| Community e-service that is built on VPN belongs to e-commerce. It can provide comprehensive services, such as, most of the community users can pay for fees and book tickets on the network. The community e-service, like general e-commerce, depends on basic network, and this dependence is increasing. The heterogeneity and complexity of network environment are increased with the expansion of the enterprise scale. Therefore, it is necessary to build a network management system that can ensure the network efficient and stable for community e-service.This paper is supported by National Science and Technology Support Program. A security monitoring services platform for community electronic which bases on community e-service VPN basic network environment is designed and implemented in the paper. The basic framework of the platform is the B/S hybrid framework based on C/S.The follows are the work 1 have finished in this paper:1. Propose a kind of security access mechanism which bases on encrypted multi-factor. The mechanism encrypts both the information about hardware and login password in the service node with the MD5 algorithm the sequences generated can be adopted as the user's password. User name based on RADIUS authentication is associated with IP addresses in the mechanism, and the VPN user is assigned a fixed IP address, so we can maintain continuity of monitoring data in the service node.2. We can find all the online devices of the specified network using SNMP, and all the online devices will be added to the monitoring object, so the SNMP based polling mechanism finishes the data acquisition of the new objects and will generate images.3. In this paper we also have proposed a kind of balance tactics for VPN devices. According to the historic data of the monitoring node, flow rate fluctuation in each dial VPN service node is evaluated and analyzed in one day by the balance tactics. When the service node request for VPN devices, load balance server determine which VPN device the service node should be added to, according to both flow rate fluctuation which have been obtained and the current load of the VPN devices. In this way we can implement load balancing and avoid that peak value in the different service node is overlapped in the same server at the same time.4. A complete set of alarm network mechanism have been established in this paper. The data which is obtained by monitoring the specified network is compared with the defined alarm rules by the mechanism. In this way we can determine whether there exists abnormal in the specified network, if there exists abnormal, the system will generate alarm event in order to trigger alarm network, and the system will notify the administrator by both the emails and phonics.After designing and implementing the system, the test results in the simulation environment of community e-service show that the system can accurately and timely finish such tasks as performance monitoring and fault alarm, at the same time balance load for simulation network. So the system can greatly ensure the stability and security of the community e-commence VPN network. |
PDF Full Text Request