly " refer to that in receivable error range, those skilled in the art can solve the technical problem within the scope of certain error, reach described technique effect substantially.Specification subsequent descriptions is implement the better embodiment of the application, and right described description is for the purpose of the rule that the application is described, and is not used to the scope limiting the application.The protection range of the application is when being as the criterion depending on the claims person of defining.
Embodiment 1
Composition graphs 1, the utility model provides a kind of On-line network monitoring device, is applied between the network user, and this On-line network monitoring device comprises: two transceiver modules, 101, analysis module, 102, memory module 103 and a forwarding module 104, wherein,
Described transceiver module 101, couples mutually with described analysis module 102, for carrying out break-through operation to the packet through this On-line network monitoring device link, is sent to described analysis module 102;
Described analysis module 102, couple mutually with described transceiver module 101, memory module 103 and forwarding module 104 respectively, for carrying out Scanning Detction to the described packet of break-through, the transceiving data bag of each user of statistics and analysis and occupied bandwidth information, obtain suspicious user information, and be sent to described memory module 103 and forwarding module 104 respectively;
Described memory module 103, couples mutually with described analysis module 102, for storing the transceiving data bag of each user of statistics and analysis that described analysis module 102 sends;
Described forwarding module 104, couples mutually with described analysis module 102 and memory module 103 respectively, for being forwarded to monitoring department to the transceiving data bag of user and occupied bandwidth information.
Described analysis module 102, is further used for the packet that described transceiver module 101 sends being carried out information classification and sequence, also for modifying and intercept operation to described packet according to MAC, IP, MPLS, VLAN or the User Defined condition of scanning.
Described analysis module 102, couple mutually with described transceiver module 101, memory module 103 and forwarding module 104 respectively, for carrying out Scanning Detction to the described packet of break-through, be further, described analysis module 102, couple mutually with described transceiver module 101, memory module 103 and forwarding module 104 respectively, for carrying out Scanning Detction by MAC, IP, MPLS, VLAN or the described packet of the User Defined condition of scanning to break-through.
As shown in Figure 2, the utility model also provides a kind of method of testing applying above-mentioned On-line network monitoring device, comprising:
Described On-line network monitoring device is connected in tested network, break-through operation is carried out to the packet through link;
Scanning Detction is carried out by MAC, IP, MPLS, VLAN or the described packet of the User Defined condition of scanning to break-through;
According to online scanning information, to the user meeting scans content, sort according to MAC, IP, MPLS or VLAN, add up transceiving data bag and the occupied bandwidth information of each user;
Store the transceiving data bag of described each user;
Monitoring department is forwarded to the transceiving data bag of user and occupied bandwidth information.
This method of testing also comprises: according to MAC, IP, MPLS or VLAN, described packet is carried out information classification and sequence, also for modifying and intercept operation to described packet.
As shown in Figure 3, the utility model also provides a kind of method of testing applying above-mentioned On-line network monitoring device, comprising:
Be connected in tested network by described On-line network monitoring device, described On-line network monitoring device is in break-through pattern, directly carries out forwarding operation to the packet received;
User arranges the station address needing statistics;
By station address, parse the IP address corresponding with it;
Being scanned across all packets of described On-line network monitoring device place link, adding up meeting the content detecting IP;
Analyze described packet, obtain user MAC and the IP address of clicking website;
Counting user clicks number of times and the time of website, and record websites response user connects the time of website, subtracts and clicks the time difference, obtain the time delay of user's online according to the response time;
Click the number of times of each website according to users all in the statistical test time, and ask and the time delay met with a response at every turn;
Generate testing journal sheet, be transmitted to monitoring department.
