CN208079097U - network security monitoring device - Google Patents
network security monitoring device Download PDFInfo
- Publication number
- CN208079097U CN208079097U CN201820277974.8U CN201820277974U CN208079097U CN 208079097 U CN208079097 U CN 208079097U CN 201820277974 U CN201820277974 U CN 201820277974U CN 208079097 U CN208079097 U CN 208079097U
- Authority
- CN
- China
- Prior art keywords
- monitoring device
- network security
- security monitoring
- processing board
- service processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Small-Scale Networks (AREA)
Abstract
The utility model provides a kind of network security monitoring device, is applied to LAN, including:Cabinet and a pluggable interface subcard;A backboard, at least a service processing board and a lamp plate are equipped in cabinet;Interface subcard, service processing board and lamp plate are electrical connected with backboard;Interface subcard is for introducing network flow;SDRAM, hard disk, serial ports, management mouth, data port, USB port are integrated on service processing board;As the operation and control mouth externally provided, service processing board realizes message decoding, fragment processing, flow management, protocol analysis, feature detection and daily record alarm for serial ports, management mouth, data port and USB port.The network security monitoring device can be directed to single message and TCP flow carries out detailed analysis, while regular description language also supports various forms of counting rates, there is certain DDoS defence capabilities.
Description
Technical field
The utility model is related to communication equipment fields, and in particular to network security monitoring device.
Background technology
With the rapid development of network, network security is increasingly becoming a potential huge problem, especially faces various
It is emerging one after another in application, traditional intrusion detection device can only according to existing feature database, according to the Rule Information in feature database,
Existing attack is detected, when there is new attack to occur, since feature database limits, tends not to find new attack in time
It hits, needs after relevant manufactures provide new feature library, can just detect new attack, therefore traditional intrusion detection device pair
There is hysteresis quality in the detection of new attack.
Utility model content
The purpose of this utility model is that in view of the deficiencies of the prior art, providing a kind of using simple, general feature database
Rule description grammer, while User Defined rule being supported to configure, and various ways auxiliary customer analysis unknown attack is provided, it can
To greatly shorten the detection time to unknown attack.
To solve the above problems, the technical scheme adopted by the utility model is that:
A kind of network security monitoring device is applied to LAN, which is characterized in that including:Cabinet and one it is pluggable
Interface subcard;A backboard, at least a service processing board and a lamp plate are equipped in the cabinet;The interface subcard, the business
Processing board and the lamp plate are electrical connected with the backboard;The interface subcard is for introducing network flow;At the business
SDRAM, hard disk, serial ports, management mouth, data port, USB port are integrated on reason plate;The serial ports, the management mouth, the data
As the operation and control mouth externally provided, the service processing board is realized message decoding, fragment processing, is flowed for mouth and the USB port
Management, protocol analysis, feature detection and daily record alarm.
As a further improvement of the above technical scheme, the interface subcard is 1 gigabit ether interface subcard.
As a further improvement of the above technical scheme, be provided on the gigabit ether interface subcard 4 SFP gigabits with
Too interface.
As a further improvement of the above technical scheme, the number of the service processing board is 1.
As a further improvement of the above technical scheme, the front panel of the cabinet is equipped with the operation and control mouth.
As a further improvement of the above technical scheme, 220V power supply interfaces are equipped with behind the cabinet.
As a further improvement of the above technical scheme, power lights and running indicator, the power supply are provided on the lamp plate
Lamp and running indicator are LED light.
As a further improvement of the above technical scheme, the network security monitoring device uses active and standby dual power supply.
As a further improvement of the above technical scheme, the serial ports is RS232 serial ports;The management mouth and the data
Mouth is RJ-45 mouthfuls;The USB port mouth is standard USB interface.
As a further improvement of the above technical scheme, the interface subcard, the service processing board are total by PCIe
Line is electrical connected with the backboard 11.
As a further improvement of the above technical scheme, the hard disk is electronic magnetic disc.
Using technical solution provided by the utility model, compared with existing known technology, at least have following beneficial to effect
Fruit:
User can be directed to network flow actual conditions, be provided using equipment when using the network security monitoring device
Various assistant analysis modes, voluntarily configuration rule extracts for realizing attack detecting and sensitive information.Regular description language branch
IP five-tuples are held, message protocol number, message content etc., can be directed to single message and TCP flow carries out detailed analysis, while rule is retouched
Predicate speech also supports various forms of counting rates, there is certain DDoS defence capabilities.
