Author Login Editor-in-Chief Peer Review Editor Work Office Work

Computer Engineering ›› 2007, Vol. 33 ›› Issue (01): 104-105. doi: 10.3969/j.issn.1000-3428.2007.01.035

• Networks and Communications • Previous Articles     Next Articles

Research of Developing NIDS Load Balancer via IXP2400

CHEN Yu, XUE Peng, ZHAI Weibin, LIU Baoxu, XU Rongsheng   

  1. (Computing Center, Institute of High Energy Physics, Chinese Academy of Sciences, Beijing 100049)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-01-05 Published:2007-01-05

基于IXP2400开发NIDS负载均衡器的研究

陈 宇,薛 鹏,翟伟斌,刘宝旭,许榕生   

  1. (中国科学院高能物理研究所计算中心,北京 100049)

Abstract: This paper introduces the architecture of NIDS data distribution system. It focuses on how to develop its key component, effective load balancer and gives the implementation using network processor. It’s proved to be low-cost, short-term and scaleable to implement NIDS load balancer based on IXP2400 by experiment. It successfully finishes the task of data distribution, so that the detection performance of the system is improved.

Key words: Intrusion detection, High-speed networks, Data distribution, Network processor

摘要: 分析了高速网络环境下基于分流机制实现的NIDS体系架构,探讨了其核心部件——NIDS负载均衡器的实现及关键算法,给出了其在网络处理器上的具体实现。实验表明,基于IXP 2400网络处理器实现的负载均衡器具有成本低、研发周期短、可扩展性好的特点,完全能满足NIDS分流架构的需求,基本解决了高速网络下网络入侵检测设备的性能问题。

关键词: 入侵检测, 高速网, 数据分流, 网络处理器