Igice cya 1: Incamake y'ibiranga ibicuruzwa by'ingenzi
Mylinking ML-NPB-M2000 ni ikigo cy’itumanaho cya 2U modular Network Packet Broker (NPB) gihujwe na Inline Bypass Switch, cyagenewe gushyira mu bikorwa umutekano w’umuyoboro w’itumanaho mu buryo bwizewe cyane no gutunganya neza traffic. Gikemura ibibazo byo gutinda/kwangirika k’umuyoboro w’itumanaho guterwa no kunanirwa/gusana ibikoresho by’umutekano, kandi gishyigikira imicungire y’urujya n’uruza rw’itumanaho, igenzura n’umutekano. Ibiranga by’ingenzi byayo bishyirwa mu byiciro bikurikira:
1. Ibisobanuro by'ibikoresho
○ Ishusho y'ikintu:2U rackmount ya santimetero 19, itanga umuriro w'amashanyarazi ubiri (AC-220V/DC-48V nta yandi mananiza), ikoreshwa ry'amashanyarazi ntarengwa ni 300W.
○ Imirongo ikoreshwa mu buryo bwa Modular:Uduce 4 dushobora guhindurwamo ibintu bishyushye kuri module za BYPASS/ MONITOR (dushyigikira imiterere ivanze).
○ Ubushobozi bwo gukoresha icyambu:Moduli ya Bypass (810G SFP+ & 4100GE QSFP28); Moduli ya Monitor (1610G SFP+ & 4100GE QSFP28); ubushobozi bwose bwo gutunganya 2.4Tbps.
○ Imiyoboro y'Ubuyobozi:1RS232 Console, 110/100/1000M RJ45 yo gucunga hanze y'umuyoboro.
○ Uburyo bwo kwaguka:Kugeza ku miyoboro y’uburinzi ya 161G/10G cyangwa imiyoboro ya 840G/100G; imiyoboro ntarengwa yo kugenzura ya 641G/10G cyangwa 1640G/100G.
2. Ubushobozi bw'ibanze mu mikorere
○ Uburinzi bwo Kunyura mu Murongo:Guhindura bypass byihuse (<8ms), kumenya umutima mu buryo bw'ubwenge (ibipimo bishobora guhindurwa), bypass byihuse ku bikoresho by'umutekano.
○ Gutunganya ibinyabiziga:Ishingiro (gukoporora/guteranya/gushungura/gushyiramo ibirango) + Imbere (gukuraho/gupfuka/gukata/gukuraho/porokera ya SSL/gukuraho ubusobanuro, kumenya poroteka ya L2-L7).
○ Kugabanya Imitwaro:Kugereranya imizigo bishingiye kuri Hash (L2-L4) ku matsinda y'ibikoresho by'umutekano, garanti y'ubunyangamugayo bw'igihe, no gukwirakwiza imizigo mu buryo buhindagurika.
○ Gutunganya Umuyoboro w'amazi:Gushyigikira gukuraho/gushyiramo VXLAN/GRE/MPLS/GTP, igenzura ryikora rya tunnel protocol.
○ Uburyo imodoka zigaragara:Isesengura ry’ibipimo byinshi (isesengura ryimbitse rya DPI, isesengura ry’imbonerahamwe y’imigendekere y’amazi/ipaki, aho amakosa aherereye nyayo), igenzura ry’igihe nyacyo n’itangazo, igenamiterere ry’igihe rya nanosecond.
3. Uburyo bwo Gushyira mu Bice by'ingenzi
○ Gushyira mu bikorwa umurongo:Uburinzi bwuzuye bw'urujya n'uruza rw'abantu ku muhanda/uburyo bwihariye bwo kunyuramo, gukumira urujya n'uruza rw'abantu ku muhanda, proxy ya SSL yo gusesengura urujya n'uruza rw'abantu ku muhanda mu buryo bwa hifashishijwe ikoranabuhanga.
