近年網路環境發展快速,提供的服務越來越多樣化,需要管理的伺服器與網路設備越來越多,為了讓管理人員便於進行伺服器和交換器管理,市面上已有許多產品可供選用,只是這些產品除了在功能上通常是針對特定範圍進行管理,維護成本也需納入考量,因此這些產品不完全符合管理人員所有的需求,同時在資訊安全方面也缺乏相關的管理與控制機制。本研究提出一套結合即時偵測伺服器與交換器系統,並導入資訊安全管理制度的概念,提出風險管理的配套,期能在管理伺服器和交換器之外,同時還具備資訊安全管理機制概念之網路監控系統,降低組織及其設備、系統與網路的機密性、完整性與可用性所受到的各種方面之威脅。本論文最後針對系統導入後產生的效益進行統計分析,除可即時偵測系統故障並通知管理人員迅速處理,確保系統故障復原時間符合資訊安全管理制度所設定的目標外,還可經由紀錄分析發覺故障頻率高之設備,作為風險評估與資產管理的重要參考資料。
The number of servers and network equipment increase dramatically in recent years due to the explosive growth of the internet and the services built upon it. This implies that the working load of the system administrators is increased accordingly. There are many management software developed to help the administrators in managing the servers and network equipment. However, most of these products are designed for specific range of management tasks. That is, there are almost no single product can fulfill all the needs of the administrator or may not consider the security management and control mechanism addressed in the information security management system (ISMS). In this thesis, we propose a service equipment availability monitoring system which utilizes a real-time detection of server and switch system and a recording and reporting mechanism to conform the requirements of the information security management system.. From the analysis of the event logs and the reports of the proposed system, we can see that the system can detect the failure and deliver the warning message to the administrator immediately after the service being identified as not available. The result is a dramatic reduction of the system failure recovery time. Also, we can discover the most frequent failure locations or equipments from the event log which is an important reference for risk assessment and asset management.