Description of the drawings
It, below will be to required use in embodiment in order to illustrate more clearly of the technical solution of the utility model embodiment
Attached drawing be briefly described, it should be understood that the following drawings illustrates only some embodiments of the utility model, therefore should not be by
Regard the restriction to range as, for those of ordinary skill in the art, without creative efforts, may be used also
To obtain other relevant attached drawings according to these attached drawings.
Fig. 1 is the structural schematic diagram for the network security monitoring device that one embodiment of the utility model proposes.
Main element symbol description:
10- interface subcards;11- backboards;12- service processing boards;14- lamp plates;101- gigabit ether interface subcards.
Specific implementation mode
Hereinafter, the various embodiments of the disclosure will be described more fully.The disclosure can have various embodiments, and
It can adjust and change wherein.It should be understood, however, that:There is no the various embodiments of the disclosure are limited to spy disclosed herein
Determine the intention of embodiment, but the disclosure should be interpreted as in the spirit and scope for covering the various embodiments for falling into the disclosure
All adjustment, equivalent and/or alternative.
Hereinafter, disclosed in the term " comprising " that can be used in the various embodiments of the disclosure or " may include " instruction
Function, operation or the presence of element, and do not limit the increase of one or more functions, operation or element.In addition, such as existing
Used in the various embodiments of the disclosure, term " comprising ", " having " and its cognate are meant only to indicate special characteristic, number
Word, step, operation, the combination of element, component or aforementioned item, and be understood not to exclude first one or more other
Feature, number, step, operation, the combination of element, component or aforementioned item presence or increase one or more features, number,
Step, the possibility of operation, the combination of element, component or aforementioned item.
In the various embodiments of the disclosure, statement " at least one of A or/and B " includes the word listed file names with
Any combinations or all combinations.For example, statement " A or B " or " at least one of A or/and B " may include A, may include B or can
Including A and B both.
The statement (" first ", " second " etc.) used in the various embodiments of the disclosure can be modified in various implementations
Various constituent element in example, but respective sets can not be limited into element.For example, presented above be not intended to limit the suitable of the element
Sequence and/or importance.The purpose presented above for being only used for differentiating an element and other elements.For example, the first user fills
It sets and indicates different user device with second user device, although the two is all user apparatus.For example, not departing from each of the disclosure
In the case of the range of kind embodiment, first element is referred to alternatively as second element, and similarly, second element is also referred to as first
Element.
It should be noted that:It, can be by the first composition member if a constituent element ' attach ' to another constituent element by description
Part is directly connected to the second constituent element, and " connection " third can be formed between the first constituent element and the second constituent element
Element.On the contrary, when a constituent element " being directly connected to " is arrived another constituent element, it will be appreciated that in the first constituent element
And second third constituent element is not present between constituent element.
The term " user " used in the various embodiments of the disclosure, which may indicate that, to be used the people of electronic device or uses electricity
The device (for example, artificial intelligence electronic device) of sub-device.
The term used in the various embodiments of the disclosure is used only for the purpose of describing specific embodiments and not anticipates
In the various embodiments of the limitation disclosure.As used herein, singulative is intended to also include plural form, unless context is clear
Chu it is indicated otherwise.Unless otherwise defined, otherwise all terms (including technical terms and scientific terms) used herein have
There is meaning identical with the various normally understood meanings of embodiment one skilled in the art of the disclosure.The term
(term such as limited in the dictionary generally used) is to be interpreted as having and situational meaning in the related technical field
Identical meaning and the meaning that Utopian meaning or too formal will be interpreted as having, unless in the various of the disclosure
It is clearly defined in embodiment.
Embodiment 1
As shown in Figure 1, a kind of network security monitoring device, is applied to LAN, including:Cabinet and 1 pluggable connect
Openning card 10;A backboard 11, a service processing board 12 and a lamp plate 14 are equipped in cabinet.
Interface subcard 10, service processing board 12 and lamp plate 14 are electrical connected with backboard 11.
Interface subcard 10 is for introducing network flow.
SDRAM, hard disk, serial ports, management mouth, data port, USB port are integrated on service processing board 12;It is the serial ports, described
Mouth, the data port and the USB port are managed as the operation and control mouth externally provided, service processing board 12 realizes message solution
Code, fragment processing, flow management, protocol analysis, feature detection and daily record alarm.
