Login

WelcomeuserNew H3C退出

English

Contact Sales Online Exhibition Center Resource Center Become a Partner
Back

H3C U-Center NTA 2.0 User Guide-5W102

HomeSupportNetwork Operations & ManagementH3C U-Center 2.0Configure & DeployUser ManualsH3C U-Center NTA 2.0 User Guide-5W102
Table of Contents
Related Documents
01-Text
Title Size Download
01-Text 1.37 MB

Contents

U-Center 2.0 overview·· 1

Product orientation· 1

Components· 1

Capabilities· 1

Quick start 3

Access U-Center 2.0· 3

Explore the U-Center 2.0 GUI 3

Manage operators· 5

Modify the default password of the admin account 5

Add an operator 6

Traffic monitoring· 8

Interface network traffic· 8

Host network traffic· 10

Application network traffic· 11

Probe network traffic· 13

VLAN/VXLAN network traffic· 14

VPN network traffic· 15

BGP network traffic· 16

Traffic configuration management 18

U-Center 2.0 overview

Product orientation

H3C U-Center orients toward the enterprise-level, comprehensive O & M solution in the aspects of monitoring, management, and control. It applies to the multi-organization, multi-network, large capacity, and permission control scenarios, implementing one-stop management for all resources of the cloud, networks, and endpoints. Figure 1 shows the overall framework of U-Center 2.0.

Figure 1 Overall framework of U-Center 2.0

 

Components

·     Configuration Management Database (CMDB)

·     Infrastructure Operation Management (IOM)

·     IT Service Management (ITSM)

·     Business Service Management (BSM)

·     User Experience Management (UEM)

·     Application Discovery Tracing and Diagnostics (ADTD)

·     Network Traffic Analyzer (NTA)

·     Auto Operation And Maintenance Manager (AOM)

·     Synthetic Transaction Monitor (STM)

Capabilities

U-Center 2.0 adopts the microservice infrastructure and containerized Unified Platform. Based on CMDB data, monitor templates, custom indexes, process orchestration engine, and service management, U-Center 2.0 provides the following capabilities:

·     AggregationAggregates the cloud, network, endpoint, and security technical fields through the microservice-integrated Unified Platform to implement unified O & M.

·     ApplicationBased on CMDB data and OBASHI methodology (that describes relationships and data flows between services and IT resources), U-Center 2.0 generates topologies for service applications to implement unified resource management.

·     AIOpsAdopts big data and machine learning to solve exceptions, predict capacity, and analyze root causes.

·     AgilityUses monitor templates, predefined resource models, custom indexes, and automation for agile product delivery.

Quick start

U-Center 2.0 provides users with an intuitive, interactive Web interface that can be accessed through a Web browser. The following information covers these topics:

·     Access U-Center 2.0

·     Explore the U-Center 2.0 GUI

·     Manage operators

Access U-Center 2.0

U-Center 2.0 is developed based on the browser/server model. Users can access U-Center 2.0 directly by entering the URL of the U-Center server in the Web browser.

Table 1 lists the Web browsers supported by U-Center 2.0.

Table 1 Recommended Web browsers

Browser

Version

Chrome

Chrome 70 or later

Firefox

Firefox 78 or later

 

U-Center 2.0 can be accessed through both HTTP and HTTPS, by using URLs in the following formats:

·     http://<IP address>:<port>

·     https://<IP address>:<port>

The IP address is the virtual IP address configured in Matrix for northbound services. By default, the port number is 30000, which is configurable during installation.

 

 

NOTE:

·     You can use the predefined administrator account (with username admin and password Pwd@12345) for initial access to U-Center 2.0. After login, change the default account password as soon as possible for security purposes.

·     To view the northbound service virtual IP address, navigate to the DEPLOY > Clusters > Cluster Parameters page in Matrix.

 

Explore the U-Center 2.0 GUI

U-Center displays the overview page after you log in.

The U-Center 2.0 overview page contains the top navigation bar and O & M work pane, as shown in Figure 2.

Figure 2 U-Center 2.0 overview page

 

You can hover over the logo in the top left corner to display the U-Center 2.0 function modules, as shown in Figure 3.

Figure 3 U-Center 2.0 function menus

 

In a top-to-bottom and left-to-right order, the U-Center 2.0 GUI areas are as follows:

Table 2 U-Center GUI areas

Item

Name

Description

1

Logo

Provides access to all function modules of U-Center 2.0.

2

Top navigation bar

Provides one-key access to the function modules of U-Center.

3

O & M work pane

Displays the objects managed by the system, as well as the alarm information in the network.

4

Left navigation pane

Provides access to all resources and functions pertaining to the function module selected on the top navigation bar.

5

Configuration page

Allows you to configure the objects added to the system.

 

Click a tab on the top navigation bar to open the operation interface of the corresponding function module.For example, clicking Monitor opens the Traffic Configuration Management page, as shown in Figure 4.

Figure 4 Traffic Configuration Management page

 

 

NOTE:

You can use the following functions by clicking the links in the top right corner of the page:

·     Add to Favorites: Click Add to Favorites to add the current page to favorites. You can use this function to quickly access frequently used pages. To view favorite pages, click System on the top navigation bar, and then select System Settings > Favorites > Favorites from the navigation pane.

·     Help: Click Help to get help information for the current page.

 

Manage operators

U-Center 2.0 implements role-based permission control on operators. An operator with a role has the operation and data permissions on a specific resource type. A role is a collection of permissions. To implement operation and data permission control for an operator, assign permissions to a role, specify the role for a group, and then add the operator to the group.

