Está en la página 1de 47

LI NOI U

Th gii ngy nay c nhiu tin b mnh m v cng ngh thng tin (CNTT) t mt tim nng thng tin tr thnh mt ti nguyn thc s, tr thnh sn phm hng ho trong x hi to ra mt s thay i to ln trong lc lng sn xut, c s h tng, cu trc kinh t, tnh cht lao ng v c cch thc qun l trong cc lnh vc ca x hi. Trong nhng nm gn y, nn CNTT nc ta cng c pht trin trn mi lnh vc trong cuc sng cng nh trong lnh vc qun l x hi khc. Vi trinh phat trin nh vy vic ng dung CNTT vao cac cng vic hng ngay c xem nh la iu bt buc tai. Tuy nhin vi vic phat trin mt mang li may tinh nhanh nh vy a gy ra nhng kho khn nht inh trong vic quan ly cac h thng mang nay. Cng vic quan ly h thng mang co nhng yu cu t ra la lam sao co th tn dung ti a cac tai nguyn co trong h thng va tng tin cy i vi h thng. Do o, vn quan tri mang hin nay la khng th thiu c. Trong o quan tri mang theo giao thc SNMP la phng phap c s dung rng rai nht. Vi nhng nhu cu thit th nh vy, va hiu ro hn s quan trong cua vic quan ly h thng mang nhom 9 lp MM02A a tin hanh tim hiu v giao thc SNMP va t chc trin khai quan ly th h thng mang vi phn mm Colasoft Capsa 7. Ni dung cua an bao gm 2phn chinh Chng1: Tng quan v quan ly h thng mang Chng 2: Giam sat h thng mang vi phn mm Colasoft Capsa 7 Cui cng, em xin chn thnh cm n thy L T Thanh tao moi iu kin, giup nhom co u kha nng hoan thanh an.

MUC LUC
CHNG 1: TNG QUAN V QUAN LY H THNG MANG...................................1 1.1. GII THIU CHUNG V QUAN LY H THNG MANG.....................................1 1.2. CAC YU CU QUAN LY H THNG MANG.....................................................2 1.3. KIN TRUC QUAN LY MANG................................................................................3 1.3.1. Kin truc quan ly mang .......................................................................................3 1.3.2. C ch quan ly mang............................................................................................3 1.4. TNG QUAN V GIAO THC SNMP....................................................................4 1.4.1. Cac bai toan giam sat cac thit bi va ng dung trong h thng mang..................4 1.4.2. Hai phng thc gim st Poll v Alert...............................................................5 1.4.2.1. Phng thc Poll..........................................................................................6 1.4.2.2. Phng thc Alert.........................................................................................6 1.4.2.3. So snh phng thc Poll v Alert...............................................................7 1.4.3. Gii thiu giao thc SNMP..................................................................................8 1.4.4. Cac thanh phn chinh cua giao thc SNMP.........................................................9 1.4.4.1. Cac thc th cua h thng quan ly mang....................................................11 1.4.4.2. Quan im quan ly Manager Agent thc th...........................................11 1.5. KHAI NIM GIAO THC SNMP ..........................................................................12 1.6. CU TRUC VA C IM CUA THNG TIN QUAN LY (SMI) .......................13 1.7. SNMPv2....................................................................................................................14 1.7.1. Cu trc bn tin SNMPv2..................................................................................14 1.7.2. C s thng tin qun l MIB trong SNMPv2.....................................................15 1.7.3. Nguyn tc hoat ng cua SNMP......................................................................17 1.7.3.1. Truyn mt bn tin SNMPv2......................................................................17 1.7.3.2. Nhn mt bn tin SNMPv2.........................................................................18 1.7.3.3. Cc trng thi thch ng cho SNMPv2.......................................................18 1.8. SNMPv3....................................................................................................................19 1.8.1. Cac c im mi cua SNMP v3.......................................................................20 1.8.2. H tr bao mt va xac thc trong SNMPv3 .....................................................20

CHNG

2:

GIAM

SAT

THNG

MANG

VI

PHN

MM

COLASOFT CAPSA ......................................................................................................22 2.1. GII THIU CHUNG..............................................................................................22 2.1.1. Cac phin ban cua Colasoft Capsa ....................................................................23 2.1.2. Yu cu h thng...............................................................................................24 2.1.3. Gii thiu giao din s dung Colasoft Capsa ....................................................25 2.2. Cai t Colasoft Capsa 7...........................................................................................25 2.3. CAC TINH NNG C BAN CUA PHN MM....................................................27 2.4. HNG DN S DUNG CAC TINH NNG CUA PHN MM........................28 2.4.1. M hinh trin khai..............................................................................................28 2.4.2. Gim st hot ng ca h thng mng.............................................................28 2.4.2.1. S dung b loc............................................................................................29 2.4.2.2. Cac thng tin v h thng mang..................................................................31 2.4.2.3. Phn tich cac thng tin trong h thng mang..............................................34 2.4.2.4. Thit lp nht ky..........................................................................................35 2.4.2.5. Tao biu cho h thng mang..................................................................36 2.4.2.6. Phat hin cac cuc tn cng ARP................................................................38 2.4.2.7. Pht hin Trojan v Worm vi Capsa Network Analyzer...........................40

Giam sat h thng mang vi phn mm Colasoft Capsa

CHNG 1: TNG QUAN V QUAN LY H THNG MANG


1.1. GII THIU CHUNG V QUAN LY H THNG MANG S pht trin v hi t mng trong nhng nm gn y tc ng mnh m ti tt c cc kha cnh ca mng li, thm ch c v nhng nhn thc nn tng v phng php tip cn Qun ly mng cng l mt trong nhng lnh vc ang c nhng s thay i v hon thin mnh m trong c n lc tiu chun ho ca cc t chc tiu chun ln trn th gii v yu cu t pha ngi s dng dch v. Mt khc cc nh khai thc mng, nh cung cp thit b v ngi s dng thng p dng cc phng php chin lc khc nhau cho vic qun ly mng v thit b ca mnh. Mi nh cung cp thit b thng a ra gii php qun ly mng ring cho sn phm ca mnh. Trong bi cnh hi t mng hin nay, s lng thit b v dch v rt a dng v phc tp to ra cc thch thc ln trong vn qun ly mng. Nhim v ca qun ly mng rt r rng v mt nguyn tc chung, nhng cc bi ton qun ly c th li c phc tp rt ln. iu ny xut pht t tnh a dng ca cc h thng thit b v cc c tnh qun ly ca cc loi thit b, v xa hn na l chin lc qun ly phi ph hp vi kin trc mng v p ng yu cu ca ngi s dng. Mt lot cc thit b in hnh cn c qun ly gm: My tnh c nhn, my trm, server, my vi tnh c nh, my vi tnh c ln, cc thit b u cui, thit b o kim, my in thoi, tng i in thoi ni b, cc thit b truyn hnh, my quay, modem, b ghp knh, b chuyn i giao thc, CSU/DSU, b ghp knh thng k, b ghp v gii gi, thit b tng thch ISDN, card NIC, cc b m ho v gii m tn hiu, thit b nn d liu, cc gateway, cc b x l front-end, cc ng trung k, DSC/DAC, cc b lp, b ti to tn hiu, cc thit b chuyn mch, cc bridge, router v switch, tt c mi ch l mt phn ca danh sch cc thit b s phi c qun ly. Ton cnh ca bc tranh qun ly phi bao gm qun ly cc ti nguyn mng cng nh cc ti nguyn dch v, ngi s dng, cc ng dng h thng, cc c s d liu khc nhau trong cc loi mi trng ng dng. V mt k thut, tt c thng tin trn c thu thp, trao i v c kt hp vi hot ng qun ly mng di dng cc s liu qun ly bi cc k thut tng t nh cc k thut s dng trong mng truyn s liu. Tuy nhin s khc nhau cn bn gia truyn thng s liu v trao i thng tin MM03C-nhm 8 Trang 1

Giam sat h thng mang vi phn mm Colasoft Capsa qun ly l vic trao i thng tin qun ly i hi cc trng d liu chuyn bit, cc giao thc truyn thng cng nh cc m hnh thng tin chuyn bit, cc k nng chuyn bit c th thit k, vn hnh h thng qun ly cng nh bin dch cc thng tin qun ly v bo li, hin trng h thng, cu hnh v bo mt. 1.2. CAC YU CU QUAN LY H THNG MANG Cac c ch quan ly mang c nhin nhn t hai goc , goc mang chi ra h thng quan ly nm tai cac mc cao cua m hinh OSI va t phia ngi iu hanh quan ly h thng mang. Mc du ca rt nhiu quan im khac nhau v m hinh quan ly h thng nhng u thng nht bi ba chc nng quan ly c ban gm: giam sat, iu khin va a ra bao cao ti ngi iu hanh. + Chc nng gim st c nhim v thu thp lin tc cc thng tin v trng thi ca cc ti nguyn c qun ly sau chuyn cc thng tin ny di dng cc s kin v a ra cc cnh bo khi cc tham s ca ti nguyn mng c qun ly vt qu ngng cho php. + Chc nng qun ly c nhim v thc hin cc yu cu ca ngi qun ly hoc cc ng dng qun ly nhm thay i trng thi hay cu hnh ca mt ti nguyn c qun ly no . + Chc nng a ra bo co c nhim v chuyn i v hin th cc bo co di dng m ngi qun l c th c, nh gi hoc tm kim, tra cu thng tin c bo co. Di gc ca ngi iu hnh qun ly mng, mt s yu cu c bn thng c t ra gm: + Kh nng gim st v iu khin mng cng nh cc thnh phn ca h thng thit b t u cui n u cui. + C th truy nhp v cu hnh li t xa cc ti nguyn c qun ly. + D dng trong vic ci t, vn hnh v bo dng h thng qun ly cng nh cc ng dng ca n. + Bo mt hot ng qun ly v truy nhp ca ngi s dng, bo mt truyn thng cc thng tin qun ly. + C kh nng a ra cc bo co y v r ngha v cc thng tin qun ly. MM03C-nhm 8 Trang 2

