Design And Implementation Of The Traffic Monitoring System In Campus Network

With the increasing complexity of the network application and the expansion of network size of campus network, the network management is becoming more and more difficult. On one hand, the requirement of network performance of the campus users is increasing. On the other hand, the security threat (e.g. DDoS, worm, malicious codes, etc.) is emerging from time to time. The network administrators should get a global view of the network to allocate the bandwidth properly and to locate the source of the network traffic anomaly in time to prevent the spreading of the anomaly traffic effectively. The current network management software is aimed at the usual network, meeting with the limited requirements without the further support of the management. Traffic monitoring is the basis of the network management. The International Standard Organization (ISO) specifies five basic functions of the network management, the implementation of them are mostly based on the traffic monitoring. Therefore, it's necessary to develop a traffic monitoring system to achieve the global control of the current campus network management to fulfill the better management and optimization of the network.In this paper, according to the management requirements of our campus network, after studying on the current related techniques, a detailed design of a distributed traffic monitoring system is proposed, and a Web based traffic monitoring system is implemented at last. The work of this paper in detail is as following, based on the NetFlow collecting technique of the switch (or router), we propose a distributed traffic collecting infrastructure of multi-tier and multiple collecting points; Encapsulating the site functions as Web Service to implement the interaction of the sites; Aimed at the controlling of the anomaly traffic, we design a anomaly traffic corporation control structure based on the policy structure; Implement a Web-based Traffic Monitoring Management System, which is developed at the VS.Net platform and SQL Server database.Firstly, to collect the traffic information comprehensively and effectively, we design a distributed traffic-collecting infrastructure based on NetFlow. We distribute our collecting tasks to every area of our campus network. And the collecting points are designed to locate in the core and pool layer to achieve the in/out and inner traffic of the network. Through this method, we can get the entire traffic information of the network.Secondly, the system is designed as two-level monitoring pattern, i.e. monitoring center and sub sites, and using Web Service to implement the interaction between these sites. The functions of the system, such as the query of the sub site and the registration of the monitoring center, are encapsulated as Web Services, and are published in the Web, which enlarge the flexibility and scalability of the system. In the design of the database, the traffic information is dispersed in each sub site, which alleviates the storage burden of the system.Thirdly, aimed at the control of the anomaly, we design a corporation control structure based on policy, which includes description, storage, exchange and delivering of policies. The feature of the structure is central management and distributed execution. In each collecting point, an anomaly traffic detection engine is set up. Once an anomaly occurs, the engine will inform the central policy server to determine and deliver the policy. In this paper, we use an example of the corporation between traffic monitoring system and firewall to illustrate the controlling procedure.Fourthly, we describe the implementation procedure of the system in the VS.Net platform. The system is installed and tested in the backbone switch of our campus network. The results show the feasibility and good effect of our system.In brief, this paper has developed a traffic monitoring management system based on our campus network. In the design of the system, we combine traffic monitoring with the policy-based corporation, which is a new idea in this field. And the implemented system effectively solves the. monitoring problem in the entire scope of our campus network. It can illustrate the traffic information in the kind of graphs and tables based on the collected information. And once the anomaly traffic occurs, it can show the alert on web page and control it based on predefined policies. In all, it can alleviate the burden of the network administrator and has the practial values.