U-Center 2.0 provides various groups for you to add operators and assign permissions to them for implementing secure O & M.

Modify the default password of the admin account

U-Center 2.0 provides a predefined account with login name admin and password Pwd@12345. You can use the account for initial access to U-Center 2.0.

After login, you must change the default password of the admin account to improve security. To change the default password of the admin account, use one of the following methods:

·     To change the default password in the window that opens immediately upon login:

a.     In the window that opens immediately upon login, click Change Password Now.

b.     Specify a new password.

c.     Click OK.

·     To change the default password of the current login user:

a.     Hover over admin in the top right corner of the page.

b.     Select New Password.

c.     Specify a new password.

d.     Click OK.

·     To change the default password on the Operators page:

a.     On the top navigation bar, click System.

b.     From the navigation pane, select Operator Management > Operators.

c.     Click the  icon in the Actions column for the operator named admin.

d.     Turn on the Change Password option, and then enter the new password in the Login Password and Confirm Password fields.

e.     Click OK.

Add an operator

To manage a medium- or large-sized network, you can add multiple operators with associated permissions for secure O & M.

To add an operator:

1.     On the top navigation bar, click System.

2.     From the navigation pane, select Operator Management > Operators.

3.     Click Add.

4.     Configure the basic operator information:

¡     Operator Name: Enter the login account name, a case-insensitive string of 2 to 32 characters that can contain only letters, digits, underscores (_), hyphens (-), periods (.), and backslashes (\).

¡     Tenant: Specify a tenant for the operator.

¡     Organization: Specify an organization for the operator.

¡     Authentication Method: Select an authentication method. The system provides the following authentication methods:

-     Simple Password Authentication: Requires specifying a password when adding the operator. The operator uses local password authentication for login.

-     LDAP/RADIUS/TACACS Authentication: Requires the operator to perform authentication with the associated authentication server for login.

¡     Login Password/Confirm Password: Specify a login password for the operator. The fields are available only when you select Simple Password Authentication from the Authentication Method list.

¡     Tel: Enter the phone number of the operator. This field is optional.

¡     Email: Enter the Email account of the operator. This field is optional.

5.     Configure the advanced operator information:

¡     Last Name: Enter the last name of the operator. This field is optional.

¡     First Name: Enter the first name of the operator. This field is optional.

¡     Full Name: Enter the full name of the operator. This field is optional.

¡     Permitted Login Time Span: Specify a login time range for the operator. The operator is not allowed to log in to the system at a time out of this range.

¡     Description: Enter a description of the operator. The description information facilitates maintenance.

¡     Password Validity Period: Turn on this option to configure validity period settings for the password. This parameter is available only when you select Simple Password Authentication from the Authentication Method list.

-     Password Validity Period: Specify a validity period for the password. You cannot use an operator account to log in to the system if the password of that operator account has expired.

-     Password Expiration Notification Threshold (Days): When the number of remaining validity days reaches the specified threshold for the password, the system will send a notification to the operator and remind the operator with a pop-up box at each login. After the operator modifies the password, the system will automatically clear the notification.

¡     Account Validity Period: Turn on this option to configure validity period settings for the account.

-     Account Expiration Time: Specify a validity period for the account. You cannot use an operator account to log in to the system if that operator account has expired.

-     Account Expiration Notification Threshold (Days): When the number of remaining validity days reaches the specified threshold for the account, the system will send a notification to the operator and remind the operator with a pop-up box at each login. After the operator extends the account validity period, the system will automatically clear the notification.

6.     Configure operator permission settings:

-     By Role Group: Assigns access permissions by role group.

-     By Role: Assigns access permissions by role.

-     By Direct Assignment: Assigns access permissions by operator group.

7.     Click OK.

 

 

NOTE:

To use the RADIUS, LDAP, or TACACS authentication type, you must configure the authentication server settings on the Authentication Server page.

 

Traffic monitoring

NTA uses NetStream/NetFlow/sFlow log data to analyze and process massive amounts of log data and then presents traffic usage, application behaviors, and node sessions in graphs, reports, and forms. From the presented information, operators can know the running status of networks, quickly troubleshoot faults, and reasonably plan network resources to make sure the network can operate stably.

This document describes the traffic monitoring features in NTA.

Interface network traffic

Administrators can define traffic analysis tasks based on service demands.

 

 

NOTE:

Before adding interface traffic analysis tasks, first add devices by navigating to the Monitor > Network Traffic Monitor > Network Traffic Settings > Device Management page.

 

Add an interface traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Interface Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the interface traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

¡     VLAN/VXLAN Traffic Analysis: Perform general analysis on the total traffic volume and rate. To perform detailed analysis, you need to create a VLAN/VXLAN traffic analysis task.

5.     Threshold Alarming: Enable this option to generate an alarm when the monitored interface inbound/outbound traffic exceeds the threshold. By default, this option is disabled. To enable threshold alarming, you need to select a threshold template:

a.     Click Select Threshold Templates.

b.     Click Add, and configure the following parameters:

-     Template Name: Enter the name of the template, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

-     Template Description: Enter a description for the template.

-     Template Type: The default type is interface task, and cannot be edited.

-     Direction: Specify the traffic direction. Options are Incoming/Outgoing, Incoming, and Outgoing.

-     Triggering Condition(Time): Specify a time period to trigger an alarm. Within the specified time, if the traffic exceeds the specified threshold for a specific number of times, an alarm of the associated severity will be sent. The value can be the last five minutes, last 10 minutes, last 20 minutes, and last 30 minutes.