Giam sat h thng mang vi phn mm Colasoft Capsa + Qun ly theo thi gian thc v hot ng qun ly hng ngy c thc hin mt cch t ng. + Mm do trong vic nng cp h thng v c kh nng tng thch vi nhiu cng ngh khc nhau. + C kh nng lu tr v khi phc cc thng tin qun ly. 1.3. KIN TRUC QUAN LY MANG 1.3.1. Kin truc quan ly mang Qun ly mng gm mt tp cc chc nng iu khin, lp k hoch, lin kt, trin khai v gim st ti nguyn mng. Qun ly mng c th c nhn nhn nh mt cu trc gm nhiu lp: + Qun ly kinh doanh: Qun ly kha cnh kinh doanh ca mng v d nh: ngn sch/ ti nguyn, k hoch v cc tha thun. + Qun ly dch v: Qun ly cc dch v cung cp cho ngi s dng, v d cc dch v cung cp bao gm vic qun ly bng thng truy nhp, lu tr d liu v cc ng dng cung cp. + Qun ly mng: Qun ly ton b thit b mng trong mng. + Qun ly phn t: Qun ly mt tp hp thit b mng, v d cc b nh tuyn truy nhp hoc cc h thng qun ly thu bao. + Qun ly phn t mng: Qun ly tng thit b n trong mng, v d b nh tuyn, chuyn mch, Hub. Qun ly mng c th chia thnh hai chc nng c s: truyn ti thng tin qun ly qua h thng v qun ly cc phn t thng tin qun ly mng. Cc chc nng ny gm cc nhim v khc nhau nh: Gim st, cu hnh, sa li v lp k hoch c thc hin bi nh qun tr hoc nhn vin qun ly mng. 1.3.2. C ch quan ly mang C ch qun ly mng bao gm c cc giao thc qun ly mng, cc giao thc qun ly mng cung cp cc c ch thu thp, thay i v truyn cc d liu qun ly mng qua mng. Cc c ch gim st nhm xc nh cc c tnh ca thit b mng, tin trnh gim st bao gm thu thp c v lu tr cc tp con ca d liu . D liu thng MM03C-nhm 8 Trang 3

Giam sat h thng mang vi phn mm Colasoft Capsa c thu thp thng qua polling hoc tin trnh gim st gm cc giao thc qun lymng. X l d liu sau qu trnh thu thp thng tin qun ly mng l bc loi b bt cc thng tin d liu khng cn thit i vi tng nhim v qun ly. S th hin cc thng tin qun ly cho ngi qun ly cho php ngi qun ly nm bt hiu qu nht cc tnh nng v c tnh mng cn qun ly. Mt s k thut biu din d liu thng c s dng di dng k t, th hoc lu (tnh hoc ng). Ti thi im x l thng tin d liu, rt nhiu cc thng tin cha kp x l c lu tr ti cc vng nh lu tr khc nhau. Cc c ch d phng v cp nht lu tr lun c xc nh trc trong cc c ch qun ly mng nhm trnh ti a tn tht d liu. Cc phn tch thi gian thc lun yu cu thi gian hi p ti cc thit b qun ly trong khong thi gian ngn. y l iu kin nh i gia s lng c tnh v thit b mng vi lng ti nguyn (kh nng tnh ton, s lng thit b tnh ton, b nh, lu tr) cn thit h tr cc phn tch. Thc hin nhim v cu hnh chnh l ci t cc tham s trong mt thit b mng iu hnh v iu khin cc phn t. Cc c ch cu hnh bao gm truy nhp trc tip ti cc thit b, truy nhp t xa v ly cc file cu hnh t cc thit b . D liu cu hnh c thng qua cc cch sau: + Cc cu lnh SET ca SNMP + Truy nhp qua telnet v giao din dng lnh + Truy nhp qua HTTP + Truy nhp qua kin trc CORBA + S dng FTP/TFTP ly file cu hnh 1.4. TNG QUAN V GIAO THC SNMP 1.4.1. Cac bai toan giam sat cac thit bi va ng dung trong h thng mang d hiu v giao thc SNMP, pham vi an xin ra 3 bai toan thuc dang ph bin trong cac ng dung cua SNMP. Bai toan th 1: Giam sat tai nguyn may chu. + Gi s chung ta c hng ngn my ch chy cc h iu hnh (HH) khc nhau. Lm th no c th gim st ti nguyn ca tt c my ch hng gi, kp thi MM03C-nhm 8 Trang 4

Giam sat h thng mang vi phn mm Colasoft Capsa pht hin cc my ch sp b qu ti. Gim st ti nguyn my ch ngha l theo di t l chim dng CPU, dung lng cn li ca cng, t l s dng b nh RAM, . + Chung ta khng th kt ni vo tng my xem v s lng my nhiu v v cc HH khc nhau c cch thc kim tra khc nhau. + gii quyt vn ny ngi quan tri h thng c th dng mt ng dng SNMP gim st c my ch, n s ly c thng tin t nhiu HH khc nhau. Bi ton th 2: Gim st lu lng trn cc port ca switch, router. + H thng mang c hng ngn thit b mng ca nhiu hng khc nhau, mi thit b c nhiu port. Lm th no gim st lu lng ang truyn qua tt c cc port ca cc thit b sut 24/24, kp thi pht hin cc port sp qu ti ? + Chung ta cng khng th kt ni vo tng thit b g lnh ly thng tin v thit b ca cc hng khc nhau c lnh khc nhau. + gii quyt vn ny ngi quan tri c th dng mt ng dng SNMP gim st lu lng, n s ly c thng tin lu lng ang truyn qua cc thit b ca nhiu hng khc nhau. Bi ton th ba : H thng t ng cnh bo s c tc thi + H thng c hng ngn thit b mng v chng c th gp nhiu vn trong qu trnh hot ng nh: mt port no b mt tn hiu (port down), c ai c kt ni (login) vo thit b nhng nhp sai username v password, thit b va mi b khi ng li (restart), . Lm th no ngi qun tr bit c s kin khi n va mi xy ra. + gii quyt bi ton ny ngi quan tri c th dng ng dng thu thp s kin (event) v cnh bo (warning) bng SNMP, n s nhn cnh bo t tt c cc thit b v hin n ln mn hnh hoc gi email cho ngi quan tri. 1.4.2. Hai phng thc gim st Poll v Alert Hai phng thc gim st Poll v Alert, y l 2 phng thc c bn ca cc k thut gim st h thng, nhiu phn mm v giao thc c xy dng da trn 2 phng thc ny, trong c SNMP. Vic hiu r hot ng ca Poll & Alert v u nhc im ca chng s gip chung ta d dng tm hiu nguyn tc hot ng ca cc giao thc hay phn mm gim st khc. MM03C-nhm 8 Trang 5

Giam sat h thng mang vi phn mm Colasoft Capsa 1.4.2.1. Phng thc Poll Nguyn tc hot ng: Trung tm gim st (manager) s thng xuyn hi thng tin ca thit b cn gim st (device). Nu Manager khng hi th Device khng tr li, nu Manager hi th Device phi tr li. Bng cch hi thng xuyn, Manager s lun cp nht c thng tin mi nht t Device.

Hinh 1.1 - Hinh minh hoa c ch Poll 1.4.2.2. Phng thc Alert Nguyn tc hot ng : Mi khi trong Device xy ra mt s kin (event) no th Device s t ng gi thng bo cho Manager, gi l Alert. Manager khng hi thng tin nh k t Device. Device ch gi nhng thng bo mang tnh s kin ch khng gi nhng thng tin thng xuyn thay i, n cng s khng gi Alert nu chng c s kin g xy ra. Chng hn khi mt port down/up th Device s gi cnh bo, cn tng s byte truyn qua port s khng c Device gi i v l thng tin thng xuyn thay i. Mun ly nhng thng tin thng xuyn thay i th Manager phi ch ng i hi Device, tc l phi thc hin phng thc Poll.

