The Design And Implementation Of Network Security Monitoring System Based On B/S Architecture

The popularity of today's network is getting higher and higher, and the number of Internet users is increasing at a faster rate. In order to meet the needs of people on the Internet, the network has developed into an open system with complex structure and diverse functions. With the rapid development of network technology, the problem of computer and network intrusion is becoming more and more serious. The problem of network security has been paid more and more attention. Network security is an important guarantee for the rational use of network resources and information. Network security monitoring system is used to assist network managers to deal with network security problems in the operation of the network. The safety monitoring system can detect the abnormal operation of the network in time, and it is very important to ensure the normal operation of the network.In view of the above problems and the actual network environment,this paper presents a design and implementation of network security monitoring system based on B/S architecture. In the process of writing the article, the main work includes the following aspects:(1) The analysis of the current network log collection and analysis of the products and compare their advantages and disadvantages, this paper puts forward a network security monitoring system to monitor the operation of network equipment network SNMP data and log data based on SYSLOG.(2) The network security monitoring system based on B/S architecture is analyzed and the design scheme is put forward according to the running data of different devices and the log information of the system.The function and performance of the monitoring system are analyzed. The function of the overall system architecture, the system needs to have data acquisition, analysis, storage, backup, data analysis and visual display and other functions. In terms of performance, the security, real-time and scalability of the system are analyzed.(3) Completing the development of the system on the basis of analysis and design. The system using SNMP4J API and SYSLOG4J API to collect SNMP data and SYSLOG data.We can analysis and parse the log data using regular expressions.The result of analysis can be persistent and backup.The result of data statistical analysis will be presentation with the form of more intuitive reports and statements.(4) Testing the network security monitoring system. The system has been tested on the function of the system. The results of the test are analyzed and the system is summarized on the testing result.The system can collect in the data of network operation and log which can be analysis using regular expressions.The result will be storage in the fields of tables on the database.The log data will be backup in the form of text. It will be convenient for the security administrator to master the operation status of the whole network. The system can monitor PC,server, firewall and other network devices.