信息安全与通信保密
信息安全與通信保密
신식안전여통신보밀
Information Security And Communications Privacy
2015年
11期
78-79
,共2页
滕征岑%可为%陈国松%崔瀚彬
滕徵岑%可為%陳國鬆%崔瀚彬
등정잠%가위%진국송%최한빈
SDN%网络审计%可扩展性%灵活性
SDN%網絡審計%可擴展性%靈活性
SDN%망락심계%가확전성%령활성
SDN%Network Auditing%Extensibility%Flexibility
随着新型网络技术的发展,传统网络结构面对日益增长与多样化的业务需求逐渐显示出越来越多的限制。SDN(软件定义网络)作为一种新型的网络架构,拥有优秀的灵活性与可扩展性,对于网络虚拟化、低成本化的要求显示出独特的优势。对于大型企业的网络,因为接入用户数量庞大,对于企业内部敏感数据保护,以及用户上网行为的规范化显得倍加重要。本文基于SDN架构,提出一种新型网络审计系统,其较传统的网络审计系统,具有更高的可扩展能力,同时拥有更灵活的策略配置与硬件资源分配能力。对于大型企业大规模用户网络行为审计,不但便于对系统运维,而且硬件资源可以更为有效的得到利用。
隨著新型網絡技術的髮展,傳統網絡結構麵對日益增長與多樣化的業務需求逐漸顯示齣越來越多的限製。SDN(軟件定義網絡)作為一種新型的網絡架構,擁有優秀的靈活性與可擴展性,對于網絡虛擬化、低成本化的要求顯示齣獨特的優勢。對于大型企業的網絡,因為接入用戶數量龐大,對于企業內部敏感數據保護,以及用戶上網行為的規範化顯得倍加重要。本文基于SDN架構,提齣一種新型網絡審計繫統,其較傳統的網絡審計繫統,具有更高的可擴展能力,同時擁有更靈活的策略配置與硬件資源分配能力。對于大型企業大規模用戶網絡行為審計,不但便于對繫統運維,而且硬件資源可以更為有效的得到利用。
수착신형망락기술적발전,전통망락결구면대일익증장여다양화적업무수구축점현시출월래월다적한제。SDN(연건정의망락)작위일충신형적망락가구,옹유우수적령활성여가확전성,대우망락허의화、저성본화적요구현시출독특적우세。대우대형기업적망락,인위접입용호수량방대,대우기업내부민감수거보호,이급용호상망행위적규범화현득배가중요。본문기우SDN가구,제출일충신형망락심계계통,기교전통적망락심계계통,구유경고적가확전능력,동시옹유경령활적책략배치여경건자원분배능력。대우대형기업대규모용호망락행위심계,불단편우대계통운유,이차경건자원가이경위유효적득도이용。
With the development of novel network technology, more and more technical limitations are exposed in traditional network when faced with increasing and diversifying network service demands. SDN(software defined network), acting as a new network architecture, possesses outstanding flexibility and extensibility, making it quite attractive in the pursuit of low-cost high-virtualization-degree network. To the large-scale enterprise network, owing to the ultra-large amount of network clients, sensitive data protection and normalization of clients’ action are of great importance. Based on the SDN structure, this paper proposes a new network auditing system, which owns higher extensibility and is more flexible in policy configuration and hardware resources allocation. In the auditing process of ultra-large amount of network clients, this system is not only easier for maintenance, but also hardware resources can be more efficiently used.