CN209086928U - A kind of deployment architecture of database audit - Google Patents
A kind of deployment architecture of database audit Download PDFInfo
- Publication number
- CN209086928U CN209086928U CN201821743657.7U CN201821743657U CN209086928U CN 209086928 U CN209086928 U CN 209086928U CN 201821743657 U CN201821743657 U CN 201821743657U CN 209086928 U CN209086928 U CN 209086928U
- Authority
- CN
- China
- Prior art keywords
- data
- server
- connect
- database
- core switch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model discloses a kind of deployment architectures of database audit, including line module, application server, core switch, data accountability system and several database servers, line module is connect with application server, application server is connect with core switch, core switch is connect with several database servers, data accountability system is connect with core switch, data accountability system includes Data Audit server, Data Audit server is connect with core switch, the mirror port connection of Data Audit server and core switch;In addition data accountability system can also be using interchanger and Data Audit server; Data Audit server is connect with interchanger; interchanger is connect with core switch; probe is provided on each database server; the utility model is disposed by the structure to database server; can be effectively to the monitoring of database server and audit, information management and protection to enterprise are played the role of vital.
Description
Technical field
The utility model relates to network data security technical field, specially a kind of deployment architecture of database audit.
Background technique
With the rapid development of computer technology, database using very extensive, be deep into every field, but therewith
To produce the safety problem of data and the safety problem of database access.Mass data in the database of various application systems
Safety problem, the Anti-theft of sensitive data and anti-tamper problem, increasingly cause the great attention of people.Database Systems are made
It is the core component of computer information system for the aggregation of information, safety is most important, therefore, how effectively to protect
The safety for demonstrate,proving Database Systems, realizes confidentiality, the completeness and efficiency of data, has become people in the industry's exploratory development
One of important topic.
Many important data resources are remained in database server, some of them data resource is for enterprise
Very important, if these data are destroyed, destructive influence may be carried out to taeniae telarum.Enterprise response database number
It is believed that breath is classified, emphasis monitors the operation of all sensitive datas, finds illegal operation and the violation of authorized user in time
Operation.
Utility model content
The problem of for background technique, the utility model provide a kind of deployment architecture of database audit.
To achieve the above object, the utility model provides the following technical solutions: a kind of deployment architecture of database audit, packet
Include line module, application server, core switch, data accountability system and several database servers, user's mould
Block is connect with the application server, and the application server is connect with the core switch, if the core switch with
The database server connection is done, the data accountability system is connect with the core switch.
As the utility model a preferred technical solution, the data accountability system includes Data Audit server,
The Data Audit server is connect with the core switch.
As the utility model a preferred technical solution, the Data Audit server and the core switch
Mirror port connection.
As the utility model a preferred technical solution, the data accountability system includes interchanger and the data
Audit server, the Data Audit server are connect with the interchanger, the mirror of the interchanger and the core switch
As port connection, probe is provided on each database server.
Compared with prior art, the utility model has the beneficial effects that the utility model passes through to database server
Structure deployment, can be effectively to the monitoring of database server and audit, it is ensured that the safety of data information, to the letter of enterprise
Breath management is played the role of vital with protection.
Detailed description of the invention
Fig. 1 is a kind of parallel database server deployment architecture provided in embodiment 1;
Fig. 2 is a kind of distributed database server deployment architecture provided in embodiment 2;
In figure: 1- line module;2- application server;3- core switch;4- database server;5- Data Audit clothes
Business device;6- interchanger;7- mirror port;8- probe.
Specific embodiment
The following will be combined with the drawings in the embodiments of the present invention, carries out the technical scheme in the embodiment of the utility model
Clearly and completely describe, it is clear that the described embodiments are only a part of the embodiments of the utility model, rather than whole
Embodiment.Based on the embodiments of the present invention, those of ordinary skill in the art are without making creative work
Every other embodiment obtained, fall within the protection scope of the utility model.
Embodiment 1:
Referring to Fig. 1, the utility model provides a kind of deployment architecture of database audit, including line module 1, using clothes
Business device 2, core switch 3, data accountability system and several database servers 4, the line module 1 take with the application
Business device 2 connects, and the application server 2 is connect with the core switch 3, the core switch 3 and several data
Library server 4 connects, and the data accountability system is connect with the core switch 3.
In the specific implementation process, the data accountability system includes Data Audit server 5, the Data Audit service
Device 5 is connect with the core switch 3, the mirror image end of further the Data Audit server 5 and the core switch 3
Mouth 7 connects.
By the data image on setting core switch 3, the access of all pairs of database servers 4 can be all mirrored onto
In this deployment architecture, bypass monitoring is realized.This deployment way is applicable in scene: 1, the not requirement to database isolation;2,
Core switch supports mirror port, and mirror image packet loss is sufficiently small.
Embodiment 2:
Referring to Fig. 2, remaining is identical as above-described embodiment 1, and the difference is that: the data accountability system can also be adopted
With interchanger 6 and the Data Audit server 5, the Data Audit server 5 is connect with the interchanger 6, the exchange
Machine 6 is connect with the mirror port 7 of the core switch 3, is provided with probe 8 on each database server 5.
It is deployed in distributed on each database server 4, what probe 8 will acquire is sent back to the access of database
On Data Audit server 5, to realize audit and monitoring, this deployment way is suitable for following situation: 1, core is exchanged
Machine mirror port is unavailable or packet loss is serious;2, it needs to monitor the database manipulation occurred in database server local, such as
It is directly logged onto database server and operating database;3, it needs to monitor the database access carried out with encryption connection (SSL).
Based on above-mentioned, the utility model has advantages in that the utility model passes through the structure to database server
Deployment, can be effectively to the monitoring of database server and audit, it is ensured that the safety of data information, to the message tube of enterprise
Reason plays the role of vital with protection.
The above is only the preferred embodiment of the utility model only, is not intended to limit the utility model, all at this
Made any modifications, equivalent replacements, and improvements etc., should be included in the utility model within the spirit and principle of utility model
Protection scope within.
Claims (4)
1. a kind of deployment architecture of database audit, it is characterised in that: including line module, application server, core switch,
Data accountability system and several database servers, the line module are connect with the application server, the application clothes
Business device is connect with the core switch, and the core switch is connect with several database servers, and the data are examined
Meter systems are connect with the core switch.
2. a kind of deployment architecture of database audit according to claim 1, it is characterised in that: the data accountability system
Including Data Audit server, the Data Audit server is connect with the core switch.
3. a kind of deployment architecture of database audit according to claim 2, it is characterised in that: the Data Audit service
Device is connect with the mirror port of the core switch.
4. a kind of deployment architecture of database audit according to claim 1, it is characterised in that: the data accountability system
Including interchanger and the Data Audit server, the Data Audit server is connect with the interchanger, the interchanger
It is connect with the mirror port of the core switch, is provided with probe on each database server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201821743657.7U CN209086928U (en) | 2018-10-26 | 2018-10-26 | A kind of deployment architecture of database audit |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201821743657.7U CN209086928U (en) | 2018-10-26 | 2018-10-26 | A kind of deployment architecture of database audit |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN209086928U true CN209086928U (en) | 2019-07-09 |
Family
ID=67120776
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201821743657.7U Active CN209086928U (en) | 2018-10-26 | 2018-10-26 | A kind of deployment architecture of database audit |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN209086928U (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111506022A (en) * | 2019-01-30 | 2020-08-07 | 中国石油天然气集团有限公司 | Industrial control system and safety auditing method in industrial control system |
| CN112769717A (en) * | 2021-01-18 | 2021-05-07 | 北京安数云信息技术有限公司 | Method for realizing single server network port supporting multiple audit type safety service |
| CN114124473A (en) * | 2021-11-02 | 2022-03-01 | 北京天融信网络安全技术有限公司 | Network access authentication system and authentication method based on port mirror image |
-
2018
- 2018-10-26 CN CN201821743657.7U patent/CN209086928U/en active Active
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111506022A (en) * | 2019-01-30 | 2020-08-07 | 中国石油天然气集团有限公司 | Industrial control system and safety auditing method in industrial control system |
| CN112769717A (en) * | 2021-01-18 | 2021-05-07 | 北京安数云信息技术有限公司 | Method for realizing single server network port supporting multiple audit type safety service |
| CN114124473A (en) * | 2021-11-02 | 2022-03-01 | 北京天融信网络安全技术有限公司 | Network access authentication system and authentication method based on port mirror image |
| CN114124473B (en) * | 2021-11-02 | 2024-02-02 | 北京天融信网络安全技术有限公司 | Port mirror image-based network access authentication system and authentication method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Khan et al. | Cloud log forensics: Foundations, state of the art, and future directions | |
| CN209086928U (en) | A kind of deployment architecture of database audit | |
| Heberlein et al. | A network security monitor | |
| CN104063473B (en) | A kind of database audit monitoring system and its method | |
| US10140453B1 (en) | Vulnerability management using taxonomy-based normalization | |
| CN111209269A (en) | Big data management system of wisdom city | |
| CN106789964B (en) | Cloud resource pool data security detection method and system | |
| CN108270716A (en) | A kind of audit of information security method based on cloud computing | |
| CN109302404A (en) | A kind of remote maintenance authenticating operation method of wide area operational system | |
| CN110222498A (en) | A kind of supervision management system and method based on mobile interchange cloud | |
| CN106656971A (en) | Service behavior data acquisition system | |
| CN107689958A (en) | A kind of network audit subsystem applied to cloud auditing system | |
| Söderström et al. | Secure audit log management | |
| CN112468464B (en) | State machine integrity verification system and method based on service chain | |
| CN202979014U (en) | Network isolation device | |
| CN108182208A (en) | A kind of method for interchanging data and platform | |
| CN111641652A (en) | Application security service platform based on cloud computing | |
| de Aguiar Monteiro et al. | A Survey on Microservice Security–Trends in Architecture Privacy and Standardization on Cloud Computing Environments | |
| CN108985083A (en) | A kind of Computer Data Security management system and method | |
| Sánchez et al. | Security Enhancement through Effective Encrypted Communication using ELK | |
| Zhao et al. | SINT: Towards a Blockchain-based Secure In-band Network Telemetry Architecture | |
| CN108337261A (en) | A kind of computer security control system | |
| CN109977696A (en) | The data security method and relevant apparatus and system of discipline inspection system | |
| CN113709140B (en) | Cloud big data intelligent safety management and control system based on comprehensive audit | |
| CN109446163A (en) | A kind of laboratory data tracing system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: 200441 11th floor, No.2, Lane 99, Changjiang South Road, Baoshan District, Shanghai Patentee after: SHANGHAI NIUDUN TECHNOLOGY Co.,Ltd. Address before: 200433 room 13001-8, No. 335, Guoding Road, Yangpu District, Shanghai Patentee before: SHANGHAI NIUDUN TECHNOLOGY Co.,Ltd. |