In the present embodiment, interface subcard 10 is specially 1 gigabit ether interface subcard.It is set on gigabit ether interface subcard
It is equipped with 4 SFP (Small Form Pluggable, small pluggable) gigabit ether interface.
SFP gigabit ether interfaces are for installing SFP optical modules.
SFP optical modules are the hot plug small package modules of SFP encapsulation, and flank speed is up to 10.3G at present.SFP optical modules
Mainly it is made of laser.The composition of SFP optical modules has:Laser (including transmitter TOSA is with receiver ROSA) and wiring board
IC and outside appurtenances are constituted, and outside appurtenances is then made of shell, pedestal, PCBA, draw ring, buckle, unlock piece, rubber stopper, in order to
Identification is convenient generally with the parameter type of the color discrimination module of draw ring.
SFP optical modules have 155M/622M/1.25G/2.125G/4.25G/8G/10G, 155M and 1.25G according to rate point
The technology of in the market more, 10G is gradually ripe, and demand is just with the pose of rising.SFP optical modules are according to wave
It is that 850nm is SFP multimodes, transmission range that long point, which has 850nm/1310nm/1550nm/1490nm/1530nm/1610nm, wavelength,
In 2KM hereinafter, it is single mode that wavelength, which is 1310/1550nm, transmission range is in 2KM or more, the comparatively valence of these three wavelength
Lattice are cheap compared with other three kinds.The almost all of multimode fibre size of pattern classification multimode is 50/125um or 62.5/
125um, and bandwidth (transinformation of optical fiber) is usually 200MHz to 2GHz.Multimode optical transmitter and receiver can be by multimode fibre
Transmission of the row up to 5 kilometers.Using light emitting diode or laser as light source.Draw ring or external color are black.Single mode single mode
The diameter diameter that the size of optical fiber is 9-10 microns, and there is endless bandwidth and more low-loss characteristic compared with multimode fibre.
And single mode optical transmitter and receiver is chiefly used in long distance transmission, can reach 150 to 200 kilometers sometimes.Made using LD or spectrum line relatively narrow LED
For light source.
In the present embodiment, the number of service processing board is 1.In other embodiments, the number of service processing board is 2
A, 2 service processing boards constitute main-apparatus protection plate.When working traffic processing board is abnormal, standby traffic processing board carries out
Work, it can be ensured that the stability of network security monitoring.If the stability requirement that LAN monitors network security is compared
2 service processing boards can be sternly selected to constitute main-apparatus protection plate.
In the present embodiment, network security monitoring device further includes:Lamp plate 14;Lamp plate 14 is electrical connected with backboard 11, lamp
Plate 14 is for showing operating condition.
In the present embodiment, power lights and running indicator are provided on lamp plate 14, the power lights and running indicator are that LED refers to
Show lamp.Such as:It is normal that power lights can be shown as power work by green, and red display power work is abnormal.
In the present embodiment, network security monitoring device uses active and standby dual power supply.
Network security monitoring device uses active and standby dual power supply.Primary power cource is powered under normal circumstances, works as primary power cource
It when abnormal, is powered by stand-by power supply, to guarantee network security, monitoring device at any time being capable of normal operation work.
In the present embodiment, case front panel is equipped with operation and controls mouth and the electricity such as serial ports, management mouth, data port, USB port
The indicator lights such as source lamp, running indicator are equipped with 220V power interfaces and power switch after cabinet.
In the present embodiment, the serial ports is RS232 serial ports;The management mouth and the data port are RJ-45 mouthfuls;Institute
It is standard USB interface to state USB port mouth.
RS232 is PC machine and most widely used a kind of serial line interface in communication industry at present.RS232 is defined as one kind
Increase the single-ended standard of communication distance in low rate serial communication.RS232 takes uneven transmission mode, i.e., so-called single-ended logical
News.Its transmitting range is up to about 15 meters, flank speed 20kb/s.RS232 designs for point-to- point communication, driving
Device load is 3~7k Ω.So RS232 is suitble to the communication between local device.RS-232 serial rates.