○ Gutanga serivisi zo muri SPAN:Gupima, guteranya, gukwirakwiza amakuru hanze y'umuyoboro w'itumanaho (IDS/APM/NPM).
○ Hybrid (Inline + SPAN):Uburinzi bw'umutekano buri hagati y'umurongo + ubwiza bw'imodoka zigenda hanze y'umurongo, nta kwivanga hagati y'uburyo bubiri.
4. Ikoranabuhanga ryihariye ry’ibanze
○Uburyo bwo Kurinda SpecFlow/FullLink, Guhindura byihuse, LinkSafeSwitch, Gutanga Politiki Ihindagurika ya WebService.
○Gutahura paki y'umutima ihinduka, guhuza imizigo myinshi, gukwirakwiza ibinyabiziga mu buryo bw'ubwenge.
Igice cya 2: Porogaramu za sisitemu y'ibicuruzwa
Ibishushanyo mbonera byose bifata Mylinking ML-NPB-M2000 nk'agace k'ibanze, ibikorwa remezo by'umuyoboro bihuza, ibikoresho by'umutekano na sisitemu zo gukurikirana/gusesengura. Ifoto y'igicuruzwa yanditswe nka [Ifoto y'igicuruzwa cya ML-NPB-M2000] mu buryo bw'imiterere, kandi ishyirwa mu bikorwa nyaryo rishobora kuyisimbura n'ishusho yemewe y'igicuruzwa.
Ishusho ya 1: Uburinzi bw'ibikoresho by'umutekano bya Inline Link Serial Security Device Bypass (Icyitegererezo cy'ingenzi)
Izina ry'Ishusho: Ishusho y'Uburinzi bwa FW/IPS mu buryo bwikora
Intego: Kurinda impanuka za FW/IPS ku buryo zitagenda neza/zitangizwa neza
Ibisobanuro by'ibice
Urusobe rw'Umuyoboro: Router/switch y'ibanze (urufunguzo rw'umuyoboro, aho abantu binjira/basohoka hejuru/hasi).
Node y'ibanze: ML-NPB-M2000 (Inline Bypass Switch ihuriweho, inkingi y'uburinzi bwose).
Urwego rw'Umutekano: Ibikoresho bisanzwe by'umutekano (Sisitemu yo gukumira umuriro/kwinjira).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Imiterere Isanzwe: Urujya n'uruza rw'abantu bose bava ku bikoresho by'ibanze by'umuyoboro runyura muri ML-NPB-M2000 rujya kuri FW/IPS kugira ngo barebe umutekano, hanyuma bagasubira kuri umuyoboro binyuze kuri icyo gicuruzwa.
2- Ingeso Idasanzwe: Uburyo bwo kumenya umutima w’iki gikoresho bugaragaza ko FW/IPS yananiwe gukora (impanuka/gushyiramo umutwaro mwinshi/gukora neza), bugatera guhinduranya bypass byihuse (<8ms).
3- Aho umurongo unyura: Urujya n'uruza rw'abantu runyura hagati y'ibikoresho by'ibanze by'umuyoboro binyuze muri ML-NPB-M2000, rukarenga FW/IPS idafite ishingiro, bigatuma nta muyoboro uhagarara.
4- Imiterere yo Kugarura: Iyi porogaramu imenya uburyo bwo kugarura amakuru bwa FW/IPS mu gihe nyacyo hanyuma igasubiza inzira y’imodoka ya mbere kugira ngo irinde umutekano.
Ibintu by'ingenzi bikoreshwa: Guhindura byihuse, Gutahura umutima uko ubyifuza, Ikoranabuhanga rya LinkSafeSwitch.
Ishusho ya 2: Ishusho y'umutekano wa SpecFlow Specific Traffic Inline
Izina ry'igishushanyo: Ishusho yihariye ishingiye kuri politiki yo kuzenguruka no kurinda umutekano
Intego: Gushungura no kohereza gusa abantu bagana ibikoresho by'igenzura
Ibisobanuro by'ibice
Urusobe rw'umuyoboro: Router/switch y'ibanze (ubwoko bwose bw'inzira zinjira).
Igice cy'ingenzi: ML-NPB-M2000 (gusuzuma urujya n'uruza rw'abantu, uburyo bwihariye bwo gukurura abantu).
Urubuga rw'Umutekano: Ibikoresho byihariye byo kugenzura umutekano (ku bijyanye n'urujya n'uruza rw'amakuru/SSH/RDP, ubushobozi buke bwo gutunganya amakuru kugira ngo abantu bose barugereho).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Iyi porogaramu ikoresha L2-L4 identification (VLAN tag/IP five-tuple/MAC/port) kugira ngo irebe urujya n'uruza rw'abantu hakurikijwe politiki yashyizweho mbere.
2- Urujya n'uruza rw'abantu rudahangayikishije: Yoherezwa ku muyoboro w'itumanaho binyuze mu gicuruzwa, nta mpamvu yo kunyura mu bikoresho by'umutekano (bigabanya umutwaro w'ibikoresho).
3- Urujya n'uruza rw'abantu rwihariye: Gufata igikoresho cyihariye cy'umutekano kugira ngo gisuzumwe/kirindwe, hanyuma kigasubizwa kuri interineti binyuze kuri icyo gicuruzwa.
4- Gupima umutima mu buryo bwihuse ku gikoresho cy’umutekano; kunyura mu buryo bwikora iyo igikoresho cyananiwe, kugira ngo uburinzi bwihariye bw’umuhanda budahagarara.
Ibiranga by'ingenzi bikoreshwa: Uburyo bwo kurinda SpecFlow, Gushungura ibinyabiziga bya L2-L4, Ikoranabuhanga ryo Kurinda Ibinyabiziga.
Ishusho ya 3: Ishusho y'Uburinzi bw'Umutekano wa Interineti Ufite Ingano Ingana
Izina ry'Ishusho: Kugabanya Umutwaro w'Umutwaro w'Umuvuduko Ukabije w'Umuvuduko kuri FW/IPS Cluster Diagram
Intego: Gukwirakwiza 100G mu itsinda rya FW/IPS
Ibisobanuro by'ibice
Urusobe rw'Umuyoboro: Router/switch y'ibanze (uburyo bwo kwinjiza amakuru menshi, igikoresho kimwe cy'umutekano ntigishobora gukora).
Node y'ibanze: ML-NPB-M2000 (ikwirakwizwa ry'ibinyabiziga mu buryo bw'ubwenge, gucunga imicungire y'imizigo).
Urukurikirane rw'Umutekano: Itsinda rya FW/IPS (ibikoresho byinshi by'umutekano bimwe byashyizwe ahantu hamwe).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Igicuruzwa cyakira umuyoboro munini w’itumanaho uturutse ku muyoboro w’ibanze kandi gifasha kuringaniza imizigo hifashishijwe Hash (L2-L4) (ishingiye kuri MAC/IP/port/protocole).
2- Urujya n'uruza rw'abantu rukwirakwizwa ku buryo bungana kuri buri FW/IPS muri cluster kugira ngo umutekano utunganywe icyarimwe, bigamije kwemeza ko amakuru agenda neza.
3- Igicuruzwa gishyigikira ikwirakwizwa ry’umutwaro uhindagurika: iyo igikoresho cya cluster cyananiwe/aho gihurira kikabura, urujya n’uruza rw’abantu rwimurirwa mu bindi bikoresho bisanzwe.
4- Imikorere rusange y’uburyo bw’umutekano irushaho kuba myiza bitewe n’umubare w’ibikoresho bya cluster, bigahuzwa n’ibintu bya 100G/200G bifite bandwidth nyinshi.
