Kugira ngo habeho gusesengura urujya n'uruza rw'imiyoboro, ni ngombwa kohereza paki y'imiyoboro kuri NTOP/NPROBE cyangwa kuri Out-of-band Network Security and Monitoring Tools. Hari ibisubizo bibiri kuri iki kibazo:
Indorerwamo zo ku cyambu(izwi kandi nka SPAN)
Gukanda kuri interineti(izwi kandi nka Replication Tap, Aggregation Tap, Active Tap, Copper Tap, Ethernet Tap, nibindi)
Mbere yo gusobanura itandukaniro riri hagati y’ibisubizo bibiri (Port Mirror na Network Tap), ni ngombwa gusobanukirwa uburyo Ethernet ikora. Kuri 100Mbit no hejuru yayo, hosts zikunze kuvuga mu buryo bwa duplex yuzuye, bivuze ko host imwe ishobora kohereza (Tx) no kwakira (Rx) icyarimwe. Ibi bivuze ko kuri insinga ya 100 Mbit ihujwe na host imwe, umubare wose w’urujya n’uruza rw’itumanaho host imwe ishobora kohereza/kwakira (Tx/Rx)) ni 2 × 100 Mbit = 200 Mbit.
Igenzura rya Port ni imikorere ya paki, bivuze ko igikoresho cya network gifite inshingano zo gukoporora paki kuri port ifite indorerwamo.
Ibi bivuze ko igikoresho kigomba gukora iki gikorwa gikoresheje umutungo runaka (nka CPU), kandi icyerekezo cyombi cy’umuhanda kizakopwa kuri port imwe. Nkuko byavuzwe mbere, muri A full duplex link, ibi bivuze ko
A -> B na B -> A
Igiteranyo cya A ntikizarenga umuvuduko wa network mbere yuko packet itakaza. Ibi biterwa nuko nta mwanya wo gukoporora packet uhari. Byagaragaye ko port mirroring ari tekiniki nziza kuko ishobora gukorwa na switches nyinshi (ariko si zose), kuko switches nyinshi zifite ikibazo cyo gutakaza packet, niba ukurikirana link ifite umutwaro urenga 50%, cyangwa ukareba ports kuri port yihuta (urugero: mirror 100 Mbit ports kuri port ya 1 Gbit). Tutibagiwe ko packet mirroring ishobora gusaba guhinduranya sources za switches, bishobora gushyira igikoresho mu modoka bigatuma imikorere yo guhinduranya igabanuka. Menya ko ushobora guhuza port 1 kuri port imwe, cyangwa VLAN 1 kuri port imwe, ariko muri rusange ntushobora gukoporora ports nyinshi kuri 1. (Rero nk'uko packet mirror) ibura.
A Network TAP (Aho kwinjira kuri terminal)ni igikoresho cy’ibikoresho bidakora cyane, gishobora gufata urujya n’uruza rw’abantu ku muyoboro w’itumanaho. Gikunze gukoreshwa mu kugenzura urujya n’uruza rw’abantu hagati y’ingingo ebyiri mu muyoboro w’itumanaho. Niba umuyoboro uri hagati y’izi ngingo ebyiri ugizwe n’insinga ifatika, TAP y’umuyoboro w’itumanaho ishobora kuba uburyo bwiza bwo gufata urujya n’uruza rw’abantu.
Umuyoboro wa TAP ufite nibura imiyoboro itatu: umuyoboro wa A, umuyoboro wa B, n'umuyoboro wa monitoring. Kugira ngo ushyiremo akantu hagati y'ingingo A na B, umuyoboro wa network hagati y'ingingo A na B usimbuzwa imiyoboro ibiri, umwe ujya kuri port ya TAP ya A, undi ujya kuri port ya TAP ya B. TAP inyuzamo imiyoboro yose iri hagati y'ingingo ebyiri za network, bityo ikaba ikomeza guhuzwa. TAP kandi ikoporora imiyoboro ya transiporo kuri port yayo ya monitoring, bityo bigatuma igikoresho cyo gusesengura gishobora kumva.
TAP za Network zikoreshwa cyane n'ibikoresho byo kugenzura no gukusanya nka APS. TAP zishobora no gukoreshwa mu bikorwa by'umutekano kuko zidahungabanya umutekano, ntiziboneka kuri network, zishobora gukorana n'imiyoboro yuzuye hamwe n'idasangirwa, kandi akenshi zinyura mu muhanda nubwo umuyoboro wa robine wahagarara gukora cyangwa ugatakaza ingufu.
Kubera ko imiyoboro ya Network Taps itakira ahubwo iratanga gusa, switch ntabwo imenya umuntu wicaye inyuma y’imiyoboro. Ingaruka ni uko isakaza amapaki kuri buri miyoboro. Kubwibyo, niba uhuza igikoresho cyawe cyo kugenzura kuri switch, icyo gikoresho kizakira amapaki yose. Menya ko ubu buryo bukora niba igikoresho cyo kugenzura kidatanze paki iyo ari yo yose kuri switch; bitabaye ibyo, switch izatekereza ko amapaki yafashwe atari ayo kuri icyo gikoresho. Kugira ngo ubigereho, ushobora gukoresha insinga y’umuyoboro utarahuza insinga za TX, cyangwa ugakoresha umurongo wa interineti udafite IP (na DHCP-less) udatanga amapaki na gato. Amaherezo menya ko niba ushaka gukoresha tap kugira ngo udatakaza amapaki, ntugashyire hamwe icyerekezo cyangwa ngo ukoreshe switch aho icyerekezo cyafashwe kigenda buhoro (urugero: 100 Mbit) kurusha umuyoboro wa merge (urugero: 1 Gbit).
None se, ni gute wafata urujya n'uruza rw'abantu kuri interineti? Indorerwamo ya Network Taps vs Switch Ports
1- Uburyo bworoshye bwo kuyishyiraho: Network Tap > Port Mirror
2- Ingaruka ku mikorere ya Network: Network Tap < Port Mirror
3- Gufata, Gukopera, Guteranya, Ubushobozi bwo Kohereza: Gukanda kuri interineti > Indorerwamo ya Port
4- Gutinda Kohereza Ibinyabiziga: Gukanda kuri interineti < Indorerwamo y'Umuyoboro
5- Ubushobozi bwo gutunganya ibinyabiziga: Urubuga rwa interineti > Indorerwamo y'aho imodoka ziherereye
Igihe cyo kohereza ubutumwa: Werurwe-30-2022