HInh 1.2- Hinh minh hoa c ch Alert MM03C-nhm 8 Trang 6

Giam sat h thng mang vi phn mm Colasoft Capsa 1.4.2.3. So snh phng thc Poll v Alert Hai phng thc Poll v Alert l hon ton khc nhau v c ch. Mt ng dng gim st c th s dng Poll hoc Alert, hoc c hai, ty vo yu cu c th trong thc t. Bng sau so snh nhng im khc bit ca 2 phng thc : POLL ALERT C th ch ng ly nhng thng tin cn Tt c nhng event xy ra u c gi v thit t cc i tng mnh quan tm, Manager. Manager phi c c ch lc khng cn ly nhng thng tin khng cn nhng event cn thit, hoc Device phi thit t nhng ngun khng quan tm. thit lp c c ch ch gi nhng event cn thit. C th lp bng trng thi tt c cc thng Nu khng c event g xy ra th Manager tin ca Device sau khi poll qua mt lt khng bit c trng thi ca Device. cc thng tin . Trong trng hp ng truyn gia Khi ng truyn gin on v Device c Manager v Device xy ra gin on v s thay i th n vn gi Alert cho Device c s thay i, th Manager s Manager, nhng Alert ny s khng th khng th cp nht. Tuy nhin khi ng n c Manager. Sau mc d ng truyn thng sut tr li th Manager s truyn c thng sut tr li th Manager cp nht c thng tin mi nht do n vn khng th bit c nhng g xy lun lun poll nh k. ra. Ch cn ci t ti Manager tr n tt Phi ci t ti tng Device tr n c cc Device. C th d dng thay i Manager. Khi thay i Manager th phi mt Manager khc. ci t li trn tt c Device tr v Manager mi. Nu tn sut poll thp, thi gian ch gia Ngay khi c s kin xy ra th Device s 2 chu k poll (polling interval) di s lm gi Alert n Manager, do Manager Manager chm cp nht cc thay i ca lun lun c thng tin mi nht tc thi. Device. Ngha l nu thng tin Device thay i nhng vn cha n lt poll k tip th Manager vn gi nhng thng tin c. C th b st cc s kin : khi Device c Manager s c thng bo mi khi c s MM03C-nhm 8 Trang 7

Giam sat h thng mang vi phn mm Colasoft Capsa thay i, sau thay i tr li nh ban kin xy ra Device, do Manager u trc khi n lt poll k tip th khng b st bt k s kin no. Manager s khng pht hin c. 1.4.3. Gii thiu giao thc SNMP SNMP l giao thc qun l mng n gin, nh vy th no l giao thc qun l mng n gin. Giao thc l mt tp hp cc th tc m cc bn tham gia cn tun theo c th giao tip c vi nhau. Trong lnh vc thng tin, mt giao thc quy nh cu trc, nh dng (format) ca dng d liu trao i vi nhau v quy nh trnh t, th tc trao i dng d liu . Nu mt bn tham gia gi d liu khng ng nh dng hoc khng theo trnh t th cc bn khc s khng hiu hoc t chi trao i thng tin. SNMP l mt giao thc, do n c nhng quy nh ring m cc thnh phn trong mng phi tun theo. Mt thit b hiu c v hot ng tun theo giao thc SNMP c gi l c h tr SNMP (SNMP supported) hoc tng thch SNMP (SNMP compartible). SNMP dng qun l, ngha l c th theo di, c th ly thng tin, c th c thng bo, v c th tc ng h thng hot ng nh mun. VD mt s kh nng ca phn mm SNMP : + Theo di tc ng truyn ca mt router, bit c tng s byte truyn/nhn. + Ly thng tin my ch ang c bao nhiu cng, mi cng cn trng bao nhiu. + T ng nhn cnh bo khi switch c mt port b down. + iu khin tt (shutdown) cc port trn switch. SNMP dng qun l mng, ngha l n c thit k chy trn nn TCP/IP v qun l cc thit b c ni mng TCP/IP. Cc thit b mng khng nht thit phi l my tnh m c th l switch, router, firewall, adsl gateway, v c mt s phn mm cho php qun tr bng SNMP. SNMP l giao thc n gin, do n c thit k n gin trong cu trc bn tin v th tc hot ng, v cn n gin trong bo mt (ngoi tr SNMP version 3). S MM03C-nhm 8 Trang 8

Giam sat h thng mang vi phn mm Colasoft Capsa dng phn mm SNMP, ngi qun tr mng c th qun l, gim st tp trung t xa ton mng ca mnh. u im cua thit k SNMP SNMP c thit k n gin ha qu trnh qun l cc thnh phn trong mng. Nh cc phn mm SNMP c th c pht trin nhanh v tn t chi ph (trong chng 5 tc gi s trnh by cch xy dng phn mm gim st SNMP, bn s thy tnh n gin ca n). SNMP c thit k c th m rng cc chc nng qun l, gim st. Khng c gii hn rng SNMP c th qun l c ci g. Khi c mt thit b mi vi cc thuc tnh, tnh nng mi th ngi ta c th thit k custom SNMP phc v cho ring mnh (trong chng 3 tc gi s trnh by file cu trc d liu ca SNMP). SNMP c thit k c th hot ng c lp vi cc kin trc v c ch ca cc thit b h tr SNMP. Cc thit b khc nhau c hot ng khc nhau nhng p ng SNMP l ging nhau. Cac phin ban cua SNMP SNMP c 4 phin bn : SNMPv1, SNMPv2c, SNMPv2u v SNMPv3. Cc phin bn ny khc nhau mt cht nh dng bn tin v phng thc hot ng. Hin ti SNMPv1 l ph bin nht do c nhiu thit b tng thch nht v c nhiu phn mm h tr nht. Trong khi ch c mt s thit b v phn mm h tr SNMPv3. Do trong 3 chng u ca ti liu ny tc gi s trnh by cc vn theo chun SNMPv1. Cc phin bn cua SNMP se c trinh bay ky trong phn sau. 1.4.4. Cac thanh phn chinh cua giao thc SNMP Trong SNMP co 3 vn cn quan tm: Manager, Agent va MIB (Management Information Base). MIB la c s d liu dung phuc vu cho Management va Agent. Management la mt server co chay cac chng trinh co th thc hin mt s chc nng quan ly mang. Management co th xem nh la NMS (Network Manager Stations). NMS co kha nng thm do va thu thp cac canh bao t cac Agent trong mang. Cac canh bao cua Agent la cach ma Agent bao vi NMS khi co s c xay ra . Canh bao cua Agent c gi mt cach khng ng b, khng nm trong vic tra li truy vn cua

MM03C-nhm 8

Trang 9

Giam sat h thng mang vi phn mm Colasoft Capsa NMS. MNS da trn n cac thng tin tra li cua Agent co cac phng an giup mang hoat ng hiu qua hn . Agent la mt phn trong cac chng trinh chay trn cac thit bi mang cn quan ly. No co th la mt chng trinh c lp, hoc c tich hp vao h iu hanh nh IOS cua Cisco trn Router. Ngay nay, a s cac thit bi mang hoat ng ti lp IP c cai t SNMP agent. Cac nha san xut ngay cang mun phat trin cac agent trong cac san phm cua ho, cng vic cua ngi quan tri h thng mang n gian hn. Cac Agent cung cp thng tin cho NMS bng cach lu tr bng cach lu tr cac hoat ng khac nhau cua thit bi. MIB: Khng co s han ch nao khi NMS gi mt truy vn ng thi Agent gi mt canh bao. MIB co th xem nh la mt c s d liu cua cac i tng quan ly ma Agent lu tr c. Bt ky thng tin nao ma NMS co th truy cp c u c inh nghia trong MIB . Mt Agent co th co nhiu MIB nhng tt ca cac Agent u co mt loai MIB goi la MIB-II c inh nghia trong RFC 1213. MIB-I la ban gc cua MIB nhng it dung khi MIB-II c a ra . Bt ky thit bi nao h tr SNMP u phai h tr MIB-II. MIB-II inh nghia cac tham s nh tinh trang interface (tc cua interface, MTU, cac octet gi, cac octet nhn,) hoc cac tham s gng lin vi h thng (inh vi h thng, thng tin lin lac vi h thng,). Muc ich chinh cua MIB II la cung cp cac thng tin quan ly theo TCI/IP. Co nhiu kiu MIB giup quan ly cho cac muc ich khac nhau: + ATM MIB (RFC 2515) + Frame Relay DTE Interface Type MIB (RFC 2115) + BGP Version 4 MIB (RFC 1657) + RDBMS MIB (RFC 1697) + RADIUS Authentication Server MIB (RFC 2619) + Mail Monitoring MIB (RFC 2249) + DNS Server MIB (RFC 1611) Nhng nha san xut cung nh ngi s dung co th inh nghia cac bin MIB ring cho ho trong tng tinh hung quan ly cua ho.

MM03C-nhm 8

Trang 10

Giam sat h thng mang vi phn mm Colasoft Capsa 1.4.4.1. Cac thc th cua h thng quan ly mang Ban u, h thng quan ly mang c xy dng da trn m hinh kha n gian. Quan ly c inh nghia la s tng tac qua lai gia hai thc th: thc th quan ly va thc th bi quan ly. Thc th quan ly c trng bi h thng quan ly, nn tang quan ly (flatform) va ng dung quan ly.

Thc th quan ly

Thc th bi quan ly

Hinh 1.3-M hinh nn tan quan ly

Agent cung co th la Agent quan ly hoc Agent bi quan ly. Manager chinh la thc th quan ly, trong khi o Agent lam thc th n di s tng tac gia Manager va cac ngun tai nguyn bi quan ly thc s. M hinh Manager Agent rt thn dung, dung m ta thc th quan ly va thc th bi quan ly lp cao. y cung chinh la ly do ma cac m hinh c tao ra t nhin cho muc ich quan ly u gn vi m hinh Manager Agent. Tuy nhin trong thc t m hinh nay phc tap hn nhiu. Co mt s m hinh khac cung dung cho vic trao i thng tin quan ly nh m hinh Client Server hay m hinh Application Object server. Nhng m hinh nay, v ban cht dung xy dng cac ng dung phn b hoc cac mi trng i tng phn b.
Ngi iu hanh mang Manager Agent

Cac chinh sach quan ly va chi dn vn hanh

Hinh 1.4 - M hinh quan ly Manager Agent thc th

1.4.4.2. Quan im quan ly Manager Agent thc th Cac quan im v quan ly cho rng chc nng quan trong nht trong quan ly la quan h gia thc th quan ly va thc th bi quan ly. iu nay da trn m hinh phan MM03C-nhm 8 Trang 11

Giam sat h thng mang vi phn mm Colasoft Capsa hi. Manager se yu cu t Agent cac thng tin quan ly c trng va thc th bi quan ly , thng qua Agent, se c quan ly lai bng thng tin cha y u cac yu cu. Nu thng tin yu cu phan hi c s dung lin tuc tim kim mi Agent va cac i tng bi quan ly tng ng thi c ch nay goi la polling va ln u tin c ng dung quan ly trong mi trng internet da trn giao thc quan ly mang n gian SNMP.

Quan ly mang NG DUNG NG DUNG (Network Management station) PHN MM QUAN LY


- oc va thay i cu hinh - oc va thay i trang thai - oc hiu sut hoc thng tin v thng k li AGENT - D liu cu hinh - Cac thng s trang thai - Cac thng s thng k - ap ng cac yu cu - Bao cao cac vn nghim trong hoc cac s kin nghim trong xay ra

Hinh 1.5 - M hinh quan ly

1.5. KHAI NIM GIAO THC SNMP SNMP gm hai i tng chinh: ngi quan ly va ngi phuc vu (Agent). Agent bao gm ca mt phn cua phn mm trong may. SNMP Agent tn tai tt ca cac phn cua thit bi , tuy nhin thit lp Agent khng cho phep lam bt c gi cho n khi hoi ngi quan ly. y la mt chng trinh ring le, ngi quan tri chay chinh may cua minh hoi nhng cu hoi n may Agent thu thp thng tin. Thit lp thng tin c goi la MIB (Management Information Base) c s quan ly thng tin. Hu ht mi Agent u co nhng MIB nho cho phep ngi quan tri xem nhng goi tin nhp xut cua h thng. Ngoai MIB c ban nay, mi Agent h tr nhng MIB khac nhau cha ng thng tin v muc ich c bit cua no. Mt giao tip (community) SNMP la mi quan h logic gia ngi phuc vu SNMP va mt hoc nhiu ngi quan ly. Mt community gm co tn va tt tt ca nhng MM03C-nhm 8 Trang 12

Giam sat h thng mang vi phn mm Colasoft Capsa thanh vin trong community co cung mt quyn truy cp nh nhau. Thao tac TRAP gi nhng thng tin n tram quan ly ( Management Station) khi mt i tng c thay i (cho thy rng vic thay i quan trong n vic phai gi nhng thng bao) Mc inh chui community cung cp kim tra hay oc nhng kha nng thi thng xuyn c bit n mc inh s iu khin hay vit nhng chui community thi thng xuyn c giu kin. SNMP khai thac nhng thun li cua nhng chui community mc inh cho phep ngi tn cng thu thp thng tin v nhng thit bi s dung nhng chu community chung, hay ngi tn cng co th thay i cu hinh h thng s dung nhng chui community kin ao. 1.6. CU TRUC VA C IM CUA THNG TIN QUAN LY (SMI) SMI (Structure Management Information) inh nghia mt c cu t chc chung cho thng tin quan ly. SMI nhn dang cac kiu d liu trong MIB va chi ro cach thc miu ta va t tn cac tai nguyn trong MIB. SIM duy tri tinh n gian va kha nng m rng trong MIB, vi th MIB chi lu tr nhng loai d liu n gian. SMI khng cung cp cach tao hoc truy xut cac cu truc d liu phc tap. Cac MIB se cha cac loai d liu do nha cung cp tao ra. cung cp phng thc tiu chun biu din thng tin quan tri SMI cn nhng cng vic sau: + Cung cp ki thut tiu chun inh nghia cu truc MIB c bit.l + Cung cp ki thut tiu chun inh nghia cac i tng n le, bao gm cu phap va gia tri mi i tng . + Cung cp ki thut tiu chun ma hoa cac gia tri i tng. S m ta cac i tng quan ly c SMI thc hin thng qua ngn ng ASN. 1 Vic inh nghia i tng gm 5 trng: + Object: Tn i tng + Systax: Cu phap cho loai i tng. + Definition : Cac inh nghia + Truy cp (Access): Co th la chi oc, oc ghi, khng th truy cp. + Trang thai (Status): Co th cng ch, tuy chon hay khng con hiu lc

MM03C-nhm 8

Trang 13

Giam sat h thng mang vi phn mm Colasoft Capsa 1.7. SNMPv2 SNMPv2 tch hp kh nng lin iu hnh t manager ti manager v hai n v d liu giao thc mi. Kh nng lin kt iu hnh manager-manager cho php SNMP h tr qun l mng phn tn trong mt trm v gi bo co ti mt trm khc. h tr tng tc tt nht, SNMPv2 thm cc nhm cnh bo v s kin vo trong c s thng tin qun l MIB. Nhm cnh bo cho php t ngng thit lp cho cc bn tin cnh bo. Nhm s kin c a ra khi thng tin Trap xc nh cc gi tr phn t MIB. Hai n v d liu giao thc PDU (Protocol Data Unit) l GetbulkRequest v InformRequest. Cc PDU ny lin quan ti x l li v kh nng m ca SNMPv2. X l li trong SNMPv2 i km vi cc i tng yu cu cho php trm qun l lp trnh t cc phng php khi phc hoc dng truyn bn tin. Kh nng m trong SNMPv2 s dng b m 64 bit (hoc 32) duy tr trng thi ca cc lin kt v giao din.

Hinh 1.6 - Cu trc dng bn tin SNMPv2

1.7.1. Cu trc bn tin SNMPv2 Cc bn tin trao i trong SNMPv2 cha cc n v d liu giao thc PDU. Hnh trn m t cu trc chung cc bn tin ny. + Trng phin bn (Version) th hin phin bn ca giao thc SNMPv2. + Trng Community l mt chui password xc nhn cho c tin trnh ly v thay i d liu. SNMP PDU cha kiu iu hnh (get, set), yu cu p ng (cng s th t vi bn tin gi i) - cho php ngi iu hnh gi ng thi nhiu bn tin. Bin ghp gm cc thit b c c t trong RFC 2358 v cha c gi tr t ti i tng.

MM03C-nhm 8

Trang 14

Giam sat h thng mang vi phn mm Colasoft Capsa Trng n v d liu giao thc (PDU) gm c cc trng con: Kiu n v d liu giao thc, nhn dng cc yu cu (Request ID), trng thi li, ch s li, cc gia tri va i tng. Cc kiu n v d liu giao thc PDU th hin cc bn tin s dng trong SNMPv2 gm c: GetRequest,GetNextRequest, SetRequest, GetResponse, Trap, GetBulkReques, InformRequest . 1.7.2. C s thng tin qun l MIB trong SNMPv2 IB trong SNMPv2 nh ngha cc i tng m t tc ng ca mt phn t NMPv2. MIB ny gm 3 nhm: + Nhm h thng (System group): l mt m rng ca nhm system trong MIBII gc, bao gm mt nhm cc i tng cho php mt Agent SNMPv2 m t cc i tng ti nguyn ca n. Cc i tng mi trong phn m rng c tn bt u bng sysOR, chng lin quan n ti nguyn h thng v c s dng bi mt Agent SNMPv2 m t cc i tng ti nguyn m vic iu khin chng tu thuc vo cu hnh ng bi mt b phn qun l. + Nhm SNMP (SNMP group): mt ci tin ca nhm SNMP trong MIB-II gc, bao gm cc i tng cung cp cc cng c c bn cho hot ng giao thc. N c thm mt s i tng mi v loi b mt s i tng ban u. Nhm SNMP cha mt vi thng tin lu lng c bn lin quan n ton t SNMPv2 v ch c mt trong cc i tng l b m ch c 32-bit. + Nhm cc i tng MIB (MIB objects group): mt tp hp cc i tng lin quan n cc SNMPv2-Trap PDU v cho php mt vi phn t SNMPv2 cng hot ng, thc hin nh trm qun tr, phi hp vic s dng ca chng trong ton t Set ca SNMPv2. Phn u ca nhm ny l mt nhm con, snmpTrap, bao gm hai i tng lin quan n Trap: + snmpTrapOID: l nhn dng i tng ca Trap hoc thng bo c gi hin thi. Gi tr ca i tng ny xut hin nh mt varbind (variable binding) th hai trong mi SNMPv2-Trap PDU v InformRequest PDU.

MM03C-nhm 8

Trang 15

Giam sat h thng mang vi phn mm Colasoft Capsa + snmpTrapEnterprise: l nhn dng i tng ca t chc lin quan n Trap c gi hin thi. Khi mt Agent u quyn SNMPv2 nh x mt Trap PDU sang mt SNMPv2-Trap PDU, bin ny xut hin nh mt varbind cui cng. Phn th hai ca nhm ny l mt nhm con, snmpSet, bao gm mt i tng n snmpSerialNo. i tng ny c s dng gii quyt hai vn c th xut hin khi s dng ton t Set: Th nht l mt qun tr c th s dng nhiu ton t Set trn cng mt i tng MIB. Cc ton t ny cn thc hin theo mt trt t c a ra thm ch khi chng c truyn khng theo th t. Th hai l vic s dng ng thi cc ton t Set trn cng mt i tng MIB bi nhiu manager c th gy ra mt s mu thun hoc lm cho c s d liu b sai. i tng snmpSet c s dng theo cch sau: Khi mt manager mun t mt hay nhiu gi tr i tng trong mt Agent, u tin n nhn gi tr ca i tng snmpSet. Sau n gi SetRequest PDU c danh sch bin lin kt bao gm c i tng snmpSet vi gi tr nhn c ca n. Nu nhiu manager gi cc setRequestPDU s dng cng mt gi tr ca snmpSet, bn tin n Agent trc s c thc hin (gi s khng c li), kt qu l lm tng snmpSet; cc ton t set cn li s b li v khng ph hp vi gi tr snmpSet. Hn na, nu mt manager mun gi mt chui cc ton t set v m bo rng chng c thc hin theo mt trt t nht nh th i tng snmpSet phi c gp vo trong mi ton t.

MM03C-nhm 8

Trang 16

Giam sat h thng mang vi phn mm Colasoft Capsa 1.7.3. Nguyn tc hoat ng cua SNMP 1.7.3.1. Truyn mt bn tin SNMPv2

Hinh 1.7-Gi v nhn bn tin trong SNMPv2

Qui tc gi v nhn bn tin ca Manager v Agent c th hin trong bng sau:


SNMPv2 PDU GetRequest GetRequest Response SetRequest GetBulkRequest InformRequest SNMPv2-Trap Agent Generate Agent Receive Manager Generate Manager Receive

X X X X X X

X X X X X X

X X X

Mt phn t SNMPv2 thc hin cc hnh ng sau truyn mt PDU cho mt phn t SNMPv2 khc: + S dng ASN.1 m t mt PDU. + PDU ny c chuyn sang dch v xc nhn cng vi cc a ch ngun v ch ca truyn thng v mt tn truyn thng. Dch v xc nhn sau thc hin nhng bin i bt k theo yu cu cho s trao i ny nh m ho hoc thm m xc nhn v tr li kt qu. MM03C-nhm 8 Trang 17

Giam sat h thng mang vi phn mm Colasoft Capsa + Phn t giao thc sau to ra bn tin gm trng s hiu phin bn, tn truyn thng vo kt qu ca bc trn. + i tng ASN. 1 mi ny sau c m ho s dng BER v gi n dch v vn chuyn. 1.7.3.2. Nhn mt bn tin SNMPv2 Mt phn t SNMPv2 thc hin cc hnh ng sau nhn mt bn tin SNMPv2: + Kim tra c php c bn ca bn tin v loi b bn tin nu c php sai. + Kim tra s hiu phin bn v loi b bn tin nu khng tng hp. + Phn t giao thc sau chuyn trn ngi s dng, phn PDU ca bn tin v cc a ch ngun v ch ca bn tin ti dch v xc nhn. Nu xc nhn b sai, dch v xc nhn bn tin cho phn t giao thc SNMPv2 ni to ra Trap v loi b bn tin. Nu xc nhn hon thnh dch v xc nhn tr li mt PDU theo dng ca mt i tng ASN.1. + Phn t giao thc thc hin kim tra c php c bn ca bn tin v loi b bn tin nu c php sai. Ngc li dng truyn thng theo tn, chnh sch truy cp SNMPv2 tng ng s c chn v tip n l x l PDU. 1.7.3.3. Cc trng thi thch ng cho SNMPv2 Mc ch ca cc trng thi thch ng l nh ngha mt thng bo dng ch r gii hn thp nht c th chp nhn khi thc hin mc thng thng. C 4 macro c nh ngha: - Macro OBJECT-GROUP: Macro ny dng ch r mt nhm i tng c qun l c lin quan v l n v c bn ca tnh thch ng. N cung cp mt phng thc cho mt nh sn xut m t tnh thch ng v cp ca n bng cch ch ra nhng nhm no c b sung. Macro OBJECTGROUP gm 4 mnh chnh sau: Mnh OBJECTS: lit k cc i tng trong nhm c gi tr mnh MAX-ACCESS l accessible-for-Notify, read-Only, read-write hoc readcreate. Mnh STATUS: ch ra nh ngha ny l hin thi hay qua. Mnh DESCRIPTION: cha mt nh ngha nguyn bn ca nhm cng vi mt m t ca bt k quan h no vi nhm khc.

MM03C-nhm 8

Trang 18

Giam sat h thng mang vi phn mm Colasoft Capsa Mnh REFERENCE: dng gp tham chiu qua li vo mt nhm c nh ngha trong mt vi khi thng tin khc. - Macro NOTIFICATION-GROUP: c dng nh ngha mt tp hp cc thng bo cho cc mc ch thch ng, gm cc mnh chnh sau: Mnh NOTIFICATIONS: Lit k mi thng bo cha trong nhm thch ng. Cc mnh STATUS, DESCRIPTION v REFERENCE: c ngha tng t nh trong macro OBJECTS-GROUP - Macro MODULE-COMPLIANCE: Ch ra mt tp nh nht ca cc yu cu lin quan n vic thm mt hay nhiu khi MIB. Cc mnh STATUS, DESCRIPTION, v REFERENCE c ngha tng t nh trong cc macro OBJECTSGROUP v NONTIFICATION-GROUP. - Macro AGENT-CAPABILITIES: Dng cung cp thng tin v cc kh nng c trong mt phn t giao thc Agent SNMPv2. N c s dng m t mc h tr c bit m mt Agent yu cu, lin quan n mt nhm MIB. V bn cht, cc kh nng th hin nhng ci tin hoc bin i nht nh lin quan n cc macro OBJECTTYPE trong cc khi MIB. 1.8. SNMPv3 Nh a trinh bay cac phn trn, ban thn SNMPv2 a co phn bao am bao mt c thm vao. Tuy nhin phn nay cha c tao s ng thun cua ngi s dung do tinh tin li va bao mt cua no. sa cha nhng thiu hut cua no,SNMPv3 c gii thiu nh mt chun nghi cho nhng linh vc quan tri mang va c trinh bay chi tit ln u tin vao nm 1998 vi cac tai liu RFC2271-RFC2275. Chun nay a ra nhm hoan thin hn vn quan tri va bao mt. Muc ich chinh cua SNMPv3 la h tr kin truc theo kiu module co th d dang m rng. Theo cach nay, nu cac giao thc bao mt mi c m rng chung co th c h tr SNMPv3 bng cach inh nghia nh la cac module ring. C s thng tin quan tri va cac dang thng tin s dung trong SNMPv3 cung hoan toan tng t trong SNMPv3.

MM03C-nhm 8

Trang 19

Giam sat h thng mang vi phn mm Colasoft Capsa 1.8.1. Cac c im mi cua SNMP v3 SNMPv3 da trn vic thc hin giao thc, loai d liu va uy quyn nh SNMPv2 va cai tin phn an toan. SNMPv3 cung cp an toan truy cp cac thit bi bng cach kt hp s xac nhn va ma hoa goi tin trn mang. Nhng c im bao mt cung cp trong SNMPv3 + Tinh toan ven thng bao: am bao cac goi tin khng bi sa trong khi truyn . + S xac nhn: xac nhn ngun cua thng bao gi n. + Ma hoa: ao ni dung cua goi ngn can vic gi thng bao t ngun khng c xac nhn. SNMPv3 cung cp m hinh an toan va cac mc an toan. M hinh an toan la thc hin vic xac nhn c thit lp cho ngi s dung va nhom cac ngi s dung hin co . Mc an toan la mc bao am an toan trong m hinh an toan . S kt hp cua m hinh an toan va mc an toan se xac inh c ch an toan khi gi mt goi tin. Tuy nhin vic s dung SNMPv3 rt phc tap va cng knh. Tuy nhin y la s la chon tt nht cho vn bao mt cua mang. Nhng vic s dung se tn rt nhiu tai nguyn do trong mi ban tin truyn i se co phn ma hoa BER. No se chim mt phn bng thng ng truyn do o lam tng phi tn mang. Mc du c coi la phin ban nghi cui cung va c coi la y u nht nhng SNMPv3 vn chi la tiu chun d thao va vn ang c nghin cu hoan thin. 1.8.2. H tr bao mt va xac thc trong SNMPv3 Mt trong nhng mc tiu chnh nu khng coi l mt mc ch chnh chnh khi pht trin SNMPv3 l thm c tnh bo mt cho qun l SNMP. Xc thc v bo v thng tin, cng nh xc thc v iu khin truy cp, c nu r trn. Cu trc SNMPv3 cho php s dng linh hot bt c mt giao thc no cho xc thc v bo v thng tin. D sao, nhm IETF SNMPv3 a ra m hnh bo mt ngi dng. Chng ta s tm hiu thm v cc kha cnh chung v bo mt kt hp vi cc kiu ca cc mi e do bo mt, m hnh bo mt, nh dng d liu bn tin iu tit cc tham s bo mt v s dng cng nh qun l ca cc kho trong phn ny. Cc mi e do bo mt. C 4 mi e do n thng tin qun l mng khi mt thc th qun l c truyn n thc th khc l: MM03C-nhm 8 Trang 20

Giam sat h thng mang vi phn mm Colasoft Capsa + Thng tin c th b thay i bi mt ngi dng khng c php no trong khi truyn. + Ngi dng khng c php c gng gi trang nh ngi dng c php. + Thng tin SNMP c chia lm nhiu gi nh truyn i theo nhiu hng v pha nhn phi sp xp li. V vy n c th b ngi no lm tr 1 gi tin, b gi li do mt ngi khng c php to ra ... lm thay i thng tin ca bn tin. + B ngn chn hoc b l bn tin. t nht c 2 mi e do trn thng xy ra vi kt ni d liu truyn thng, nhng vi m hnh bo mt ngi dng SNMP th n c coi l khng c mi e do. Th nht l t chi dch v, mt xc thc ngi dng s b t chi dch v bi thc th qun l. N khng b coi nh mi e do, khi mng li c th l l do ca s t chi, v mt giao thc s thc thi mc ch ny. Th hai l thng k lu lng bi mt ngi dng khng xc thc. Nhm IETF SNMv3 xc nh rng khng c thun li quan trng no t c bng cch chng li s tn cng ny. M hnh bo mt phn h bo mt. v d hnh 2.9 v kin trc thc th ca SNMPv3, chng ta thy rng bn tin gi i s c to bi mt ng dng v kim sot u tin bi b giao vn, sau bi m hnh x l bn tin, cui cng l m hnh bo mt. Nu bn tin cn c xc thc, m hnh bo mt s xc thc n v chuyn tip n m hnh x l bn tin. Tng t vi bn tin n, m hnh x l bn tin yu cu dch v ny ca m hnh bo mt xc thc ch s ngi dng. Hnh 2.14 ch ra cc dch v c cung cp bi 3 module module xc thc, module ring v module nh thi trong m hnh bo mt ti m hnh x l bn tin.

Hinh 1.8-M hinh bao mt

MM03C-nhm 8

Trang 21

Giam sat h thng mang vi phn mm Colasoft Capsa

M hnh bo mt trong SNMPv3 l m hnh bo mt ngi dng (User-base Security Model vit tt l USM). N phn nh khi nim tn ngi dng truyn thng. Nh chng ta nh ngha giao din dch v tru tng gia cc phn h khc nhau trong thc th SNMP, by gi chng ta s nh ngha giao din dch v tru tng trong USM. Cc nh ngha ny bao trm ln khi nim v giao din gia dch v ging USM v xc thc khng ph thuc v dch v ring. Hai primitive c kt hp vi mt dch v xc thc, mt to ra bn tin xc thc i, v mt kim tra bn tin xc thc n. Tng t, 2 primitive c kt hp vi cc dch v ring: encryptData m ho bn tin i v decryptData gii m bn tin n. Cc dch v c cung cp bi module xc thc v module ring trong phn h bo mt cho bn tin i v bn tin n. M hnh x l bn tin dn chng cho USM trong phn h bo mt. Da trn mc bo mt gn trn bn tin, USM ln lt c dn qua module xc thc v module ring. Kt qu c a tr li m hnh x l bn tin bi USM.

CHNG 2: GIAM SAT H THNG MANG VI PHN MM COLASOFT CAPSA


2.1. GII THIU CHUNG. Colasoft Capsa c thit k cho vic gii m gi tin v chun on h thng mng, gim st lu lng mng truyn qua mt h thng mng ni b, gip cc qun tr vin khc phc cc vn v h thng mng. Vi kh nng nm bt thi gian tht gi d liu v phn tch d liu chnh xc, Colasoft Capsa lm cho h thng mng trong sut , cho php ngi quan tri nhanh chng xc nh v tr nhng vn trong h thng mng v phat hin c cac mi nguy him tim n. MM03C-nhm 8 Trang 22

Giam sat h thng mang vi phn mm Colasoft Capsa Chung ta c th ci t Colasoft Capsa trn my tnh xch tay v phn tch, theo di v chun on bt k ni nao trong h thng mng ca vao bt c luc nao. tim ra v tr chnh xc v phn tch vn hiu qu, ngi quan tri c th s dng cac ng dung phn tich trong thi gian thc. Colasoft Capsa 7 vi giao din thn thin vi ngi , hin th cc s liu thng k phn tch n gin. Cac s liu thng k co t chc, vi cac biu giup cac quan tri vin rut ngn thi gian trong vic tim kim cac thng tin va chun oan cac vn trong h thng mang. Colasoft Capsa 7 nng cao trong h thng mng co lu lng truy cp ln. Khng c vn nao trong h thng mang 100M hoc 1000M, Colasoft Capsa cung cp cho chung ta gii php hiu qu v hon thnh tt nhim vu phn tch h thng mng. Vi s gip ca Colasoft Capsa, chung ta c th d dng thc hin cc nhim v sau y: Phn tich lu lng mang Giam sat mang truyn thng Chun oan cac vn lin quan n h thng mang Phn tich cac vn v bao mt mang Phn tich hiu sut hoat ng cua h thng mang Phn tich cac giao thc mang

Colasoft Capsa co th phn tch h thng mng ca lp thp nht n lp ng dng, n co th pht hin ra tt c nhng nhng vn lin quan n h thng mang cua chung ta. Colasoft Capsa co th kt hp vi cc cng c qun l mng khc, t o co th ti u h thng mang. 2.1.1. Cac phin ban cua Colasoft Capsa . Hin Colasoft Capsa co 3 phin ban phuc vu cho cac muc ich khac nhau nh sau: - Capsa Enterprise: y la sn phm ch lc ca Colasoft, co tt ca cac chc nng ca Capsa Enterprise v Capsa WiFi, phn tch cac u im tng cng an ninh cho h thng mang. N cung cp cho ngi dng nhng kh nng gim st, khc phc s c, v phn tch c hai mng c dy v khng dy va d dang va nhanh chong phat hin, c lp va giai quyt cac vn mang bng cch cung cp cc th sinh ng, MM03C-nhm 8 Trang 23

Giam sat h thng mang vi phn mm Colasoft Capsa thng k thng tin a dang v thi gian thc vi mt giao din c thit k thn thin vi ngi dung. Capsa Enterprise cho php qun tr vin xc nh, chn on, v gii quyt cc vn v mng v m bo ti nguyn mang ca h l an ton. - Capsa Professional: Capsa Professional cho php cac qun tr vin v cc chuyn
gia mng co mt tm nhn ton din cho ton b h thng mng Ethernet ca mnh. N thc hin vic gim st thi gian thc, x l s c v phn tch, cung cp cho ngi quan tri mt ci nhn bao quat v lu lng mang v hiu nng s dung trong toan mang.

- Capsa WiFi: y la san phm mi cua dong sn phm phn tich h thng mang Colasoft, cung cp cac tinh nng chuyn nghip theo doi lu lng trong h thng mang WLAN, nm bt v phn tch cho bt ky chun mang khng dy nao nh 802.11 a / b/g/n. 2.1.2. Yu cu h thng Yu cu ti thiu: + CPU P4 2.8GHz + 2 GB RAM + Internet Explorer 6.0 Yu cu khuyn nghi: + CPU Intel Core Duo 2.4GHz + 4 GB RAM hoc nhiu hn + Internet Explorer 6.0 hoc cao hn Cac h iu hanh h tr + Windows XP + Windows Server 2003 + Windows Vista + Windows 2008 + Windows 7

MM03C-nhm 8

Trang 24

Giam sat h thng mang vi phn mm Colasoft Capsa 2.1.3. Gii thiu giao din s dung Colasoft Capsa

Hinh 2.1 Giao din chon mang quan ly

Hinh 2.2 Giao din quan ly chinh 2.2. Cai t Colasoft Capsa 7 Colasoft Capsa 7 la mt san phm thng mai, do o chung ta cn phai ng ky mua san phm hoc s dung ban dung th hoc s dung ban Free se bi han ch mt s tinh nng. Tin hanh download phin ban mi nht cua Colasoft Capsa 7 tai ia chi: MM03C-nhm 8 Trang 25

Giam sat h thng mang vi phn mm Colasoft Capsa http://www.colasoft.com Sau khi download goi phn mm Colasoft Capsa 7 v, chung ta tin hanh cai t. Trong qua trinh cai t co mt s im ang chu y sau y:

Hinh 2.3 Giao din bt u cai t

Hinh 2.4 Giao din thng tin phin ban cai t

MM03C-nhm 8

Trang 26

Giam sat h thng mang vi phn mm Colasoft Capsa

Hinh 2.5- Qua trinh cai t kt thuc 2.3. CAC TINH NNG C BAN CUA PHN MM.
Theo doi v lu d liu truyn qua mng ni b v thc hin vi thi gian thc v phn tch sau s kin. Xc nh v phn tch hn 300 giao thc mng, cng nh cc ng dng mng da trn cc giao thc. Gim st bng thng, bt cc gi tin truyn qua mng v cung cp bn tm tt v gii m thng tin v cc gi tin Xem cac thng k v h thng mang mt cach tom tt, cho phep d dang nm bt va bit c cac d liu s dung trong h thng mang Kip thi co c cac thng bao cua h thng mang bi cac canh bao va tim c cac host kha nghi Gim st trn Internet, email, xem trang web v chia s tp tin,, giup cho cac quan tri vin lam vic d dang hn Chn on v sa cha cc vn h thng mng trong vi giy bng cch pht hin v tm cc host nghi ng Th hin cac ban chi tit, bao gm lu lng truy cp, ia chi IP va MAC cua mi host trn mang, cho phep nhn dang tng may va lu lng i qua mi may. Hnh tng ha ton mng trong mt hnh elip, hin th cc kt ni v lu lng truy cp trn mi host

MM03C-nhm 8

Trang 27

Giam sat h thng mang vi phn mm Colasoft Capsa 2.4. HNG DN S DUNG CAC TINH NNG CUA PHN MM. 2.4.1. M hinh trin khai

Hinh 2.5 M hinh quan ly h thng

M hnh gm c 3 PC ci t h windows, 1 Router kt ni ra internet v mng LAN va mt may tinh cai t phn mm giam sat h thng mang Calasoft Capsa 7 Enterprise. Nhim v ca Calasoft Capsa 7 Enterprise la thc hin chc nng giam sat nm bt cac goi tin tin trn mng pht hin v ngn chn xm nhp h thng. 2.4.2. Gim st hot ng ca h thng mng chng trinh co th hoat ng thi chung ta phai chon it nht mt card mang c tich hp trong may tinh. Nhp vo biu tng Adapter tai tab Analysis:

Sau khi click vao biu tng Adapter se xut hin hp thoai nh sau:

MM03C-nhm 8

Trang 28

Giam sat h thng mang vi phn mm Colasoft Capsa Colasoft Capsa h tr Card Ethernet v nhiu adapter . Ngi quan tri c th phn tch v gim st mng t nhiu hn mt adapter. Hp thoai Network Adapter c hai phn sau y: + Danh sch Network Adapter Colasoft Capsa xc nh tt c card trong my v c cac thng tin: Tn, a ch IP v tc , v v ca tt c cc adapter. Ngoi ra, m s packet, byte, pps, bps ang s dng. + S dng adapter a chn Khi chon mt adapter thi khi o ta s dung thi theo doi lu lng s dung cua adapter o, bng cach di chuyn chut ln ca s, chung ta c th kim tra lu lng .

2.4.2.1. S dung b loc Nu khng kich hoat b loc, Colasoft Capsa se bt va phn tich tt ca cac goi tin truyn qua card mang cua may tinh; do o b loc tht s cn cn thit loc cac goi tin ma ta khng cn quan tm. Mt b lc l mt tp hp cc iu kin nh gi m chng trnh s dng ph hp vi mi gi tin b bt. Nu ph hp vi kt qu l dng tnh, gi c chp nhn v phn tch. Nu khong phu hp, chng trnh s b qua n. Trong Capsa, bn c th qun l cc b lc ca bn thun tin v d dng to mt hnh mi. MM03C-nhm 8 Trang 29

Giam sat h thng mang vi phn mm Colasoft Capsa co th s dung cng cu loc, chung ta m hp thoai Filter nh sau: Nhp vo biu tng Filter tai tab Analysis:

Hp thoi Filter xut hin nh sau:

Hp thoi Filter c chia thnh ba phn: - Filter list : danh sach loc hin thi tt ca cac b loc bao gm nhng b loc do chinh ta tao ra. Co hai hp checkbox s dung cho tt ca cac muc trong b loc, vi hp checkbox ngi quan tri co th cho phep goi d liu nao cn theo doi, hoc bo qua tuy theo nhu cu. Chung ta co th click up vao bt ky muc nao trong muc danh sach loc m hp thoai Packet Filter tuy chinh cac b loc ring theo yu cu.

MM03C-nhm 8

Trang 30

Giam sat h thng mang vi phn mm Colasoft Capsa - Filter flow-chart: biu loc se c lam mi lai khi ta thc hin bt ky mt thay i nao tai danh sach loc bn trai va luc nay ta se thy c cach cac goi tin c x ly khi Colasoft Capsa bt chng. Luc nay cc gi tin ph hp vi iu kin Accept truyn qua cho giai on tip theo, cc gi tin ph hp vi iu kin Reject s b b i. -Buttons: Chung ta co th tm thy cc nt sau y di cng ca hp thoi. Tt c cc nt c m t di y:

+ Add: click vao y thm mt b loc mi + Modify: Nhn vao y chinh sa b loc vi nhng yu cu ring + Delete: Nhn vao xoa mt mt b loc c la chon + Import: Nhn vo y ti li b lc c lu trong mt tp tin cscpfit *. Khi mt tp tin b lc nhp, tt c cc b lc trong danh sch s c thay th. + Export: Nhn vo y lu tt c cc b lc trong danh sch vi mt tp tin *. cscpfit. + Reset Default: Nhn vo y thit lp li danh sch cc b lc. Tt c cc b lc m bn to ra s b mt v cc b lc se c thay th ch mc inh 2.4.2.2. Cac thng tin v h thng mang Network c thit k lu tr cac thuc tinh chung v cac mang khac nhau. Colasoft Capsa cho php chung ta lu cc thuc tnh ph bin nht c s dng, v d: bng thng, cu truc h thng mang, h thng canh bao. Khi ci t Colasoft Capsa trn mt my tnh xch tay v cn phi di chuyn gia cc phn on mng khc nhau, chung ta nn lu cc thuc tnh cua h thng mng trong mt h s mng v gi li nhng thng tin nay khi ta quay lai h thng mng mt ln na. Vi Tab Network Profile c trinh bay nh sau:

MM03C-nhm 8

Trang 31

Giam sat h thng mang vi phn mm Colasoft Capsa Tab Network Profile cha cac muc sau y - General Settings: cha cac muc + Profile Name: Tn v cc profile mng hin ti. + Profile Description: m ta ngn gon cac thng tin v h thng mang hin tai c s dung + Bandwidth: thng tin v bng thng trong cac phn oan mang

- Network Group: c s dung tuy chinh mang, ta co th chia ia chi IP va ia chi MAC hin tai thanh cac nhom mang khac nhau; vi vy chung ta co th tit kim c thi gian khoa cac host ang gp vn trong mt nhom. Da trn mang hin tai, tt ca cac nut IP va MAC co th c inh nghia thanh cac nhom khac nhau ma ta se xac inh lu lng truyn trong mang cuc b.

MM03C-nhm 8

Trang 32

Giam sat h thng mang vi phn mm Colasoft Capsa - Name Table: c s dng qun l cc alias v cc a ch IP, a ch MAC v cc cng trong ports trong mang.

- Alarm Settings: cho php ta qun l tt c cc cnh bo c to. Colasoft Capsa thng bo cho cho chung ta bit mt hot ng c th a vi phm cc quy tc canh bao. Vi ch t canh bao chung ta co th i vi nhng bt thng trong h thng mang ngay t u thay vi nhn thy chung khi a bi thit hai nng.

MM03C-nhm 8

Trang 33

Giam sat h thng mang vi phn mm Colasoft Capsa - Tab Summary: kt hp vi la chn ca trong ca s Explorer Node, tab Summary cung cp cac thng tin rut gon. Khi chung ta chn root node, ta c th nhn c cc s liu thng k v h thng mang, nu chn mt node c th, n s xut hin cc thng tin c th ca node o. Tab Summaryc m t nh sau:

2.4.2.3. Phn tich cac thng tin trong h thng mang Qua trinh phn tich cac thng tin co c giup chung ta nng cao hiu qua s dung cac thng tin a c thng k mt cach hiu qua. m Analysis Profile Options chung ta lam nh sau: - Trn Tab Analysis Profile ta nhp vao Analysis Object:

Ca s tuy chon xut hin nh sau

MM03C-nhm 8

Trang 34

Giam sat h thng mang vi phn mm Colasoft Capsa

Tai ca s nay, chung ta co cac thanh phn nh sau: + Analysis Object : thit lp cac i tng c phn tich, vi du: cac giao thc, ia chi IP, ia chi vt ly,.. thit lp chinh xac cac muc nay se giup nng cao hiu qua s dung cua chng trinh. + Packet Storage: giam sat lu lng truy cp trn mng v lu tr cc gi d liu c phn tch vao b nh. Do , kch thc b m quyt nh c bao nhiu gi ma ta co th nhn thy. Ta c th thit lp kch thc ca b m danh ring v cu hnh lu cc gi c bt lai vo a.