Ibiranga by'ingenzi bikoreshwa: Kugabanya imitwaro ihuza amasano menshi, Gukwirakwiza imodoka mu buryo bw'ubwenge, Guhita unyura mu buryo bwihuse kugira ngo igikoresho kimwe kidakora neza.
Ishusho ya 4: Ishusho y'Uburinzi bw'Igikoresho cy'Umutekano cya Multi-Serial (Physical Serial → Logical Serial)
Izina ry'Ishusho: Ishusho y'Umutekano w'Ibikoresho byinshi Ishusho y'Umutekano w'Ibikoresho by'Umutekano w'Ibintu Bitandukanye n'Iby'Inzira
Intego: Simbuza urukurikirane rw'ibintu (ingingo imwe y'ikosa) n'urukurikirane rw'ibintu bihuye n'ibyo mu buryo busanzwe
Ibisobanuro by'ibice
Urusobe rw'umuyoboro: Router/switch y'ibanze (urufunguzo nk'agace ka internet egress/server).
Node y'ibanze: ML-NPB-M2000 (guteganya gahunda y'urujya n'uruza rw'abantu, imicungire y'uruhererekane rw'amakuru).
Urwego rw'Umutekano: Ibikoresho byinshi bitandukanye by'umutekano (FW/Anti-DDoS/WAF/IPS, uburyo busanzwe bwo gushyiraho serial bugira aho bunanirana).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Gukoresha ibikoresho bisanzwe: Ibikoresho byinshi by’umutekano bihujwe ku buryo bufatika, bigatuma habaho gucika intege kenshi no gutinda gukomeye kwa interineti.
2- Gukoresha ibikoresho bishya: Ibikoresho byose by'umutekano bihuye neza na ML-NPB-M2000; ibicuruzwa bikoresha uburyo bwo kugenzura urujya n'uruza rw'imodoka hakurikijwe politiki y'umutekano.
3- Ibinyabiziga binyura muri buri gikoresho cy’umutekano mu buryo bw’ishingiro bwashyizweho mbere kugira ngo birindwe intambwe ku yindi, bikagira ingaruka nk’iz’uruhererekane rw’ibintu.
4- Iyo igikoresho kimwe cy’umutekano cyananiwe, icyo gikoresho gihita kinyura ku gikoresho cyari gifite ikibazo, kandi ibindi byose bikomeza kugira akamaro, bigabanura aho ikibazo cyangiritse kandi bikongera icyizere cy’umuyoboro.
Ibiranga by'ingenzi bikoreshwa: Uburyo bwo kurinda FullLink, Uburyo bwo gukurura abantu mu muhanda mu buryo bw'ubwenge, Uburyo bwo kohereza amakuru mu buryo buhindagurika.
Ishusho ya 5: Ishusho y'impinduka mu kurwanya DDoS mu kugenzura no kurinda ibinyabiziga
Izina ry'igishushanyo: Uburyo bwo gukurura politiki ya WebService Dynamic mu kurinda ibitero bya DDoS
Intego: Gutahura ibitero mu gihe nyacyo + uburyo urujya n'uruza rw'imodoka rugenda ruhinduka
Ibisobanuro by'ibice
Urusobe rw'Umuyoboro: Router/switch y'ibanze + Seriveri Cluster (intego irinzwe, nka seriveri y'ubucuruzi IP/igice).
Node y'ibanze: ML-NPB-M2000 (kohereza amakuru ku muvuduko w'umuyoboro, kuvugurura politiki ihindagurika, gukurura abantu).
Urwego rw'Umutekano: Igikoresho cyo kurinda ibitero bya DDoS (gutahura ibitero mu gihe nyacyo, gutanga politiki ihamye).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Imiterere Isanzwe: ML-NPB-M2000 yohereza urujya n'uruza rwuzuye kuri seriveri ku muvuduko w'insinga, kandi ikerekana urujya n'uruza rwose kuri igikoresho cya Anti-DDoS kugira ngo kimenyekane mu gihe nyacyo (nta ngaruka ku rujya n'uruza rw'ubucuruzi).