-     Suppression Period: Specify a time period within which no alarm will generated again. The value can be none, last 30 minutes, last one hour, or last two hours.

-     Traffic Threshold(Unit): Specify the unit for traffic volume. The value can be bps, Kbps, Mbps, Gbps, and %. If you specify the unit as %, an alarm is sent when the traffic exceeds the percentage of the baseline threshold. The baseline will be generated in a week.

-     Alarm Settings: Specify the traffic threshold and number of occurrence times. An alarm is sent if the traffic on the interface exceeds the specified threshold for the specified number of times.

c.     Click OK. To view detailed information about the threshold template, click the  icon in the Actions column.

d.     Select a template, and click OK.

6.     Click Select Interfaces. Select interfaces by using one of the following methods:

¡     Obtain interfaces automatically

Click the Obtain Automatically tab.

-     Select one or more interfaces from the list, and click OK.

-     To filter interfaces, enter an IP address or description, and click Search. Select one or more interfaces from the search result, and click OK.

¡     Manually configure an interface

Click the Manually Configure tab. Select a device, specify the interface name, index, alias, label (optional), and maximum rate settings, and then click OK.

7.     Click OK. You can see the created task in the interface traffic list.

View interface traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Interface Network Traffic.

3.     View interface traffic analysis task result by using one of the following methods:

¡     Click the name link in the list to enter the interface traffic-task name page.

¡     Click the  icon in the Actions column to enter the interface list page. Then, click the  icon in the Actions column in the interface list to enter the interface traffic-interface page.

4.     Specify the statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the analysis result.

-     On the interface traffic-task name page, you can view the traffic trends, traffic distribution, and traffic details in the specified time span for all interfaces.

-     On the interface traffic-interface page, you can view the traffic trend, traffic peak trend, top 10 VLANs/VXLANs by rate, and traffic details in the specified time span for the specified interface.

Application

a.     Click the Application tab to enter the application traffic analysis page.

b.     View the traffic trends, incoming traffic volume, incoming traffic rate, outgoing traffic volume, and outgoing traffic rate in the specified time span for various applications on all hosts.

Source

a.     Click the Source tab to enter the source host traffic analysis page.

b.     View the top 10 source hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Destination

a.     Click the Destination tab to enter the destination host traffic analysis page.

b.     View the top 10 destination hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the distribution of session host traffic within the specified time span, and session traffic information between nodes.

View interface traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Interface Network Traffic.

3.     To view detailed information about an interface traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit an interface traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete interface traffic analysis tasks, perform one of the following tasks:

¡     Click the  icon in the Actions column for a task, and then click OK in the dialog box that opens.

¡     Select one or multiple interface traffic analysis tasks, and click Delete. In the dialog box that opens, click OK.

Host network traffic

Administrators can define traffic analysis tasks based on service demands.

 

 

NOTE:

Before adding host traffic analysis tasks, first add devices or probes by navigating to the Monitor > Network Traffic Monitor > Network Traffic Settings > Device Management/Probe Management page.

 

Add a host traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Host Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the host traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

¡     Threshold Alarming: Enable this option to generate an alarm when the monitored incoming/outgoing traffic exceeds the specified threshold. By default, this option is disabled. To enable threshold alarming, you need to select a threshold template. For more information, see "Add an interface traffic analysis task."

¡     Host IP: Enter IP addresses or IP address ranges of hosts to be monitored in the format of 10.153.89.0, 10.153.89.0/24, 10.153.89.0/255.255.255.0, 10.153.89.* or 1.1.1.1-2.2.2.2. Then click Add.

5.     Click Select Applications to select applications. If you do not select any applications, the system collects statistics for all applications by default.

6.     Click Select Interfaces. Select interfaces by using the Obtain Automatically or Manually Configure method. For more information, see "Add an interface traffic analysis task."

7.     Click Select Probes. Select probes, and click OK.

8.     Click OK. You can see the created task in the host traffic list.

View host traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Host Network Traffic.

3.     Click the name link in the list to enter the host traffic analysis page.

4.     Specify the statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the traffic trends and traffic details in the specified time span for all hosts.

Application

a.     Click the Application tab to enter the application traffic analysis page.

b.     View the traffic trends in the specified time span for various applications on all hosts, as well as the application traffic volume and rate.

Source

a.     Click the Source tab to enter the source traffic analysis page.

b.     View the top 10 source hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Destination

a.     Click the Destination tab to enter the destination host traffic analysis page.

b.     View the top 10 destination hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the distribution of session host traffic, top 10 session hosts by rate, and session traffic information between nodes within the specified time span.

View host traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Host Network Traffic.

3.     To view detailed information about a host traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit a host traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete a host traffic analysis task, click the  icon in the Actions column for the task, and then click OK in the dialog box that opens.

6.     To delete one or multiple host traffic analysis tasks, select the tasks, and click Delete. In the dialog box that opens, click OK.

Application network traffic

Administrators can define traffic analysis tasks based on service demands.

 

 

NOTE:

Before adding application traffic analysis tasks, first add devices or probes by navigating to the Monitor > Network Traffic Monitor > Network Traffic Settings > Device Management/Probe Management page.

 

Add an application traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > App Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the application traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

¡     Threshold Alarming: Enable this option to generate an alarm when the monitored incoming/outgoing traffic exceeds the specified threshold. By default, this option is disabled. To enable threshold alarming, you need to select a threshold template. For more information, see "Add an interface traffic analysis task."

5.     Click Select Applications to select applications. If you do not select any applications, the system collects statistics for all applications by default.

6.     Click Select Interfaces. Select interfaces by using the Obtain Automatically or Manually Configure method. For more information, see "Add an interface traffic analysis task."

7.     Click Select Probes. Select probes, and click OK.

8.     Click OK. You can see the created task in the application traffic list.

View application traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > App Network Traffic.

3.     Click the name link in the list to enter the application traffic analysis page.

4.     Specify the statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the traffic trends and traffic details in the specified time span for all hosts.

Source

a.     Click the Source tab to enter the source traffic analysis page.

b.     View the top 10 source hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Destination

a.     Click the Destination tab to enter destination host application traffic analysis page.

b.     View the top 10 destination hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the top 10 session hosts by rate within the specified time span, and session traffic information between nodes.

View application traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > App Network Traffic.

3.     To view detailed information about an application traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit an application traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete an application traffic analysis task, click the  icon in the Actions column for the task, and then click OK in the dialog box that opens.

6.     To delete one or multiple application traffic analysis tasks, select the tasks, and click Delete. In the dialog box that opens, click OK.

Probe network traffic

Administrators can define traffic analysis tasks based on service demands.

 

 

NOTE:

Before adding probe traffic analysis tasks, first add probes by navigating to the Monitor > Network Traffic Monitor > Network Traffic Settings > Probe Management page.

 

Add a probe traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Probe Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the probe traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

5.     Click Select Probes. Select probes, and click OK.

6.     Click OK. You can see the created task in the probe traffic list.

View probe traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Probe Network Traffic.

3.     Click the name link in the list to enter the probe traffic analysis page.

4.     Specify the statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the traffic trends and traffic details in the specified time span for all hosts.

Application

a.     Click the Application tab to enter the application traffic analysis page.

b.     View the traffic trends in the specified time span for various applications, as well as the application traffic volume, rate, and percentage.

Source

a.     Click the Source tab to enter the source traffic analysis page.

b.     View the top 10 source hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Destination

a.     Click the Destination tab to enter destination host application traffic analysis page.

b.     View the top 10 destination hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the distribution of session host traffic, top 10 session hosts by rate, and session traffic information between nodes within the specified time span.

View probe traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > Probe Network Traffic.

3.     To view detailed information about a probe traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit a probe traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete a probe traffic analysis task, click the  icon in the Actions column for the task, and then click OK in the dialog box that opens.

6.     To delete one or multiple probe traffic analysis tasks, select the tasks, and click Delete. In the dialog box that opens, click OK.

VLAN/VXLAN network traffic

Administrators can define traffic analysis tasks based on service demands.

 

 

NOTE:

Before adding VLAN/ VXLAN traffic analysis tasks, first add devices by navigating to the Monitor > Network Traffic Monitor > Network Traffic Settings > Device Management page.

 

Add a VLAN/VXLAN traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > VLAN/VXLAN Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the VLAN/VXLAN traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

¡     Task Type: Select VLAN or VXLAN.

¡     Direction: Select Incoming or Outgoing.

5.     In the VLAN/VXLAN Info area, click Add. Enter the VLAN/VXLAN ID and VLAN/VXLAN name, and click OK.

6.     Click Select Devices. Select devices, and click OK.

7.     Click OK. You can see the created task in the VLAN/VXLAN traffic list.

View VLAN/VXLAN traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > VLAN/VXLAN Network Traffic.

3.     View VLAN/VXLAN analysis task result by using one of the following methods:

¡     Click the name link in the list to enter the VLAN/VXLAN traffic-task name page.

¡     Click the  icon in the Actions column to enter the VLAN/VXLAN list page. Then, click the  icon in the Actions column in the list to enter the VLAN/VXLAN traffic-VLAN/VXLAN ID page.

4.     Specify statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the analysis result.

-     On the VLAN/VXLAN traffic-task name page, you can view the traffic trends, distribution of VLAN/VXLAN traffic, and traffic details in the specified time span for all hosts.

-     On the VLAN/VXLAN traffic-VLAN/VXLAN ID page, you can view the traffic trends and traffic details in the specified time span for all hosts where the VLAN/VXLAN is deployed.

Application

a.     Click the Application tab to enter the application traffic analysis page.

b.     View the traffic trends in the specified time span for various applications on all hosts, as well as the application traffic volume, rate, and percentage.

Source

a.     Click the Source tab to enter source host traffic analysis page.

b.     View the top 10 source hosts by rate, as well as the application traffic volume, rate, and percentage in the specified time span.

Destination

a.     Click the Destination tab to enter the destination host traffic analysis page.

b.     View the top 10 destination hosts by rate, as well as the application traffic volume, rate, and percentage in the specified time span.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the top 10 session hosts by rate within the specified time span, and session traffic information between nodes.

View VLAN/VXLAN traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > VLAN/VXLAN Network Traffic.

3.     To view detailed information about a VLAN/VXLAN traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit a VLAN/VXLAN traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete a VLAN/VXLAN traffic analysis task, click the  icon in the Actions column for the task, and then click OK in the dialog box that opens.

6.     To delete one or multiple VLAN/VXLAN traffic analysis tasks, select the tasks, and click Delete. In the dialog box that opens, click OK.

VPN network traffic

Administrators can define traffic analysis tasks based on service demands.

Add a VPN traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > VPN Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the VPN traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

5.     In the VPN Instance Info area, click Add.

6.     Select a device, enter the VPN instance ID and description, and click OK.

7.     Click OK. You can see the created task in the VPN traffic list.

View VPN traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > VPN Network Traffic.