RJ-45 is one kind of telecommunications outlet in wiring system (communicating exit) connector, and connector (is connect by plug
Head, crystal head) and socket (module) form, plug has 8 grooves and 8 contacts.RJ is the abbreviation of Registered Jack,
It means " socket of registration ".RJ is description public telecommunication network in FCC (Federal Communications Commission standard and regulations)
Interface, the RJ45 of computer network is being commonly called as 8 modular interfaces of standard.RJ45 is made of plug and socket, both
The connector of component composition is connected between conducting wire, to realize the electrical continuity of conducting wire.The core of RJ45 modules is module
Change jack.Gold-plated conducting wire or socket aperture can maintain to stablize and reliable electric appliance connection between modular socket shrapnel.Due to
Rubbing action between shrapnel and jack, electrical contact are further strengthened with the insertion of plug.Jack body design uses
Integral locking mechanism can generate maximum pull strength in this way when modular plug is inserted into outside the interface of plug and jack.
Wiring module in RJ45 modules connects twisted-pair feeder by " u "-shaped connecting groove, and locking spring plate can be in information outlets such as panels
RJ45 modules are fixed on device.RJ45 connector is often used a kind of anti-skidding plug boot, for the company's of protection plug, anti-slip and be convenient for
Plug.
USB (Universal Serial Bus), i.e. universal serial bus, it is an external bus standard, for advising
Model computer and external equipment are connected and communicate with.It is a kind of interface being widely used in the fields PC.
In the present embodiment, the hard disk is electronic hard disc.
In the present embodiment, the rack of network security monitoring device is 19 inch standard racks;It is arranged in the rack
Cabinet height is 2U.The rack and cabinet of above-mentioned dimensions are that a kind of most common dimensions in other embodiments can
To choose other sizes.
The length dimension of 19 inch standard racks is 19 inches, i.e. 482.6mm.The cabinet height being arranged in rack is 2U.
1U is 1.75 inches, i.e. 44.45mm, refers to highly just cabinet that panel height is 88.9mm for the cabinet of 2U.
Interface subcard 10, service processing board 12 are electrical connected by PCIe buses and backboard 11.
PCIe (PCI-express) is a kind of general bus specification, it is advocated and promoted by Intel, final
Purpose of design is gone out to solve data transmission in present-day systems to replace the bus transfer interface inside existing computer system
Existing bottleneck problem, and prepare for following peripheral product performance boost.The various equipment of previous computer system share
One bandwidth, using parallel interconnection, this leverages the performance of system entirety, while parallel signal is due to interfering with each other
Also the further promotion of speed in the future is seriously constrained.And PCIe then uses serial interconnection mode, in the form of point-to-point into
Row data transmission, each equipment can individually enjoy bandwidth, to substantially increase transmission rate, and be higher
Frequency upgrading creates condition.
Meanwhile PCIe, also there are many interface modes of friction speed, this includes 1X, 2X, 4X, 8X, 16X and higher speed
32X.The transmission rate of PCIe 1X patterns can reach 250MB/S, close to two times of original pci interface 133MB/S, greatly
The big data transmission capabilities for improving system bus.
This is applied to the network security monitoring device of LAN when in use, first connects 220V AC powers to network security
Monitoring device component is powered, and equipment enters init state, is read in Software Mirroring to SDRAM memory from hard disk, then
It jumps in mirror image and proceeds by initialization.After equipment start completion, into normal operating conditions.By interface subcard, by net
Network flow introduces equipment, and flow is first uploaded to service processing board by interface subcard, is handled by the software on service processing board single
Member analyzes network flow, extracts attack information that may be present, forms daily record, by managing mouth or data port,
Daily record is uploaded into log server.
User can be directed to network flow actual conditions, the various assistant analysis provided using equipment when using equipment
Mode, voluntarily configuration rule, is extracted for realizing attack detecting and sensitive information.Regular description language supports IP five-tuples (i.e.
Source IP address, source port, purpose IP address, destination interface and transport layer protocol), message protocol number, message content etc. can be directed to
Single message carries out detailed analysis, while regular description language also supports various forms of counting rates, has certain DDoS anti-
Imperial ability.
It will be appreciated by those skilled in the art that the accompanying drawings are only schematic diagrams of a preferred implementation scenario, module in attached drawing or
Flow is not necessarily implemented necessary to the utility model.
It will be appreciated by those skilled in the art that the module in device in implement scene can be described according to implement scene into
Row is distributed in the device of implement scene, can also be carried out respective change and is located at the one or more dresses for being different from this implement scene
In setting.The module of above-mentioned implement scene can be merged into a module, can also be further split into multiple submodule.
