Method and system for realizing network security based on full-flow asset discovery

Method and system for realizing network security based on full-flow asset discovery

The invention provides a method and a system for realizing network security based on full-flow asset discovery. The method comprises the following steps: carrying out mirror port configuration on a switch where a network is located so as to capture network flow; performing traffic analysis processin...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: GUO HAN, YAN YINQIANG, SUN JUNHU
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a method and a system for realizing network security based on full-flow asset discovery. The method comprises the following steps: carrying out mirror port configuration on a switch where a network is located so as to capture network flow; performing traffic analysis processing on the network traffic to generate traffic metadata, and caching the traffic metadata by using Kafka message middleware; different threads are used for executing deduplication and merging of the flow metadata and updating and storage of the flow metadata, and convergence processing is carried out on the flow metadata based on a time window to obtain a final data source so as to discover new assets; new assets are written into an es asset discovery temporary table for supplementation and then converted into formal assets to be included in a management and control range; and continuously refreshing the updating time of the latest new asset discovery in the asset warehousing process, and recording the asset state. A