Embodiment 2
The utility model provides a kind of On-line network monitoring device, is applied between the network user, and this On-line network monitoring device comprises: at least one transceiver module 101, analysis module 102, memory module 103 and forwarding module 104, wherein,
Described transceiver module 101, couples mutually with described analysis module 102, for carrying out break-through operation to the packet through this On-line network monitoring device link, is sent to described analysis module 102;
Described analysis module 102, couple mutually with described transceiver module 101, memory module 103 and forwarding module 104 respectively, for carrying out Scanning Detction to the described packet of break-through, the transceiving data bag of each user of statistics and analysis and occupied bandwidth information, obtain suspicious user information, and be sent to described memory module 103 and forwarding module 104 respectively;
Described memory module 103, couples mutually with described analysis module 102, for storing the transceiving data bag of each user of statistics and analysis that described analysis module 102 sends;
Described forwarding module 104, couples mutually with described analysis module 102 and memory module 103 respectively, for being forwarded to monitoring department to the transceiving data bag of user and occupied bandwidth information.
The On-line network monitoring method that the utility model provides, comprising:
By the series connection of On-line network monitoring device in a network, give tacit consent to received data message, carry out break-through operation;
User is configured in the line service condition of scanning, to the data message meeting this condition, carries out statistic of classification;
Catch qualified user data message, carry out packet parsing, analyze packet content;
Store monitoring users data message;
Forwarding listens to valid data to supervision department.
As shown in Figure 4, the present embodiment provides an application examples to resolve the method.Such as: due to the attack of network hacker, cause www.163.com website can not normal operation, existing network network operation maintenance personnel needs to investigate hacker, need the user getting all access www.163.com websites, according to user to website send content, carry out investigation hacker, therefore carry out following test:
1) series connection of On-line network monitoring device in a network, and acquiescence is in break-through pattern, and to the packet received, transceiver module 101 directly forwards operation;
2) User Defined Scanning Detction content www.163.com, the IP address that analysis module 102 intelligently parsing of On-line network monitoring device is corresponding to this website;
3) analysis module 102 is scanned across all packets of this link, adds up meeting the content detecting IP;
4) by data packet analysis, MAC and the IP address accessing " www.163.com " website user is obtained;
5) analyze the uplink and downlink packet content of user, obtain suspicious user information, preserve related data;
6) suspicious data is transmitted to network operation department (monitoring department).
Embodiment 3:
In the present embodiment, operator often likes there is great network delay when which main stream website upper and each this website of access, so that operator improves the bottleneck of response network speed targetedly for certain partial wideband of statistics user.
1. the series connection of On-line network monitoring device in a network, is in break-through pattern, to the packet received, directly forwards operation.
2. user arranges the main stream website address needing statistics.
3. analysis module 102 is by station address, parses corresponding IP address.
4. analysis module 102 is scanned across all packets of this link, adds up meeting the content detecting IP.
5., by data packet analysis, obtain the user MAC clicking website, IP address.
6. statistics clicks number of times and the time of website, and record websites response user connects the time of website, subtracts and clicks the time difference, obtain the time delay of user's online according to the response time.
7., in the statistical test time, all users click the number of times of each website and ask and the time delay met with a response at every turn.
8. generate testing journal sheet, send to network maintenance staff.
Compared with prior art, On-line network monitoring device of the present utility model, has following beneficial effect:
(1) as long as be connected in network link by instrument, namely can detect all transmission data through this link, configuration is simple, is convenient to dispose.
(2) can realize the network information, carry out extraction and analysis, link trace.
(3) for specifying information, can modify, be convenient to intercept particular content.
(4) simple to operate, fail safe is high, can not affect or interrupt the information transmission of user.
Above-mentioned explanation illustrate and describes some preferred embodiments of the application, but as previously mentioned, be to be understood that the application is not limited to the form disclosed by this paper, should not regard the eliminating to other embodiments as, and can be used for other combinations various, amendment and environment, and can in application contemplated scope described herein, changed by the technology of above-mentioned instruction or association area or knowledge.And the change that those skilled in the art carry out and change do not depart from the spirit and scope of the application, then all should in the protection range of the application's claims.
