In order to ensure the stable and safe operation of financial business and provide value-added services, the need for data collection and business analysis of financial services network (production network) are necessary. The analysis includes network performance analysis, business performance analysis, security analysis, credit information analysis, etc.
For traditional solutions, all the analytical tools need to capture data from service networks, and then make professional analysis respectively. As a result, more than once data collection lead to some problems on performance, security and others related, which not only affect the performance and accuracy of analytical tools, but also bring potential threats on service bearer networks. Traditional network traffic collection mainly has the following problems:
1. More collection points. With analysis tools are getting more and more, each analysis tools need to capture packets from each business analysis, and then decoding analysis, resulting in traffic load increase, reliability reduction and duplication of investment.
2. From the view of management, different business sectors use different analysis tools, the business network data collection requirements lead to different. As a result, different requirements have been arised for the location and quantity of network equipment, SPAN light, TAP acquisition. If lack of unified management, the stable operation and production of network can not be guaranteed.
3. With the development of network, the network interface, data flow, packages are changing all the time. For the existing analysis tools, the processing performance of the probe port is limited. How to adapt the continuous developing network traffic data to the completed system to protect the investment has been a problem to be solved.
4. The analysis tools focus only on the specific traffic in the network, such as access to full amount of data, which will inevitably lead to a large number of invalid packet loads, taking a limited number of probe resources, and affecting their utilization.
To sum up, the construction of network traffic collection and distribution platform has become the mainstream solution, as shown in the following figure. Through a unified network traffic collection and distribution platform, an "adaptation layer" is established between the service network data and the third party analysis tools. Through this platform, the following new features can be implemented:
1. Reduce the collection point, manage data collection in a unified way, lower the impact on the business network
2. Management of unified network management platform for shunting equipment
3. The acquisition data can be replicated and allocated to multiple analysis tools
4. Adapt existing analysis tools, probe ports and processing capabilities to protect existing investments
5. Through traffic filtering and packet preprocessing, send specific traffic flow to the analysis tools to improve the efficiency of the probe processing
According to the demand of network traffic visualization in financial industry, it has become the consensus of the industry to build a unified management network flow collection and distribution platform, and the typical construction plans are as follows:
1. The network traffic collection and distribution platform is logically divided into three layers: acquisition layer, convergence layer and shunt layer. Each layer performs different logic functions, and realizes the unified management of the access data
2. Acquisition layer can access, aggregate and complete source port identification of service network bypass data, the data sent to the uplink port aggregation layer devices
3. Convergence layer collects, copies, and divides the upload data of the acquisition layer, and sends the data to the equipment of shunt layer according to the requirements of the analytical tools
4. Shunt layer’s main function is loading balancing mode for analysis tool probe port adaption and processing performance, on the other hand, through the probe packet filtering, preprocessing methods such as screening and analysis tools to specific flow processing, improving the use efficiency of the probe
5. All flow collection and distribution equipment on an unified management and monitoring platform
6. The scheme adopts double plane backup and switch scheme to improve reliability
Our main clients:
All rights reserved Beijing Zhongchuang Telecom Test Co., Ltd.( ZCTT) Beijing ICP reserve 15026937
