Optimization Scheme Of CGN Logs

Posted on:2014-01-19

Degree:Master

Type:Thesis

Country:China

Candidate:H Ma

Full Text:PDF

GTID:2248330398970965

Subject:Computer Science and Technology

Abstract/Summary:

PDF Full Text Request

With the development of the Internet, a large number of users need to access to the Internet. The network security issues have become increasingly important. On the other hand, the IPv4addresses have been exhausted and the transition from IPv4to IPv6has become inevitable. IPv4has been successfully applied on the Internet for over20years. All aspects of hardware and software environment are for IPv4. Therefore, we cannot transform to IPv6in a short time. IPv4and IPv6will coexist for a long period. Before the full transition to IPv6, NAT technology has become an important way to ease the lack of IPv4addresses; NAT technology also has an important role on defending the security of network.In order to maintain the security of the network environment, to monitoring and analyzing the status of the various network devices and systems in the network environment is an important method. According to analyze of the log files, we can know the operational status of various network devices. For users accessing to the network through the NAT devices, the source IP address was translated after the NAT, so it is difficult to locate the real hosts according to the source IP addresses. This makes the network less secure. The logs produced by NAT are used to solve this security issue. For the CGN environment, there will be a large amount of logs, basically a TB as the unit. If the log information is too big, there will be a serious of problems, resulting difficulty in storage and inquiry.In response to these issues, we use the port range mapping program to optimize the NAT transform mechanism, in order to achieve the purpose of reducing the amount of the logs, thus improving the efficiency of the querying of logs. The mainly purpose to record the logs of CGN is to trace the Intranet host where something happened. The port range mapping program can both meeting the requirements of tracing and compressing logs. Firstly, we implement the program of port range mapping. And then analyze the logs of traditional NAT. Finally, we compare the number of logs between the traditional NAT and the port range mapping NAT, consulting that the port range mapping can greatly compress the number of logs.

Keywords/Search Tags:

Network Security, NAT, CGN, Log

PDF Full Text Request

Related items

1	Computer Network Security Design And Research
2	An Open System Framework For Reducing Users' Vulnerabilities In The Network Security Ecosystem
3	Research And Implementation Of Improved The P Company Network Security And Management System
4	The Design And Implementation Of The Information And Network Security System Of Shanghai Municipal Public Security Bureau
5	Chongqing Institute Of Technology Campus Network Security System Design And Implement
6	Kunming Fire Command School Shield Network Security Status Quo Of Research And Improvement
7	Analysis And Implementation. Xx Enterprise Network Security
8	The Research On Network Security Menace And Status, Problems, Countermeasures Of Network Supervision And Management
9	Programming And Practices Of The Enterprise Network Security
10	University Network Security Problems And Countermeasures