Claims (3)
1. an On-line network monitoring device, is applied between the network user, it is characterized in that, this On-line network monitoring device comprises: at least one transceiver module, analysis module, memory module and forwarding module, wherein,
Described transceiver module, couples mutually with described analysis module, for carrying out break-through operation to the packet through this On-line network monitoring device link, is sent to described analysis module;
Described analysis module, couple mutually with described transceiver module, memory module and forwarding module respectively, for carrying out Scanning Detction to the described packet of break-through, the transceiving data bag of each user of statistics and analysis and occupied bandwidth information, obtain suspicious user information, and be sent to described memory module and forwarding module respectively;
Described memory module, couples mutually with described analysis module, for storing the transceiving data bag of each user of statistics and analysis that described analysis module sends;
Described forwarding module, couples mutually with described analysis module and memory module respectively, for being forwarded to monitoring department to the transceiving data bag of user and occupied bandwidth information.
2. On-line network monitoring device according to claim 1, it is characterized in that, described analysis module, the packet being further used for being sent by described transceiver module according to MAC, IP, MPLS or VLAN carries out information classification and sequence, also for modifying and intercept operation to described packet.
3. On-line network monitoring device according to claim 1, it is characterized in that, described analysis module, couple mutually with described transceiver module, memory module and forwarding module respectively, for carrying out Scanning Detction to the described packet of break-through, be further, described analysis module, couple mutually with described transceiver module, memory module and forwarding module respectively, for carrying out Scanning Detction by MAC, IP, MPLS, VLAN or the described packet of the User Defined condition of scanning to break-through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520117162.3U CN204481839U (en) | 2015-02-26 | 2015-02-26 | A kind of On-line network monitoring device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520117162.3U CN204481839U (en) | 2015-02-26 | 2015-02-26 | A kind of On-line network monitoring device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN204481839U true CN204481839U (en) | 2015-07-15 |
Family
ID=53637610
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201520117162.3U Active CN204481839U (en) | 2015-02-26 | 2015-02-26 | A kind of On-line network monitoring device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN204481839U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104639401A (en) * | 2015-02-26 | 2015-05-20 | 北京奥普维尔科技有限公司 | Network on-line monitoring device and method |
-
2015
- 2015-02-26 CN CN201520117162.3U patent/CN204481839U/en active Active
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104639401A (en) * | 2015-02-26 | 2015-05-20 | 北京奥普维尔科技有限公司 | Network on-line monitoring device and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103442008B (en) | A kind of routing safety detecting system and detection method | |
| US9185093B2 (en) | System and method for correlating network information with subscriber information in a mobile network environment | |
| CN105490862B (en) | A kind of efficient fault diagnosis engine | |
| Erlacher et al. | On high-speed flow-based intrusion detection using snort-compatible signatures | |
| CN101431440B (en) | Flux monitoring method and apparatus | |
| CN108600260A (en) | A kind of industry Internet of Things security configuration check method | |
| Trevisan et al. | AWESoME: Big data for automatic Web service management in SDN | |
| CN104539483A (en) | Network testing system | |
| CN106789413A (en) | A kind of method and apparatus for detecting proxy surfing | |
| CN103139014A (en) | Method and device for network quality evaluating based on by-pass | |
| CN108512816B (en) | Traffic hijacking detection method and device | |
| Kumar et al. | Light weighted CNN model to detect DDoS attack over distributed scenario | |
| CN105357071A (en) | Identification method and identification system for network complex traffic | |
| CN105306303B (en) | The real-time monitoring system of failure and terminal network appliance based on terminal network appliance | |
| CN204481839U (en) | A kind of On-line network monitoring device | |
| CN107040666A (en) | Dial testing method, device, terminal and the system of 1000 M passive optical network carrier business | |
| CN104639401A (en) | Network on-line monitoring device and method | |
| CN107204971B (en) | Web station e-commerce hijacking detection method | |
| CN107395643B (en) | Source IP protection method based on scanning probe behavior | |
| Oudah et al. | Using burstiness for network applications classification | |
| Li et al. | SDN based intelligent Honeynet network model design and verification | |
| CN101159955B (en) | Service quality measuring method and system based on media gateway control protocol network | |
| CN104539470B (en) | Test shunting device whether method, test client and the system of packet loss | |
| Georgiev | Performance evaluation of Internet traffic by network measurements | |
| CN107241461A (en) | MAC Address acquisition methods, gateway device, network authentication apparatus and network system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |