The rapid development of national informatization has brought new development opportuniti es for small and medium-sized enterprises. The informatization construction become the decisive factor for the sustainable development of small and medium-sized enterprises. The application of computer technology in small and medium-sized enterprise, has improved the daily Management efficiency to enterprise, and brought the computer network operations and control problem of network security to enterprise inner.
1 Introduction
Due to the constraints of capital, technology, talents and other constraints, the lack of effective network management monitoring means and the lack of the most basic security control are the two most important problems in the local area network management of the majority of small and medium-sized enterprises. A new technology that can do a good job in LAN network management, operation and maintenance and security control with the lowest capital cost, the simplest and most effective technical means and the least manpower will be introduced to improve the computer network management level of small and medium-sized enterprises.
2 Overview of traditional network management technology
At present, the most widely used network management protocol is the SNMP (Simple Network Management Protocol) protocol. SNMP is a widely accepted and put into-use industry standard for network administrators to retrieve information, modify information, locate faults, complete fault diagnosis, carry out capacity planning and generate reports at any node on the network. [ 1]
For large enterprises, their professional network management systems are basically based on the SNMP protocol and developed by professional software developers. The capital investment is generally millions or even tens of millions of yuan. The SNMP data configuration of the whole network equipment is technically difficult, and it is necessary to set up professional network management personnel for daily life. Maintenance.
3 New ideas for network management monitoring of Telnet+GUI
Telnet protocol is the standard protocol and main method of remote login service on computer network, providing users with the ability to complete remote host work on local computers. Network operation and maintenance personnel usually log in to devices such as switches, routers or firewalls through Telnet, and configure and maintain the network by entering instructions and viewing device return information.
Through the development of the programming language, the Telnet protocol is combined with the GUI (graphical user interface) interface to automatically execute the instructions that originally required manual input (such as ping instructions, the display Interface instructions of Huawei devices, etc.) and return the results of the device. Analyze and process, extract the port status, device status (such as CPU usage), link status, and combine them into a complete real-time network topology, which is displayed through graphics and visualization. This is the new idea of network management monitoring of the local area network to be described in this article.
Unlike the network management mode implemented by the SNMP protocol, the network management monitoring method that combines Telnet protocol and graphical interface has the advantages of low technical threshold, small capital investment, no need to configure a dedicated NMS server, no need to configure SNMP for existing network equipment, strong network versatility, etc., especially applicable Local area network management for small and medium-sized enterprises.
4 Technical overview of programming implementation
1 From the structural model, it can be seen that the underlying TCP Sockets communication layer and Telnet protocol layer are the communication layer that directly realizes the interaction and docking with network equipment. Take the VB.Net programming language as an example, by creating the TCPclient class of the System.Net.Sockets namespace, connect with the host in a thread and listen to the data. The main implementation methods are as follows.
Public Sub Connect (ByVal sHostIP As String, Optional ByVal iHostPort As Integer = 23)
Dim TelnetConnectThread As Thread
m_HostIP = sHostIP
m_HostPort = iHostPort
Try
TelnetConnectThread = New Thread (AddressOf TelnetConnect) ‘Start Connection Thread
TelnetConnectThread.Start ()
Catch Ex As Exception
RaiseEvent SocketError ()
End Try
End Sub
Private Sub TelnetConnect() ‘Telnet Connection Thread
Try
TelnetTcpClient = New TcpClient () ‘Create a TCP connection
TelnetTcpClient.Connect (m_HostIP, m_HostPort)
Dim Clock As New Stopwatch’ Sets Timeout Timer
Clock.Start ()
Do While Clock.ElapsedMilliseconds < 2000 And TelnetTcpClient.Connected = False
Thread.Sleep (100)
Loop
Clock.Stop ()
If TelnetTcpClient.Connected = False Then
RaiseEvent SocketError ()
Exit Sub
Else
TelnetStream = TelnetTcpClient.GetStream ()
TelnetThread = New Thread (AddressOf RunClient) ‘Initivate Data Monitoring
TelnetThread.Start ()
RaiseEvent SocketConnected ()
End If
Catch Ex As Exception
RaiseEvent SocketError ()
End Try
End Sub
2 After the TCP communication connection with the host is realized, the Telnet protocol maintenance class is built in its upper layer to realize the specific instruction operation of the device, such as login, logout, disconnection and reconnection, command sending, return result reception, etc.
3 After completing the underlying communication and control functions, realize the network element equipment management, port management, link definition and other functions in the upper layer, and then organize the equipment and link into a network topology to realize the real-time monitoring and management function of the network.
5 Network access control function
Network access control refers to the control means that terminals must be approved and registered before they can access the internal local area network, which can effectively prevent illegal terminals from accessing the network to obtain enterprise data and strengthen enterprise information security protection. At present, most small and medium-sized enterprises basically adopt DHCP dynamic IP allocation, or static IP allocation, but lack access restrictions and IP data registration. Once information security incidents such as information leakage occur, IP traceability cannot be carried out in a timely and effective manner. [ 2]
It realizes the Telnet communication and control function of the device. In addition to operating status monitoring, it can also realize the network access control function. Network access control is generally achieved by IP-MAC binding on the switch. Taking Huawei switch as an example, its binding instruction is user-bind static ip-address X.X.X.X mac-address XXXX-XXX X-XXXX. Use the programming language to develop the IP address registration system, register the IP address, MAC address, user information, etc., automatically connect to the corresponding network device through Telnet communication and control functions, and automatically configure the instruction, which can realize the allocation, registration management, and terminal of IP addresses. The control access function.
6 Conclusion
At present, the computer network management and information security level of small and medium-sized enterprises in China are relatively backward. In addition to the lack of attention of enterprises, the high investment and high technology of large-scale network management systems have also raised the threshold of enterprise LAN management. The network management monitoring and network access control methods based on the most basic Telnet protocol discussed in this article will provide a simple, economical and reliable way for small and medium-sized enterprises to improve the level of network management and information security protection.