Above-mentioned the utility model serial number is for illustration only, does not represent the quality of implement scene.Disclosed above is only this
Several specific implementation scenes of utility model, still, the utility model is not limited to this, any those skilled in the art's energy
Think of variation should all fall into the scope of protection of the utility model.
Claims (10)
1. a kind of network security monitoring device is applied to LAN, which is characterized in that including:
Cabinet and a pluggable interface subcard;
A backboard, at least a service processing board and a lamp plate are equipped in the cabinet;
The interface subcard, the service processing board and the lamp plate are electrical connected with the backboard;
The interface subcard is for introducing network flow;
SDRAM, hard disk, serial ports, management mouth, data port, USB port are integrated on the service processing board;
The serial ports, management mouth, the data port and the USB port are as the operation and control mouth externally provided, the industry
Processing board of being engaged in realizes message decoding, fragment processing, flow management, protocol analysis, feature detection and daily record alarm.
2. network security monitoring device according to claim 1, which is characterized in that the interface subcard be 1 gigabit with
Too interface subcard.
3. network security monitoring device according to claim 2, which is characterized in that set on the gigabit ether interface subcard
It is equipped with 4 SFP gigabit ether interfaces.
4. network security monitoring device according to claim 1, which is characterized in that the number of the service processing board is 1
It is a.
5. network security monitoring device according to claim 1, which is characterized in that the front panel of the cabinet is equipped with institute
State operation and control mouth.
6. network security monitoring device according to claim 1, which is characterized in that be equipped with 220V behind the cabinet and supply
Electrical interface.
7. network security monitoring device according to claim 6, which is characterized in that be provided on the lamp plate power lights and
Running indicator, the power lights and running indicator are LED light.
8. network security monitoring device according to claim 1, which is characterized in that the network security monitoring device uses
Active and standby dual power supply.
9. network security monitoring device according to claim 1, which is characterized in that the serial ports is RS232 serial ports;It is described
It is RJ-45 mouthfuls to manage mouth and the data port;The USB port mouth is standard USB interface.
10. network security monitoring device according to claim 1, which is characterized in that the hard disk is electronic magnetic disc.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201820277974.8U CN208079097U (en) | 2018-02-27 | 2018-02-27 | network security monitoring device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201820277974.8U CN208079097U (en) | 2018-02-27 | 2018-02-27 | network security monitoring device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN208079097U true CN208079097U (en) | 2018-11-09 |
Family
ID=64039474
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201820277974.8U Active CN208079097U (en) | 2018-02-27 | 2018-02-27 | network security monitoring device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN208079097U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110244805A (en) * | 2019-06-19 | 2019-09-17 | 河北腾瑞电力设备科技有限公司 | A kind of intelligent electricity consumption information acquisition termination rack |
-
2018
- 2018-02-27 CN CN201820277974.8U patent/CN208079097U/en active Active
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110244805A (en) * | 2019-06-19 | 2019-09-17 | 河北腾瑞电力设备科技有限公司 | A kind of intelligent electricity consumption information acquisition termination rack |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9411766B2 (en) | Single optical fiber KVM extender | |
| US10700778B2 (en) | Pluggable active optical module with managed connectivity support and simulated memory table | |
| US9742704B2 (en) | Physical layer management at a wall plate device | |
| CN102045112B (en) | Optical universal serial bus device and operation method thereof | |
| US11924591B2 (en) | Intelligent fiber port management | |
| US7620754B2 (en) | Carrier card converter for 10 gigabit ethernet slots | |
| CN102004708B (en) | Management device and operation method thereof | |
| EP2807768B1 (en) | Optical physical interface module | |
| US12093200B2 (en) | USB signal communication over an optical link | |
| CN208079097U (en) | network security monitoring device | |
| CN208079101U (en) | network security monitoring device | |
| CN208079107U (en) | gateway device | |
| EP3360290B1 (en) | Communication media and methods for providing indication of signal power to a network entity | |
| CN213581974U (en) | RJ45 and compatible device of optical module on mainboard | |
| CN210537068U (en) | Network link cipher machine and rear panel thereof | |
| Frazer | Structured cabling comes of age | |
| Stigliani Jr | Enterprise System Connection (ESCON) Fiber-Optic Link | |
| Luo et al. | HDMI optical extender based on parallel optical transmitter and receiver |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |