Network administration project of the headquarters of a large-size insurance company

1. General descriptions

According to the network architecture of the headquarters of the insurance company, the network system is monitored and controlled in a collective manner. All data are collectively captured, analyzed and managed at the headquarters while branch offices can access the group company's database and acquire relevant information via Web server. System management includes fault management, performance management and security management.

2. Administration goals

The insurance company performs fault management, performance management and security management according to the ISO-defined five network management features.

2.1 Fault management

Real-time fault monitoring: take corresponding measures according to different fault levels;

Administrator authority division and zoning: check fault events in the network on a real-time basis via a graphical interface;

Event compression: compress and summarize repeated events so as to improve the handling efficiency of the network administration system;

Preliminary positioning of fault: locate the fault sources through accurate analysis of the event;

Manage fault information and establish a fault information knowledge base.

2.2 Security management

Collect the alarm messages of all security equipment on a real-time basis;

Reflect the conditions of the security equipment on a real-time and accurate basis;

Transmit the security events to be manually handled to the procedure system.

3. Scope of administration

3.1 Network administration objects

Equipment-level management elements:

Environment: power supply, voltage, ambient temperature and fan; acquire information through Syslog;

Module: module status; acquire information through Syslog;

Equipment performance: CPU utilization ratio, memory utilization ratio; acquire information through SNMP polling of equipment MIB library.

Circuit-level management elements

Link connection/disconnection: acquire information through Syslog and use Ping to verify accessibility of network layer if necessary;

Link connection quality: packet loss, CRC verification error statistics; acquire information through SNMP polling of the interface parameter of equipment MIB library;

Link flow and statistics: bytes sent/received; acquire information through SNMP polling of the interface parameter of equipment MIB library;

Protocol layer management elements:

Router EGIRP and OSPF routing changes: acquire information through Syslog;

LAN STP, VIP and HSRP status: acquire information through Syslog;

3.2 Security equipment

The security products that the client manages in actual network environment include:

PIX firewall;

JUNIPER firewall;

Symantec CC terminal security equipment;

WSUS;

SCM;

IPS;

VPN: Sunyard encryptor;

Intrusion detection: ISS LinkTrust IDS;

Virus protection: NAI McAfee WebSheild and CA eTrust AV;

Access control: CISCO Security ACS;

Security proxy server: Blue Coat ProxySG.

4 Functions realized

4.1 Page monitoring and control

Personnel of the headquarters can monitor and control the running conditions of the core LAN, core trunk network and Tier-1 trunk network in two-layered monitoring and control mode. The personnel of various branch offices can monitor and control the running conditions of the LAN and Tier-2 trunk network within jurisdiction.

4.1.1 Headquarters user

View of Monitored and Controlled Home Page of Headquarters User of Network Administration System

Example of Event List

4.1.2 Branch company user

View of Monitored and Controlled Home Page of Branch User of Network Administration System

4.1.3 Security monitoring and control page

View of Monitored and Controlled Home Page of Headquarters User of Security Management System