KINH NGHIM QUN L, VN HNH NOC

H Ni, 01/2008

GiI THIU NOC-VN

Thit b mng01 Router 7206, standard image IOS01 Switch 6506, standard Image IOS02 Server HP DL380: 01 cho Web Server, 01 cho DNS qun tr tn min vinaren.vn02 PC cho k s lm vicBng thng kt ni Kt ni H Ni Hng Kng: 45Mbps (01 Active, 01 backup)Kt ni t NOC-VN n NACESTI: 100Mbps02 kt ni t NOC-VN n Netnam: 100Mbps

GiI THIU NOC-VN

Ti nguyn mng hin ang tm thi qun l:a ch IP: 8 Class CTn min: vinaren.vnKt ni ni b H Ni trong tng lai gn:Kt ni n B GD&T: 100MbpsKt ni n H Kinh t quc dn: 100MbpsKt ni n Bnh vin Bch Mai: 100MbpsCc im khc theo qui hoch ca d n

GiI THIU NOC-VN

H thng phn mm (t xy dng)Phn mm qun l, gim st kt ni mng TEIN2 v cc kt ni trong ni b mng mt s thnh vin VinaREN (Nagios, Cacti) bao gm cc module: WeatherMap (hin th % s dng bng thng kt ni In/Out), Monitor (hin th trng thi thit b, my ch: Down/up/Threshold breach)Phn mm thc hin thng k lu lng s dng, % s dng ng truyn ca cc thnh vin phc v cng tc thng k hng thng.

S DNG, PHT TRIN V TRIN KHAI CC PHN MM M NGUN M 1. Xy dng, trin khai cc cng c h tr phn tch, qun tr, gim st mng m ngun m vi nhiu mun chc nng nh Nagios, Cacti, MRTG vi cc tnh nng: Xy dng s hin th thng tin cc gi tin vo/ra trn Router, switch layer 3 (s dng cng c thu thp thng tin trn thit b nh Netflow trn thit b Router, SW Layer 3 ca Cisco, ca Juniper)

S DNG, PHT TRIN V TRIN KHAI CC PHN MM M NGUN MGim st lu thng vo/ra (theo % bng thng ng truyn) pht hin cc cuc tn cng lm nghn mng do Virus hoc do Hacker (biu hin: thng chim vi trm % bng thng thc t)T ng gi e-Mail cnh bo n cc qun tr vin khi kt ni b t, hoc bng thng qu ti.M phng % s dng bng thng cho tng kt ni bng hnh nh trc quanCho php hin th thng tin v bng thng s dng ca tng giao din mng (interfaces) theo gi, ngy, thng, qu, nm.

S DNG, PHT TRIN V TRIN KHAI CC PHN MM M NGUN M2. Xy dng cc cng c gim st, qun tr, cu hnh cc dch v tp trung trn my ch dng phn mm ngun m nh Webmin

NGHIN CUTrin khai ci t, cu hnh v chy th nghim cc bn th nghim (Demo, Evaluation) cc phn mm phn tch, gim st, qun tr mng thng mi nh NetFlow Analyzer, Solarwinds hoc HP OpenView tm hiu tnh nng, c ch lm vic v c nh gi, so snh vi cc phn mm ngun m v u, nhc im ca chng. Cc phn mm thng mi thng d vn hnh, qun tr nhng nhc im l t tin, hay li khim khuyt v l mc tiu ca hacker v khi nng cp phi mt nhiu kinh ph.Tham gia cc ti nghin cu cp c s, cp B

NGHIN CU

Thit lp c ch bo mt trn ton mng, cc thit b mng, my ch, my trm

Thit lp Firewall/IDS (s dng thit b cng hoc phn mm m ngun m: Firewall-IP Table, IDS-Snort) bo v tn cng mng t bn ngoi, bo v vng DMZ/ServerFarm cho cc my chXy dng Firewall cc b trn tng my ch ng dng, dch v theo c ch Self-Defenceng ht cc cng khng cn thit, ch m cng dch v tht cn thitThng xuyn cp nht phn mm, cc bn v li trn my ch v my trm

Thit lp c ch bo mt trn ton mng, cc thit b mng, my ch, my trm

Ci t v thng xuyn cp nht phn mm Virus trn PC ca ngi s dngThit lp cc c ch truy cp an ton vo cc thit b mng qun tr t bn ngoi hoc t bn trong theo c ch bo mt (s dng SSH thay cho Telnet, https i vi e-Mail, cc dch v qun tr, cu hnh qua Website bng giao thc https, )Hng dn ngi s dng v c ch bo mt nh hn ch chia s tp, m cc dch v/cc cng khng cn thit trnh l hng bo mt.

