A first correspondence table in a terminal device stores a correspondence between an identifier of a process running on the terminal device and an identifier of a data stream created by the process, a second correspondence table stores a second correspondence between an identifier of an application and an identifier of a process created by the application. The terminal device receives an identifier, sent by a network security device, of a first data stream. The terminal device can find, in the first correspondence table, a first record storing the identifier of the first data stream to obtain an identifier of a process. The terminal device can find in the second correspondence table, a second record storing the identifier of the process in the first record to obtain an identifier of an application from the second record. The identifier of the application is then sent to the network security device.

A system determination apparatus 1 includes: a calculation unit (31) configured to calculate a variation coefficient representing a degree of variation of traffic and an average traffic amount corresponding to a plurality of days using traffic data of a network apparatus (3) corresponding to the plurality of days; and a determination unit (34) configured to determine a system of the network apparatus (3) using a density of a data group representing a relationship between the variation coefficient and the average traffic amount corresponding to the plurality of days, and the determination unit (34) determines the network apparatus (3) to be a non-operation system in a case where a density of the data group is equal to or higher than a first threshold and determines the network apparatus (3) to be an operation system in a case where the density of the data group is lower than the first threshold.

A system determination apparatus 1 includes: a calculation unit (31) configured to calculate a variation coefficient representing a degree of variation of traffic and an average traffic amount corresponding to a plurality of days using traffic data of a network apparatus (3) corresponding to the plurality of days; and a determination unit (34) configured to determine a system of the network apparatus (3) using a density of a data group representing a relationship between the variation coefficient and the average traffic amount corresponding to the plurality of days, and the determination unit (34) determines the network apparatus (3) to be a non-operation system in a case where a density of the data group is equal to or higher than a first threshold and determines the network apparatus (3) to be an operation system in a case where the density of the data group is lower than the first threshold.

This application provides a network performance monitoring method, a network device, and a storage medium, and belongs to the field of network technologies. In this application, a forwarding plane samples network performance data based on a fine-grained time periodicity, and records a quantity of network performance exceptions; and a control plane generates, based on a coarse-grained time periodicity, an alarm when the quantity of network performance exceptions recorded by the forwarding plane is greater than a threshold. On a basis of meeting a fine-grained requirement on network performance monitoring, because the control plane does not need to report all the collected network performance data, a volume of data that needs to be reported by the control plane is greatly reduced. This resolves a problem of overload of a main control CPU that is caused by massive data reporting, and reduces dependency of the network performance monitoring on performance of the main control CPU of a device. This further resolves a problem that a large quantity of bandwidth resources are occupied due to the massive data reporting, reduces dependency of the network performance monitoring on the bandwidth resources, and helps meet a requirement for deploying a large quantity of performance monitoring nodes in a live network.

This application provides a network performance monitoring method, a network device, and a storage medium, and belongs to the field of network technologies. In this application, a forwarding plane samples network performance data based on a fine-grained time periodicity, and records a quantity of network performance exceptions; and a control plane generates, based on a coarse-grained time periodicity, an alarm when the quantity of network performance exceptions recorded by the forwarding plane is greater than a threshold. On a basis of meeting a fine-grained requirement on network performance monitoring, because the control plane does not need to report all the collected network performance data, a volume of data that needs to be reported by the control plane is greatly reduced. This resolves a problem of overload of a main control CPU that is caused by massive data reporting, and reduces dependency of the network performance monitoring on performance of the main control CPU of a device. This further resolves a problem that a large quantity of bandwidth resources are occupied due to the massive data reporting, reduces dependency of the network performance monitoring on the bandwidth resources, and helps meet a requirement for deploying a large quantity of performance monitoring nodes in a live network.

Embodiments are directed to monitoring network traffic using network monitoring computers (NMCs). Networks may be configured to protect servers using centralized security protocols. Centralized security protocols may depend on centralized control provided by authentication control servers. If a client intends to access protected servers it may communicate with the authentication control server to obtain keys that enable it to access the requested servers. NMCs may monitor network traffic the centralized security protocol to collect metrics associated with the control servers, clients, or resource servers.

Embodiments are directed to monitoring network traffic using network monitoring computers (NMCs). Networks may be configured to protect servers using centralized security protocols. Centralized security protocols may depend on centralized control provided by authentication control servers. If a client intends to access protected servers it may communicate with the authentication control server to obtain keys that enable it to access the requested servers. NMCs may monitor network traffic the centralized security protocol to collect metrics associated with the control servers, clients, or resource servers.

A disclosed apparatus ay include (1) a wireless receiver that facilitates communicatively coupling to a wireless transmitter of an access point connected to a network switch of a service provider, and (2) at least one processing device of a router communicatively coupled to the wireless receiver, wherein the processing device of the router (A) activates a wireless mode that (I) causes the router to establish a wireless connection with the access point via the wireless transmitter and the wireless receiver and (II) facilitates remote configuration of the router by a remote user who has gained access to the router via the wireless connection, (B) receives, via the wireless connection, at least one command from the remote user, and (C) applies, to an out-of-band management interface of the router, the command received from the remote user via the wireless connection. Various other apparatuses systems, and methods are also disclosed.

A disclosed apparatus ay include (1) a wireless receiver that facilitates communicatively coupling to a wireless transmitter of an access point connected to a network switch of a service provider, and (2) at least one processing device of a router communicatively coupled to the wireless receiver, wherein the processing device of the router (A) activates a wireless mode that (I) causes the router to establish a wireless connection with the access point via the wireless transmitter and the wireless receiver and (II) facilitates remote configuration of the router by a remote user who has gained access to the router via the wireless connection, (B) receives, via the wireless connection, at least one command from the remote user, and (C) applies, to an out-of-band management interface of the router, the command received from the remote user via the wireless connection. Various other apparatuses systems, and methods are also disclosed.

In a method for exchanging packets between first and second nodes of a packet-switched network, each packet comprises two fields settable to an idle value or measurement value. The first node transmits to the second node first packets having a filed set to measurement value. Upon reception of each first packet, the second node transmits back to the first node a second packet having a field set to measurement value. Upon reception of each second packet, the first node transmits to the second node a third packet having another field set to measurement value. A packet loss measurement is calculated as a difference between the number of first packets and the number of third packets.