3.     Click the name link in the list to enter the VPN traffic analysis page.

4.     Specify the statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the traffic trends and traffic details in the specified time span for all hosts.

Application

a.     Click the Application tab to enter the application traffic analysis page.

b.     View the traffic trends in the specified time span for various protocols, as well as the application traffic volume and rate.

Source

a.     Click the Source tab to enter the source traffic analysis page.

b.     View the top 10 source hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Destination

a.     Click the Destination tab to enter destination host application traffic analysis page.

b.     View the top 10 destination hosts by rate, as well as the traffic volume, rate, and percentage within the specified time span.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the distribution of session host traffic within the specified time span, and session traffic information between nodes.

View VPN traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > VPN Network Traffic.

3.     To view detailed information about a VPN traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit a VPN traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete a VPN traffic analysis task, click the  icon in the Actions column for the task, and then click OK in the dialog box that opens.

6.     To delete one or multiple VPN traffic analysis tasks, select the tasks, and click Delete. In the dialog box that opens, click OK.

BGP network traffic

Administrators can define traffic analysis tasks based on service demands.

Border Gateway Protocol (BGP) is a dynamic routing protocol that can run within an AS and between ASs. An AS refers to a group of routers that use the same routing policy and work under the same administration. This feature can perform traffic analysis for different ASs.

 

 

NOTE:

Before adding BGP traffic analysis tasks, first add devices by navigating to the Monitor > Network Traffic Monitor > Network Traffic Settings > Device Management page.

 

Add a BGP traffic analysis task

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > BGP Network Traffic.

3.     Click Add.

4.     Configure the following parameters:

¡     Name: Enter the name of the BGP traffic analysis task, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

¡     Description: Enter the description of the task.

5.     In the AS Info area, click Add. Enter the AS ID and AS name, and specify whether to enable threshold alarming (the default setting is disabled). To enable threshold alarming, you need to select a threshold template. For more information, see "Add an interface traffic analysis task." Click OK.

6.     In the Device Info area, click Select Devices. Select devices, and click OK.

7.     Click OK. You can see the created task in the BGP traffic list.

View BGP traffic analysis task result

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > BGP Network Traffic.

3.     View BGP traffic analysis task result by using one of the following methods:

¡     Click the name link in the list to enter the BGP traffic-task name page.

¡     Click the  icon in the Actions column to enter the AS list page. Then, click the  icon in the Actions column in the list to enter the BGP traffic-AS ID page.

4.     Specify the statistical time span and refresh interval to view the analysis result.

Traffic

a.     Click the Traffic tab to enter the traffic analysis page.

b.     View the analysis result.

-     On the BGP traffic-task name page, you can view the traffic trends, traffic details, and distribution of BGP AS traffic in the specified time span for all hosts.

-     On the BGP traffic-AS ID page, you can view the traffic trends and traffic details in the specified time span for all hosts in the AS.

Application

a.     Click the Application tab to enter the application traffic analysis page.

b.     View the traffic trends in the specified time span for various protocols, as well as the application distribution, traffic volume, and rate.

Source

a.     Click the Source tab to enter source host traffic analysis page.

b.     View the traffic trends in the specified time span for all source hosts, the top 10 source hosts by rate, as well as the application traffic volume, rate, and percentage.

Destination

a.     Click the Destination tab to enter the destination host traffic analysis page.

b.     View the traffic trends in the specified time span for all destination hosts, the top 10 destination hosts by rate, as well as the application traffic volume, rate, and percentage.

Session

a.     Click the Session tab to enter the session traffic analysis page.

b.     View the distribution of session host traffic, top 10 session hosts by rate, and session traffic information between nodes within the specified time span.

View BGP traffic analysis task settings

1.     On the top navigation bar, click Monitor.

2.     From the left navigation pane, select Network Traffic Monitor > BGP Network Traffic.

3.     To view detailed information about a BGP traffic analysis task, click the  icon in the Actions column for the task.

4.     To edit a BGP traffic analysis task, click the  icon in the Actions column for the task, and then edit the task settings as needed.

5.     To delete a BGP traffic analysis task, click the  icon in the Actions column for the task, and then click OK in the dialog box that opens.

6.     To delete one or multiple BGP traffic analysis tasks, select the tasks, and click Delete. In the dialog box that opens, click OK.

Traffic configuration management

This feature provides device management, probe management, application management, parameter configuration, anomaly detection, and threshold template functions.

To perform traffic configuration management, navigate to the Monitor > Network Traffic Monitor > Network Traffic Settings page, and then click the associated icon.

Device management

This feature enables you to manually add devices or selected devices from U-Center 2.0.

To enter the device management page, click Device Management.

Add a device

Click Add, and configure the following parameters:

·     Device IP: Specify the IP address by using one of the following methods:

¡     Method 1: Manual enter the device IP address.

¡     Method 2:

-     Click Select Devices next to the Device IP field.

-     Select a device resource and click the  icon to add the resource to the selected resource list.

-     Click OK.

·     Device Name: Specify the device name. This field is automatically specified if the device is added through method 2.

·     Device Description: Specify the description of the device.

·     SNMP Parameters: Select whether to enable SNMP parameter configuration. After you enable SNMP parameter configuration, the system automatically obtains parameters such as the interface index from the device.

·     NetStream Flow Identifier: This parameter takes effect only when the device supports NetStream flow identifier.