Thit lp c ch bo mt trn ton mng, cc thit b mng, my ch, my trmThng xuyn cp nht tin tc bo mt trn cc trang Web v bo mt nh:Website Microsoft www.microsoft.com/security/default.mspxwww.windowsecurity.com/whitepaper Website an ninh mng ca Trung Quc: http://www.ccert.cn www.cert.com www.us-cert.gov

Thit lp c ch bo mt trn ton mng, cc thit b mng, my ch, my trm

o to k s

o to trong nc: tham gia cc kha o to c bn v qun tr mngNu NOC c iu kin th gi i o to cc chng ch chuyn mn (cc chng ch MCSE ca MS, CCNA, CCNP, CCIE ca Cisco, ...)Gi cn b tham gia cc kha o to ti nc ngoi: tham gia cc kha o to ngn hn, tp trung chuyn su vo tng vn : nh tuyn (tnh, ng) c bn, nh tuyn (tnh, ng) nng cao, DNS c bn, DNS nng cao, Multicast, Network Security,

o to k s

T o toNgi bit nhiu hng dn ngi bit t Tinh thn t tm hiu chuyn su l chnhS dng cc phn mm gi lp, my tnh PC th nghim, m phng (thit lp m hnh mng, xy dng Router mm, cu hnh nh tuyn dng phn mm m phng Router nh DYMAMIPS, DYNAGEN, RouterSIM)Thng xuyn t chc Seminar chuyn mn theo nh k (1-2 tun/ln)Trao i kinh nghim k thut vi cc NOC khc

nh tuyn (Routing)

Thit lp h thng nh tuyn IP ng vi TEIN2 NOC (Hongkong) s dng giao thc BGPThit lp h thng nh tuyn IP ng vi mt s thnh vin trong VinaREN s dng giao thc nh tuyn OSPFThit lp h thng nh tuyn IP ng vi trong ni b mng HBKHN vi NOC-VN.

nh tuyn (Routing)

u im ca nh tuyn ng:Tn dng c c ch tm ng thng minh, ti uGim thiu cng sc ca qun tr mng khi vic thng xuyn cp nht bng nh tuyn khi c s thay i tuyn ng t mng bn ngoiThun tin cho ngi dng: khng phi thay i Gateway nhng vn c th truy cp c mng Internet hoc TEIN2 m khng cn thay i g trong cu hnh thng s mng

nh tuyn (Routing)

Trin khai th nghim Trin khai th nghim cc cng ngh mi, cc ng dng, dch v trn nn IPv6 (Routing, Multicast-eLearning, DNS, Web, ...). Tuy nhin trin khai dch v nhng phi kim sot c v mt an ninh, bng thng cng nh iu phi dch v khng nh hng n ngi dng.

S dng cc cng c qun tr mng c bn nhng hiu qu

Cng c tm ng tracert (v d: c:\>tracert www.dante.net xem vic i n ich www.dante.net t my ca ngi dng th i theo ng TEIN2 hay Internet thng mi)Nu cc n v c iu kin c th mua thit b m phng sinh ra cc lung d liu kim tra thit b mng, thit b Wireless (LanForge: http://www.candelatech.com/)

S dng cc cng c qun tr mng c bn nhng hiu qu

Cng c PING o thi gian RTT (Round Trip Time) ca gi tin t ngun n ch xem c ln khng (thng i theo ng TEIN2 th RTT ch mt khong vi chc ms, nu i theo Internet thng mi trc tip/gin tip n cc Website quc t thng phi mt 170ms tr ln). Cng c o bng thng cn d, sn sng cho truyn d liu (nh PathLoader, netperf, iperf, )

S dng thit b cn bng ti

Nu mng c nhiu kt ni Internet (Leasedlines, ADSLs) th nn s dng b cn bng ti chia ti cho cc ng truyn ra Internet, ti u c bng thng v kim sot c cht lng dch v (t QoS theo mc u tin theo i tng s dng hoc dch v, a ch IP, )

Th nghim dch v, ng dng, m phng hot ng

Thc hin cc m phng s dng cc dch v, ng dng yu cu bng thng ln kim tra ng truyn cng nh mc chu ti, kh nng h tr multimedia ca thit b mng nh DVTS, Video Conferencing, Thc hin th nghim cc cuc tn cng hoc d qut mng t bn ngoi/trong mng ca mnh pht hin l hng bo mt trn cc thit b mng, my ch, phn mm, Dng cc cng c (nh Ethereal) khi cn bt cc gi tin truyn trn mng phn tch giao thc s dng c th pht hin ra cc bt thng xy ra trong mng,

Qun l ti nguyn mngC chnh sch s dng, qui hoch mng, a ch IP, tn min r rng, ng b v lu di, c kh nng m rngQun l cht ch vic s dng a ch IP thc, tn min trnh l cc l hng v bo mt v trnh vic ngi s dng li dng mng pht tn, truyn b thng tin cm qua Web, dch v FTPCc n v c 2 kt ni mng Leasedline tr ln (MultiHoming) c th ng k xin cp AS number v a ch IP thun tin hn trong qun tr mng c kt ni n mng TEIN2 v Internet thng mi.

iu kin vn hnh trong phng my ch

C cc thit b lu in, n nh in p tng tui th ca thit b, my tnhPhng my ch, thit b mng, PC phi c iu ha m bo tui th thit b c cao.

Phi hp vi i tc v m bo thng tin lin lc gia cc NOCPhi hp vi i tc, ISP hoc B cng an khi cn thit phi x l cc vi phm v an ninh mngm bo thng tin lin lcGiao cho ngi lu thng tin v ti nguyn c cp pht tra cu khi cnLu a ch lin h trao i k thut vi cc NOCs v Cng ty vin thng khi cn thit (nh s c t ng truyn, gin on mng, )Trao i trn cc din n IT, Network Security, OpenSource