2- Igitero cyabonetse: Igikoresho cyo kurwanya DDoS kimenya ibitero bya DDoS kuri IP/segment ya seriveri, kigashyiraho amategeko yo guhuza traffic, hanyuma kikayageza ku gicuruzwa binyuze kuri WebService dynamic policy interface.
3- Gukoresha Ibitero: Ibi bivugururwa mu bubiko bw'amategeko ahinduka mu buryo bufatika, bigakurura abantu bagana ku gikoresho cya Anti-DDoS kugira ngo gisukurwe/gitunganywe, kandi abantu basanzwe bagakomeza koherezwa mu buryo butaziguye.
4- Iherezo ry'igitero: Igikoresho cya Anti-DDoS gitanga itegeko ryo guhagarika politiki, kandi ibicuruzwa bigarura uburyo bwo kohereza amakuru yose ku muvuduko w'umuvuduko w'umuyoboro w'itumanaho.
Ibiranga by'ingenzi bikoreshwa: Gutanga amakuru kuri interineti kuri WebService Dynamic Policy, Gutanga amakuru kuri interineti, Gutanga amakuru kuri interineti kuri mudasobwa zikoresha umuvuduko wa ASIC, Guhagarika amakuru kuri interineti.
Ishusho ya 6: Uburinzi bw'Injira mu Murongo (Inline + SPAN) + Ishusho yo Gukurikirana Imbere y'Umurongo
Izina ry'Ishusho: Inline FW/WAF Protection + SPAN Out-of-Band IDS/APM Monitoring Diagram
Intego: Uburinzi bw'umurongo icyarimwe + isesengura ry'urujya n'uruza rw'abantu hanze y'umurongo
Ibisobanuro by'ibice
Urusobe rw'umuyoboro: Router/switch y'ibanze (uburyo bwo kwinjiza amakuru mu bucuruzi).
Node y'ibanze: ML-NPB-M2000 (fungura icyarimwe uburyo bwa Inline na SPAN, nta kwivanga kw'imibanire).
Urukurikirane rw'umutekano w'abakoresha: FW/WAF (uburinzi bw'umurongo ukurikiranye ku muyoboro w'ubucuruzi).
Icyiciro cyo kugenzura hanze y'umuyoboro: IDS/APM/NPM (isesengura ry'urujya n'uruza rw'abantu, igenzura ry'imikorere, isuzuma ry'ibitero).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Uburyo bwo Kunyura: Urujya n'uruza rw'ubucuruzi runyura mu bicuruzwa rugana kuri FW/WAF kugira ngo hirindwe umutekano wo hagati, rugakora ku buryo bwo kunyura mu nzira y'impanuka no mu buryo bwihariye bwo gukurura urujya n'uruza rw'imodoka.
Uburyo bwa 2- SPAN: Igicuruzwa gishushanya urujya n'uruza rwuzuye/rwayunguruwe mu murongo rugana kuri sisitemu yo kugenzura hanze y'umurongo binyuze muri module ya Monitor, nta ngaruka ku buryo busanzwe bwo kohereza urujya n'uruza rw'umurongo.
3- Sisitemu yo kugenzura ikora isesengura ryimbitse ry’urujya n’uruza rw’abantu (DPI/flow table/packet analysis), igenzura ry’imikorere (APM/NPM) na passive terror detection (IDS), kandi ibicuruzwa bishyigikira SSL decryption kuri mirrored encrypted traffic (HTTPS/TLS) kugira ngo byuzuze ibisabwa mu isesengura ry’inyandiko zidasobanutse.
4- Iyi porogaramu itanga uburyo bwo gupfuka/gutwikira urujya n'uruza rw'abantu ku buryo bworoshye, bigabanya umutwaro wo gutunganya porogaramu yo kugenzura ibintu hanze y'umurongo.