·     NetStream New Feature: Comware 5 added flow sampling to the original NetStream protocol. With flow sampling, the device can obtain overall traffic statistics by sampling and analyzing massive traffic data. If the device does not support the new NetStream protocol, you need to configure the network sampling rate.

·     NetStream Sampling Rate: Enter a value in the range of 1 to 65536. Value 1 means the sampling rate is 1:1. Value 100 means the sampling rate is 1:100. To ensure correct auditing, make sure the sampling rate is the same as the configuration on the device.

View device details

To view detailed information about a device, click the  icon in the Actions column for the device or click the name of the device.

Synchronize a device

To synchronize device information, click the  icon in the Actions column for the device.

Edit a device

To edit a device, click the  icon in the Actions column for the device, and then edit the device settings as needed.

Delete devices

Perform one of the following tasks:

·     To delete a device, click the  icon in the Actions column for the device, and click OK in the dialog box that opens.

·     To delete one or more devices, select the devices, click Delete, and click OK in the dialog box that opens.

Search and refresh device information

·     Search for devices

Select the device name or device IP criteria in the upper right corner, and enter a device name or IP address in the search box. Then click the  icon to display matching devices. Fuzzy match is supported.

·     Refresh device information

Click Refresh to refresh device information.

Probe management

If the device does not support NetStream, NetFlow, or sFlow, it can use a probe to collect and process network data. Configure port mirroring on the device to copy the complete network data passing through the device and send the data to the probe. The probe handles and uploads the data as flow logs to the NTA server through FTP.

To enter the probe management page, click Probe Management.

Add a probe

Click Add, and configure the following parameters:

·     Probe Name: Enter the probe name.

·     Probe IP: Enter the probe IP address.

·     Probe Description: Enter the probe description.

·     Layer 7 Application Identification: If you enable Layer 7 application identification, NTA will analyze Layer 7 data based on the application types defined in application management to monitor application usage. If you do not enable this option, NTA will analyze only Layer 4 data.

·     Network Adapter Analysis: The probe supports obtaining multiple network adapters. You can set the traffic information (in a task) of the network adapters for the probe. To use the TCP response time analysis, you must enable network adapter analysis.

View probe details

To view detailed information about a probe, click the  icon in the Actions column for the probe or click the name of the probe.

Edit a probe

To edit a probe, click the  icon in the Actions column for the probe, and edit the probe settings as needed.

Delete probes

Perform one of the following tasks:

·     To delete a probe, click the  icon in the Actions column for the probe, and then click OK in the dialog box that opens.

·     To delete one or multiple probes, select the probes, and click Delete. In the dialog box that opens, click OK.

Application management

Application management includes Layer 4 and Layer 7 application management. Layer 4 application management allows you to define a Layer 4 application based on protocol and port. Generally, a network application is identified by one or multiple groups of fixed network protocols and communication ports. For example, the TCP protocol and port 80 identify the HTTP application. The network behavior analysis system analyzes the bandwidth usage trend based on defined applications. The system has predefined more than 200 standard and common Layer 4 applications, which can meet most requirements. Typically, you do not need to self-define Layer 4 applications.

Layer 7 application traffic analysis is dedicated to analyzing traffic of applications with non-fixed ports, for example, P2P applications such as BT and eDonkey. Such applications are recognized by application layer characteristics of packets. Applications with non-fixed ports are common on networks, and they seriously occupy the network bandwidth. You can define applications that seriously occupy the network bandwidth as Layer 7 applications, and perform traffic analysis for them.

The system has predefined most applications with non-fixed ports as Layer 7 applications, including: BT, DC, eDonkey, Gnutella, Kazaa, MSN, QQ, AIM, SopCast, AppleJuice, SoulSeek, PPStream, Ares, Mute, PPLive, VNC, TVAnts, WinMX, ShoutCast, FileTopia, ManoLito, Stream, and StealthNet. You can also self-define other Layer 7 applications as needed.

To enter the application management page, click Application Management.

 

 

NOTE:

The Layer 7 application recognition function takes effect only on DIG logs, and does not take effect on the other types of logs.

 

Add an application

Click Add, and configure the following parameters:

·     Name: Enter the name of the application.

·     Application Description: Enter the application description.

·     Protocols: Select an application protocol. Options are TCP/UDP, TCP, and UDP.

·     Application Type: Select Layer 4 Application or Layer 7 Application.

·     Port: Enter the Layer 4 application port.

·     Host IP: Enter the host IP address for the Layer 4 application, and then click Add.

·     Regular Expression: Enter a valid regular expression for NTA to identify the Layer 7 application.

·     Status: Specify whether or not to enable the Layer 7 application.

Add a protocol

Click the Protocols tab, click Add, and configure the following parameters:

·     Name: Enter the name of the protocol.

·     Protocol Number: Enter the protocol number in the range of 0 to 255.

·     Status: Specify whether or not to enable the protocol.

Add an application category

Click the Application Categories tab, click Add, and configure the following parameters:

1.     Configure basic information:

¡     Name: Enter the name of the application category.

¡     Description: Enter the application category description.

¡     Application Category Type: Select Applications or Protocols.

2.     Select applications or protocols:

¡     If you select Applications for Application Category Type, click Select Applications in the Application Info area. Select one or more applications, and click OK.

¡     If you select Protocols for Application Category Type, click Select Protocols in the Protocol Info area. Select one or more protocols, and click OK.

3.     Click OK.

In application management, the view, edit, and delete operations are similar. This section takes the operations on applications for illustration.

View application details

To view detailed information about an application, click the  icon in the Actions column for the application or click the name of the application.

Edit an application

To edit an application group description host IP, click the  icon in the Actions column for the task, and then edit the task settings as needed.

Delete applications

Perform one of the following tasks:

·     To delete an application, click the  icon in the Actions column for the application, and click OK in the dialog box that opens.

·     To delete one or multiple applications, select the applications, click Delete, and click OK in the dialog box that opens.

Search for applications

Filter applications by specific criteria.

·     Basic search

Enter an application name in the search box and then click the  icon to display matching applications. Fuzzy match is supported.

·     Advanced search

Click the  icon next to the search box to expand the advanced search area. Specify the name, protocol, port, application type, or predefined settings to display matching applications.

Parameter configuration

The system allows you to configure parameters for traffic analysis based on business demands and hardware device capabilities. Configure the parameters appropriately.

To enter the parameter configuration page, click Parameters.

Basic Info

·     Report TopN(1-50): Set the number of searched entries that need to be sorted and displayed. The number of displayed entries cannot exceed the specified value. The default value is 10. Setting a higher value might affect search performance.

·     Unknown Application Traffic Analysis: Turn on this option to view detailed information about unknown applications. By default, this option is turned off.

·     Peak Traffic Analysis: Turn on this option to view peak network traffic distribution of traffic analysis tasks and interfaces. By default Task, this option is turned off.

·     Threshold Alarming: Turn on this option to enable threshold alarming globally. You can enable threshold alarming for a specific traffic analysis task only after enabling threshold alarming globally. After enabling this option, you can configure threshold alarming settings for interface traffic analysis tasks, host traffic analysis tasks, application traffic analysis tasks, and BGP traffic analysis tasks. By default, this option is turned on.

·     Baseline Analysis: Specify whether or not to enable baseline analysis. You can enable baseline analysis for a specific traffic analysis task after enabling baseline analysis globally. Turning off this option stops baseline analysis for traffic analysis tasks enabled with baseline analysis.

·     Traffic Monitor Menus: Specify the traffic monitor menus to display. Options include Interface Traffic, Host Traffic, Application Traffic, Probe Traffic, VPN Traffic, BGP Traffic, and VLAN/VXLAN Traffic. To apply your changes to this parameter, you need to refresh the page or log in to the system gain.

Traffic Data Settings

Set the data storage durations of various granularities.

Anomaly Detection

Anomaly detection checks for attacks in the network. NTA defines 28 anomaly detection types. If an attack is detected, an alarm is sent. The administrator can configure the threshold and alarm level settings to identify network attacks.

To enter the anomaly detection page, click Anomaly Detection.

Network attack description

·     Corrupt_IPOption: Attacks the Windows operating system. The attacker sends packets with a malformed IP Option, causing access violation, breakdown, or incorrect command execution on the target Windows operating system.

·     DHCPOfferPacket: The attacker uses forged DHCP Offer packets to assign any IP address to the requesting host, causing network anomaly.

·     DNS_Rogue_Hack: Uses DNS to illegally transmit data. The attacker sends forged DNS record data through UDP port 53. The administrator must define a valid DNS server list to identify illegal DNS traffic.

·     FragmentedICMPPacket: Detection for fragmented ICMP packets. Typically ICMP packets contain only brief information and do not need to be fragmented.

·     ICMPDstUnreachable: Disconnects specific network connection of the target host. Upon receiving ICMP destination unreachable packets, certain operating systems determine that the associated network is unreachable and disconnect from that network. The attacker forges ICMP destination unreachable packets, causing the target host to disconnect the specified network connection and affecting use of the network.

·     ICMPParameterProblem: ICMP packet parameter errors.

·     ICMPRedirects: Attacks the host routing table. The attacker sends ICMP redirect packets to modify the routing table of the target host, affecting use of the network.

·     ICMPReplyExcess: Probes the host operating system. The attacker uses ICMP Reply packets to probe operating system information of the target host.

·     ICMPRequestExcess: Attacks the host operating system. The attacker sends a large number of ICMP Echo Request (ping) packets, causing heavy resource and bandwidth consumption on the target host.

·     ICMPSourceQuench: Reduces the sending rate of user data. The sending rate of user data resumes when the attacker stops sending ICMP source quench packets. The attacker uses forged ICMP source quench packets to reduce network bandwidth usage for the target users.

·     ICMPTimeExceeded: The attacker forges ICMP Time Exceeded packets to interrupt communication between associated parties.

·     Invalid_IP_Prot: Forged IP packets in which the protocol number is larger than or equal to 134. Such protocol numbers are undefined or reserved that cannot be used in normal networks.

·     Invalid_Tos: Data packets contain invalid ToS values, such as 0, 2, 4, 8, and 16.

·     Land_Attack: Attacks the host operating system. The attack packets use the same source and destination addresses. Upon receiving such packets, the operating system cannot process them correctly. Heavy system resource consumption will result in system breakdown.

·     LargeICMPPacket: Attack detection for extra large ICMP packets. Typically ICMP packets contain only brief information. Anomaly might exist in the network when extra large ICMP packets exist.

·     PingofDeath_Attack: Attacks hosts or network devices. The attacker sends extra large ICMP packets (larger than 65507 bytes), causing system breakdown, reboot, or crash of the target host or network device due to error processing.

·     Record_Route_IPOption: Probes the network structure. The attacker uses the Route Record option in IP packets to probe the network structure.

·     Security_IPOption: Forged IP packets. The IP security option has been obsoleted and cannot be used in IP packets in the network.

·     Snork_Attack: A denial-of-service attack (DoS) against the Windows NT RPC service. It uses UDP packets with source port number 7, 19, or 135 and destination port number 135.