2.4.2.4. Thit lp nht ky Colasoft Capsa c th phn tch v tao cac ban ghi lu lng tai tng ng dng v d: DNS, HTTP, Email, lu lng truy cp FTP, va theo doi cc tin nhn MSN Messenger v Yahoo chat. Cng cu ny cho php chung thit lp c c cac ban ghi hu ich hn v cac ban ghi lu lng truy cp. s dung cng cu nay, ta nhp chut vao Log settings trn tab Analysis Profile.

Sau khi click vao Log settings se hin ra ca s mi vi hai khung bao gm nh sau:

MM03C-nhm 8

Trang 35

Giam sat h thng mang vi phn mm Colasoft Capsa

- Khung bn trai lit k tt ca cac loai ban ghi, chung ta co th bo chon v hiu hoa mt s loai ban ghi theo nhu cu cua ngi quan tri. - Khung bn phi: hin th cc thit lp ca cac loi ban ghi a c nh du trong khung bn tri. - Colasoft Capsa co th ghi lai cc loi sau y: + DNS Log + FTP log + HTTP Log + Email Log + MSN Log + Yahoo Messenger Log 2.4.2.5. Tao biu cho h thng mang Colasoft Capsa cho php bn to cc th mt cach linh hoat vi bt ky host nao ta mun; vi du nh c mt my (IP: 192.168.137.150) v ta cn c mt th v tng lu lng ca n (bng byte). Chung ta co th to mt biu mi bng cch sau: Trong ca s Explorer Node Nhp chut vo chut phi vo bt k node no to ra mt th mi. Sau khi click u lp biu thi hp thoai lp biu xut hin nh sau: trn thanh cng c hoc nhp

MM03C-nhm 8

Trang 36

Giam sat h thng mang vi phn mm Colasoft Capsa

Hp thoai lp biu co cac muc sau y: + Graph Name: tn biu , tn nay c th c t ng to ra hoc ta c th nhp mt tn mi. + Graph Object: xac inh biu c lp se da trn i tng c chon nay (192.168.137.150) + Statistics Counter: danh sach tt ca cac s liu thng k co sn + Counter Unit: n vi tinh toan, ta nhn vao chon n vi hin thi. Sau cung nhp OK hoan thanh vic thit lp tao biu . Tab Matrix Vi tab Matrix se hin th s liu thng k lu lng truy cp trn h thng vi mt biu hinh elip. Chung c th nhanh chng chuyn i gia cc s liu thng k trn toan mang va s liu chi tit tng nut mang bng cach chuyn i gia cc ca s Node Explore. Giao dincuar tab Matrix nh sau:

MM03C-nhm 8

Trang 37

Giam sat h thng mang vi phn mm Colasoft Capsa

Khi di chuyn chut ln mt node mang, cc ng kt ni gia gia cac node s c nh du v in m. Mt hp u cho thy cc s liu thng k ca nt ny, mt ht hp thoi se hin th cc s liu thng k ca node ny. Vic xem matrix s gip chung ta c c cac thng tin sau: + Tt c cc node trong h thng mang. + Cac giao tip trong h thng c hin thi vi ia chi MAC + Cac giao tip trong h thng c hin thi vi ia chi IP + Cac thng tin v cac goi tin a c gi va nhn tai node o 2.4.2.6. Phat hin cac cuc tn cng ARP ARP l mt trong nhng cuc tn cng ph bin nht trong nhng ngy gn y, no c th gy ra vn nghim trng cho h thng ca chng ta. Lm th no nhanh chng khc phc s c cc cuc tn cng ARP l nhng g cn phai quan tm trong vn quan ly mang. Colasoft Capsa s nng cao ng k nng lc qun tr xc nh cc cuc tn cng ARP v bo v h thng mng thoat khi cac cuc tn cng ARP, m bo h thng hot ng bnh thng. Vi Colasoft Capsa, chng ta c th xac inh ngun gc ca cuc tn cng nhanh chong va chinh xac khi c bt k cuc tn cng ARP xay ra vi h thng mang cua chung ta. MM03C-nhm 8 Trang 38

Giam sat h thng mang vi phn mm Colasoft Capsa Chng ta c bn gii php c bn xc nh v tr tn cng ARP vi Colasoft Capsa: Giai phap 1: tai tab Diagnosis la ni xac inh vi tri tn cng ARP trc tip va hiu qua nht. Giao din ca n c hin th nh hnh bn di:

Trong hinh trn chi ra rng co hai trng hp tn cng ARP. Giai phap 2: cc trng thi ca gi tin ARP c hin th trong tab Protocol. y chng ta phi ch c bit vi gi tr ca ARP Request va ARP Response, t l gia hai gia tri nay yu cu khong 1:1 . Nu c s khc bit qua ln gia hai gi tr, c th c cuc tn cng ARP trong h thng mang.

Giai phap 3: gii m thng tin trong tab Packet, c th ni cho chng ta bit nhng thng tin ban u ca gi tin ARP. Vi cch gii m cc gi tin ARP, chng ta c th tm ra ngun gc v im n ca cc gi ARP.

MM03C-nhm 8

Trang 39

Giam sat h thng mang vi phn mm Colasoft Capsa Giai phap 4: Xc nh cc cuc tn cng ARP trong tab Physical Endpoint

Trong tab Physical Endpoint chng ta c th thy s tng quan ca a ch MAC v a ch IP. Ni chung, mt a ch MAC th ch c mt a ch IP tng ng vi n. Nu mt a ch MAC c nhiu a ch IP cho n, iu kin c th l: - Cc host c a ch MAC l gateway - Nhng a ch IP nay c lin kt vi cc a ch MAC mt cach th cng. - Co th la tn cng ARP Do o tab Physical Endpoint cng c th cho chng ta mt gi xc nh v tr tn cng ARP. 2.4.2.7. Pht hin Trojan v Worm vi Capsa Network Analyzer Hu nh tt c cc Trojans v worms cn truy cp vo mng, bi v chng c th gi d liu ra ngoai cho hacker. Ch c cc d liu hu ch s c gi n cho Hacker, nh vy Trojan thc hin c s mnh ca mnh. V vy, cn phi co mt gii php tt han ch nhng mi nguy him nay. Chng ta s pht hin Trojan v worms vi s gip ca mt b phn tch Colasoft Capsa network. Co mt s gii php tm ra du vt ca mt Trojan hoc worms trong h thng mang. Gii php 1: s dung tab Summary Chung ta nn tp trung trn bn tm tt gi TCP, ta cn phi c cnh bo khi TCP SYN gi s ln hn nhiu so TCP SYN ACK s gi. Thng thng t l hai con s khong bng 1:1. Trojans v worms lun lun gi s lng ln cc gi tin TCP MM03C-nhm 8 Trang 40

Giam sat h thng mang vi phn mm Colasoft Capsa SYN n mng v c gng thit lp kt ni vi cc my khc. Khi mt kt ni c thit lp, chung tm cch thm nhp vo my tnh mc tiu.

Giai phap 2: S dung Tab Worm phat hin

Giai phap 3: S dung b loc

MM03C-nhm 8

Trang 41

Giam sat h thng mang vi phn mm Colasoft Capsa Xy dng cc quy tc b lc vi cc mu ca mt s Trojans v worms. Cho n khi chng gi ra gi tin, chng ta s c c nhng Trojans v worms ang hot ng. Phng php ny c nhc im lam khng lm g c vi mt Trojan hoc worms mi.

MM03C-nhm 8

Trang 42

Giam sat h thng mang vi phn mm Colasoft Capsa

KT LUN
Trong phn trinh bay cua an nay a a ra nhng khai nim c ban nht v quan tri h thng mang ; y la mt vn rt c quan tm va phat trin trong linh vc CNTT. Trong o cp n vn quan tri mang vi giao thc SNMP. Giao thc nay ngay cang phat trin va tr thanh mt cng cu t lc trong quan ly h thng mang. Cung trong pham vi an nay, nhom 9 a tim hiu v phn mm phn tich h thng mang Colasoft Capsa , y la phn mm tng i d dung, nhiu chc nng giam sat c bit la giam sat lu lng trong h thng mang. Mc du chng trinh co rt nhiu chc nng co th phn tich mt cach toan din h thng, tuy nhin vi pham vi an mn hoc va vn kin thc hin co thi nhom cha u kha nng tim hiu tt ca nhng tinh nng va s dung tht tt phn mm nay. Do o nhom a ra muc tiu trong tng lai gn la phai lam chu c phn mm Colasoft Capsa va se tim hiu thm nhng cng cu quan ly khac co th hiu ro hn nhng ni dung a c hoc tai trng va phuc vu tt cho cng vic sau nay./.

MM03C-nhm 8

Trang 43

Giam sat h thng mang vi phn mm Colasoft Capsa

TAI LIU THAM KHAO


[1] ThS. Nguyn Vn at, TS. Nguyn Tin Ban, ThS. Dng Anh Tu, ThS. Nguyn Thi Thu Hng, KS L Ky at (2007) - Quan ly mang vin thng , Hoc vin bu chinh vin thng. [2] Dip Thanh Nguyn (2010) - SNMP toan tp [3] Computer network manager E.C Rosen, 2002

MM03C-nhm 8

Trang 44