Ibiranga by'ingenzi bikoreshwa: Hybrid Inline + SPAN Deployment, SSL Proxy/Decryption, Traffic Mirroring, Data Deduplication, Traffic View Analysis.
Ishusho ya 7: Isesengura ry'igenamigambi n'ishusho ry'urusobe rw'abantu ku miyoboro y'itumanaho
Izina ry'igishushanyo: Guteranya abantu benshi + Gahunda imwe + Ishusho y'isesengura ry'amashusho
Intego: Guhuza urujya n'uruza rw'abantu kuri 10G/40G/100G + isesengura ry'amashusho
Ibisobanuro by'ibice
Icyiciro cy'inkomoko: Ihuza ry'inkomoko y'umuyoboro w'itumanaho rifite ibiciro byinshi (10G/40G/100G) (interineti isohoka, agace ka seriveri, igikoresho cy'ibanze), urujya n'uruza rw'abantu rwakusanyijwe binyuze mu ndorerwamo y'ikoranabuhanga ikoresha ikoranabuhanga rya optique splitter/port mirror.
Node y'ibanze: ML-NPB-M2000 (gukusanya urujya n'uruza rw'abantu, kuyungurura, gukwirakwiza, no gutunganya mbere).
Icyiciro cy'isesengura: Sisitemu z'umutekano/isesengura zitari mu itsinda (FW/IDS/NPM/DPI Analyzer).
Uburyo bwo Kubona Ibinyabiziga: Urubuga rwo Kubona Ibinyabiziga (GUI yubatswemo, igaragaza imbonerahamwe y’ibicuruzwa mu buryo bwinshi).
Uburyo bwo gukoresha urujya n'uruza rw'imodoka n'ibindi bintu
1- Ibicuruzwa bikusanya urujya n'uruza rw'abantu bose baturuka ku miyoboro myinshi ku muvuduko w'insinga, hanyuma bigakorwa mbere (gushungura/gukata/gukuraho/gukuraho imiyoboro).
2- Dukurikije politiki zashyizweho mbere, ibicuruzwa bikwirakwiza serivisi zitandukanye kuri sisitemu z’umutekano/isesengura zijyanye nazo (urugero, DDoS ijya kuri Anti-DDoS, amakuru y’imikorere kuri NPM).
3- Moduli y’ubwiyongere bw’ibicuruzwa ikora isesengura ry’ibipimo byinshi (isesengura ryimbitse rya DPI, isesengura ry’imbonerahamwe y’imigendere/ipaki, aho amakosa aherereye) ku binyabiziga byakusanyijwe, kandi ikabyerekana mu gihe nyacyo binyuze muri GUI (imbonerahamwe y’ibice/imbonerahamwe y’umurongo/umurongo w’igihe).
4- Gushyigikira gufata amapaki mu buryo bwihuse no kubaza amateka y'urujya n'uruza rw'abantu ku buryo budasanzwe, bifasha abakozi ba O&M kubona vuba amakosa y'urusobe rw'itumanaho/ibibazo by'umutekano.
Ibiranga by'ingenzi bikoreshwa: Guteranya/Gukwirakwiza ibinyabiziga, Gukuraho imiyoboro y'amazi, Kumenya porogaramu ya DPI, Kugaragara kw'ibinyabiziga mu buryo bwinshi, Gusesengura amakosa neza.
BijyanyeUmuhuzabikorwa w'amapaki y'itumanaho
Sura kugira ngo umenye byinshi:https://www.mylinking.com/mylinking-network-packet-broker-plus-inline-bypass-switch-ml-npb-m2000-product/
BijyanyeGuhindura mu buryo bw'umurongo (Inline Bypass Switch)
Sura kugira ngo umenye byinshi:https://www.mylinking.com/mylinking-network-packet-broker-plus-inline-bypass-switch-ml-bypass-m2000-product/
Igihe cyo kohereza: Mata-07-2026
