Session 2 security monitoring
Download
1 / 71

Session 2 Security Monitoring - PowerPoint PPT Presentation


  • 63 Views
  • Uploaded on

Session 2 Security Monitoring. Identify Device Status Traffic Analysis Routing Protocol Status Configuration & Log Classification. Identifying an Attack. Identification Tools. Network Benchmark Parameter. Device Status. CPU Memory Temperature. CPU Load. Abnormal CPU Load.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Session 2 Security Monitoring' - lel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Session 2 security monitoring
Session 2Security Monitoring

  • Identify

  • Device Status

  • Traffic Analysis

  • Routing Protocol Status

  • Configuration & Log

  • Classification





Device status
Device Status

  • CPU

  • Memory

  • Temperature









Traffic analysis
Traffic Analysis

  • Technology (Netflow & Sniffer)

  • Layer 3 or 4 based

  • Application based






Layer 3 or 4 top n
Layer 3 or 4 TOP N

  • IP address based

  • Protocol based

  • Port based

  • Packet Size based

  • AS based



Overview
overview

Normalin/Normalout

Spoofin/Spoofout

Bandwidth、PPS and Packet Size


Traffic statistics picture
Traffic Statistics Picture

  • According to bandwidth

    bandwidth、packet size and PPS

  • According to direction

    normalin/normalout spoofin/spoofout

  • According to time

    4 hours,2 days,1 week,2 months

  • max,min,average,now




Ip top 20
IP TOP 20

  • Order by source/destination address

  • Order by source  destination peer

  • Order by bandwidth and PPS




Packet size top20
Packet size TOP20

Order by bandwidth、 PPS


Port distribution top20
Port Distribution TOP20

  • Order by sour/dest port summary

  • Order by sour/dest port direction

  • Order by bandwidth and pps



Protocol statistic top20
Protocol statistic TOP20

  • According to protocol

    normalin、normalout、spoofin and spoofout

  • Order by bandwidth and pps



Protocol picture
Protocol Picture

  • According to bandwidth and pps

  • According to type

    TCP UDP ICMP

  • According to time

    4hours,2day,1week,2month

  • Max, min, average, now




As statistic top20
AS Statistic TOP20

  • According to directionnormalin、normalout、spoofin and spoofout

  • According to bandwidth and pps





Routing protocol status
Routing Protocol Status

  • Route Entries

  • Routing Protocol Stability






Bgp monitoring tein2 north
BGP Monitoring (TEIN2-NORTH)


Bgp monitoring tein2 south
BGP Monitoring (TEIN2-SOUTH)


Bgp monitoring tein2 jp
BGP Monitoring (TEIN2-JP)








Aaa log audit
AAA & Log Audit

  • Account

  • SYSLOG

  • Log audit tools


















Sink hole how to classify
Sink Hole – How to Classify?


ad