Network administration project of the headquarters of a large-size insurance company
1. General descriptions
According to the network architecture of the headquarters of the insurance company, the network system is monitored and controlled in a collective manner. All data are collectively captured, analyzed and managed at the headquarters while branch offices can access the group company's database and acquire relevant information via Web server. System management includes fault management, performance management and security management.
2. Administration goals
The insurance company performs fault management, performance management and security management according to the ISO-defined five network management features.
2.1 Fault management
Real-time fault monitoring: take corresponding measures according to different fault levels;
Administrator authority division and zoning: check fault events in the network on a real-time basis via a graphical interface;
Event compression: compress and summarize repeated events so as to improve the handling efficiency of the network administration system;
Preliminary positioning of fault: locate the fault sources through accurate analysis of the event;
Manage fault information and establish a fault information knowledge base.
2.2 Security management
Collect the alarm messages of all security equipment on a real-time basis;
Reflect the conditions of the security equipment on a real-time and accurate basis;
Transmit the security events to be manually handled to the procedure system.
3. Scope of administration
3.1 Network administration objects
Equipment-level management elements:
Environment: power supply, voltage, ambient temperature and fan; acquire information through Syslog;
Module: module status; acquire information through Syslog;
Equipment performance: CPU utilization ratio, memory utilization ratio; acquire information through SNMP polling of equipment MIB library.
Circuit-level management elements
Link connection/disconnection: acquire information through Syslog and use Ping to verify accessibility of network layer if necessary;
Link connection quality: packet loss, CRC verification error statistics; acquire information through SNMP polling of the interface parameter of equipment MIB library;
Link flow and statistics: bytes sent/received; acquire information through SNMP polling of the interface parameter of equipment MIB library;
Protocol layer management elements:
Router EGIRP and OSPF routing changes: acquire information through Syslog;
LAN STP, VIP and HSRP status: acquire information through Syslog;
3.2 Security equipment
The security products that the client manages in actual network environment include:
PIX firewall;
JUNIPER firewall;
Symantec CC terminal security equipment;
WSUS;
SCM;
IPS;
VPN: Sunyard encryptor;
Intrusion detection: ISS LinkTrust IDS;
Virus protection: NAI McAfee WebSheild and CA eTrust AV;
Access control: CISCO Security ACS;
Security proxy server: Blue Coat ProxySG.
4 Functions realized
4.1 Page monitoring and control
Personnel of the headquarters can monitor and control the running conditions of the core LAN, core trunk network and Tier-1 trunk network in two-layered monitoring and control mode. The personnel of various branch offices can monitor and control the running conditions of the LAN and Tier-2 trunk network within jurisdiction.
4.1.1 Headquarters user
View of Monitored and Controlled Home Page of Headquarters User of Network Administration System
Example of Event List
4.1.2 Branch company user
View of Monitored and Controlled Home Page of Branch User of Network Administration System
4.1.3 Security monitoring and control page
View of Monitored and Controlled Home Page of Headquarters User of Security Management System