·     SourceRoute_IPOption: Data packets used by the attacker to hide itself. Normal TCP packets contain only the source and destination addresses. The attacker can add source route information to the TCP packets, acting as another host to obtain sensitive data.

·     StreamID_IPOption: Forged IP packets. The IP stream ID option has been obsoleted and cannot be used in IP packets been network.

·     TCP_Fin_Scan: Detects the status (open or closed) of the target host port and operating system (Unix or Windows) of the target host. The attacker sends TCP packets with the FIN flag set to a port on the target host. If the port is closed, the host sends a TCP RST packet in response. If the port is open, the host does not respond.

·     TCP_Null_Scan: Detects whether the ports are closed on the target host. The attacker sends TCP packets with no flags set to a port on the target host. If the port is closed, the host sends a TCP RST packet in response. If the port is open, the host does not respond.

·     TCP_Syn_Fin_Scan: Abnormal packets generated upon an attack. TCP SYN packets are used for connection initialization and cannot have both the FIN and RST flags set. Similar combinations include SYN/FIN, SYN/FIN/PSH, SYN/FIN/RST, and SYN/FIN/RST/PSH.

·     TCP_Xmas_Scan: Detects whether the ports are closed on the target host. The attacker sends TCP packets with the FIN, URG, and PSH flags set to a port on the target host. If the port is closed, the host sends a TCP RST packet in response. If the port is open, the host does not respond.

·     TimeStamp_IPOption: Attacks the NetBSD operating system. The attacker sends TCP packets with incorrect IP Timestamps Option, causing DoS attacks on the target NetBSD operating system and system breakdown.

·     UDP_Bomb_Attack: Attacks operating systems of old versions. The attacker adds illegal values to the length field in the header of UDP packets. Some operating systems of old versions might break down upon receiving such packets.

·     UDP_Flood_Attack: A DoS attack based on UDP. It rapidly consumes available network bandwidth and affects use of the network.

Basic settings

·     Time Window Type: Time window type for generating alarms. Options are Fixed and Sliding. If you specify the fixed time window, only one alarm is sent within each time window. If you specify the sliding time window, the time interval between two alarms must be larger than the time window size. No alarm is generated for attacks within the time window size. After selecting Fixed or Sliding, click OK.

·     Time Window Size (1-10 Min): Time window size for generating alarms. After specifying the time window size, click OK.

Edit anomaly detection parameters

The administrator can only edit specific anomaly detection profile parameters, and cannot add or delete anomaly detection profiles in the predefined list.

To edit an anomaly detection profile, click the  icon in the Actions column for the anomaly detection profile, and edit the following settings as needed:

·     Name: Name of the abnormal behavior. Click the name to view its details.

·     Description: Description of the abnormal behavior.

·     Threshold: Threshold for generating an alarm for anomaly detection.

·     Alarm Level: Level for the alarm generated for anomaly detection. Options are Critical, Major, Minor, Warning, and Info.

·     Status: Whether to enable the feature.

View detailed information about an anomaly detection profile

To view detailed information about an anomaly detection profile, click the  icon in the Actions column for the anomaly detection profile.

Threshold templates

An alarm is generated when the monitored traffic exceeds the threshold.

To enter the threshold template page, click Threshold Templates.

Add a threshold template

Click Add. On the page that opens, configure the following parameters:

·     Template Name: Enter the name of the template, which can contain only Chinese characters, letters, digits, underscores (_), hyphens (-), and dots (.).

·     Template Description: Enter a description for the template.

·     Template Type: Select a template type. Options include application task, BGP task, host task, interface task, and interface.

·     Direction: Specify the traffic direction. Options are Incoming/Outgoing, Incoming, and Outgoing.

·     Triggering Condition(Time): Specify a time period to trigger an alarm. Within the specified time, if the traffic exceeds the specified threshold for a specific number of times, an alarm of the associated severity will be sent.

·     Suppression Period: Specify a time period within which no alarm will be generated again.

·     Traffic Threshold(Unit): Specify the unit for traffic volume. The value can be bps, Kbps, Mbps, Gbps, and %. If you specify the unit as %, an alarm is sent when the traffic exceeds the percentage of the baseline threshold. The baseline will be generated in a week.

·     Alarm Settings: Specify the traffic threshold and number of occurrence times. An alarm is sent if the traffic on an interface exceeds the specified threshold for the specified number of times.

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Intelligent Storage
  • Security
  • SMB Products
  • Intelligent Terminal Products

Cloud & AI

H3C Workspace Cloud Desktop

Learn more

Intelligent Connection

Intelligent Computing

H3C UniServer R4900 G5 Server

Learn more

Intelligent Storage

Security

Situational Awareness

Learn more

Zero Trust Security Solution

Learn more

SMB Products

Intelligent Terminal Products

Industry Solutions

The Government Cloud “1+N+N+1” Innovation Model Becomes a Template

Learn more

Strong Support for the G20 Hangzhou Summit

Learn more
  • Product Support Services
  • Technical Service Solutions
All Services

Product Support Services

Technical Service Solutions

  • Resource Center
  • Policy
  • Online Help
  • Technical Blogs
All Support

Resource Center

Policy

Online Help

Technical Blogs

Training & Certification

  • Become A Partner
  • Partner Policy & Program
  • Global Learning
  • Partner Sales Resources
  • Partner Business Management
  • Service Business
All Partners

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Partner Business Management

Service Business

  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us

Profile

News & Events

Online Exhibition Center

Contact Us

新华三官网