Muri iki gihe, ahantu hagoye, hihuta cyane kandi hakunze kuba hifashishijwe uburyo bwa "encryption", kugera ku bushobozi bwo kugaragara neza ni ingenzi cyane mu bijyanye n'umutekano, kugenzura imikorere no kubahiriza amategeko.Abahuza ba Network Packet (NPBs)zavuye ku gukora porogaramu zoroshye za TAP zijya ku mbuga zigezweho kandi zifite ubwenge, zikenewe cyane mu gucunga amakuru menshi y’urujya n’uruza rw’abakoresha no kugenzura no gucunga umutekano. Dore incamake y’uburyo zikoreshwa n’ibisubizo byazo by’ingenzi:
Ikibazo cy'ingenzi NPBs zikemura:
Imiyoboro igezweho itera urujya n'uruza rw'abantu benshi. Guhuza ibikoresho by'ingenzi by'umutekano n'igenzura (IDS/IPS, NPM/APM, DLP, forensic) ku miyoboro y'itumanaho (binyuze kuri SPAN ports cyangwa TAPs) ntabwo bikora neza kandi akenshi ntibishoboka bitewe na:
1. Gukoresha ibikoresho byinshi: Ibikoresho birengerwa n'urujya n'uruza rw'abantu bitari ngombwa, bigatakaza udupaki tw'ibikoresho ndetse bikabura n'ibibazo.
2. Kudakora neza kw'ibikoresho: Ibikoresho bisesagura umutungo bitunganya amakuru abiri cyangwa atari ngombwa.
3. Topology Igoye: Imiyoboro ikwirakwijwe (Ibigo by'amakuru, Ibicu, Ibiro by'amashami) ituma igenzura rusange rigorana.
4. Ahantu hatagaragara uburyo bwo gushakisha amakuru: Ibikoresho ntibishobora kugenzura urujya n'uruza rw'abantu banditse amakuru (SSL/TLS) badakoresheje uburyo bwo kuyasesengura.
5. Umutungo Mfatiro wa SPAN: Imbuga za SPAN zikoresha umutungo wa switch kandi akenshi ntizishobora guhangana n'urujya n'uruza rw'abantu ku murongo wose.
Igisubizo cya NPB: Ubuvuzi bw'ikoranabuhanga mu bijyanye n'imihanda
NPB ziri hagati y’aho TAPs/SPAN zikorera n’ibikoresho byo kugenzura/kurinda. Zikora nk'"abapolisi b'abanyamaguru" b'abanyabwenge, bakora ibi bikurikira:
1. Guteranya: Huza urujya n'uruza rw'abantu baturutse ku mahuza menshi (afatika, asanzwe) mu ma feed ahujwe.
2. Gushungura: Kohereza gusa abantu bareba ibikoresho runaka hashingiwe ku bipimo ngenderwaho (IP/MAC, VLAN, protocole, port, application).
3. Kugabanya Imitwaro: Gukwirakwiza urujya n'uruza rw'abantu ku buryo bungana mu buryo butandukanye bw'igikoresho kimwe (urugero, sensors za IDS zigizwe n'amatsinda) kugira ngo birusheho kwaguka no gukomera.
4. Gukuraho: Kuraho kopi zisa z'udupaki twafashwe ku miyoboro idasa.
5. Gukata Paketi: Gukata pakiti (gukuraho umutwaro) mu gihe ubika imitwe, ugabanye uburyo bwo gukoresha amakuru ku bikoresho bikenera gusa amakuru.
6. Gukuraho uburiganya bwa SSL/TLS: Guhagarika amasomo yo gushingura amakuru (ukoresheje imfunguzo), kwerekana uburyo bwo gushakisha amakuru asobanutse neza ku bikoresho byo kugenzura, hanyuma ukongera kuyashingura.
7. Gukoporora/Gucapa byinshi: Ohereza umurongo umwe w'abakoresha ibikoresho byinshi icyarimwe.
8. Gutunganya mu buryo bugezweho: Gukuramo amakuru, gukora uruziga, gushyiramo igihe, gupfuka amakuru y’ingenzi (urugero, PII).
Shaka hano kugira ngo umenye byinshi kuri iyi moderi:
Umuhuzabikorwa wa Pake ya Mylinking™ Network (NPB) ML-NPB-3440L
16 * 10/100/1000M RJ45, 16 * 1/10GE SFP+, 1 * 40G QSFP na 1 * 40G/ 100G QSFP28, ntarengwa 320Gbps
Uburyo burambuye bwo gukoresha no gusubiza ibibazo:
1. Kongera uburyo bwo kugenzura umutekano (IDS/IPS, NGFW, Threat Intel):
○ Ishusho: Ibikoresho by'umutekano birengerwa n'ubwinshi bw'imodoka zigenda zinyura mu Burasirazuba zijya mu Burengerazuba mu kigo cy'amakuru, zigatakaza udupaki ndetse n'ibintu bibangamira ingendo zo ku ruhande. Inzira zihishe zihisha imizigo mibi.
○ Igisubizo cya NPB:Guhuza urujya n'uruza rw'abantu baturutse ku miyoboro y'ingenzi ya DC.
* Shyiraho filters z'ibice bikekwaho kugira ngo wohereze gusa ibice by'inzira bikekwaho (urugero, imiyoboro idasanzwe, subnet zihariye) kuri IDS.
* Gushyiramo ubwinshi bw'ibikoresho bya IDS mu itsinda ry'ibikoresho bya IDS.
* Kora decryption ya SSL/TLS hanyuma wohereze abantu banditse neza kuri platform ya IDS/Threat Intel kugira ngo bayigenzure neza.
* Kuramo urujya n'uruza rw'abantu mu nzira zidasanzwe.Ibisubizo:Igipimo cyo hejuru cyo kubona ibitera impanuka, kugabanuka kw'ibitari byo, gukoresha neza umutungo wa IDS.
2. Kunoza Igenzura ry'Imikorere (NPM/APM):
○ Ishusho: Ibikoresho byo kugenzura imikorere ya Network biragorwa no guhuza amakuru aturuka ku mirongo amagana yatatanye (WAN, ibiro by'amashami, cloud). Gufata paki yose kuri APM birahenze cyane kandi bisaba bandwidth nyinshi.
○ Igisubizo cya NPB:
* Guhuza urujya n'uruza rw'abantu bava kuri TAPs/SPANs zitatanye mu turere tunyuranye ujya ku mwenda wa NPB uri hagati.
* Kuyungurura urujya n'uruza rw'abantu kugira ngo wohereze gusa porogaramu zijyanye n'urujya n'uruza (urugero, VoIP, SaaS y'ingenzi) ku bikoresho bya APM.
* Koresha uburyo bwo gukata paki ku bikoresho bya NPM bikenera cyane cyane amakuru y'igihe cyo gukoresha itumanaho/ibikorwa (imitwe), bigabanye cyane ikoreshwa rya bandwidth.
* Kongeramo ibipimo by'ingenzi by'imikorere ku bikoresho bya NPM na APM.Ibisubizo:Uburyo bwose bugaragara, uburyo bwo kureba imikorere bujyanye n'ibyo, ikiguzi cy'ibikoresho cyagabanutse, amafaranga y'ikoreshwa rya bandwidth yagabanutse.
3. Uburyo bwo Kugaragara mu Bicu (Buri wese/Ibyigenga/Ibyivanze):
○ Ingero: Kutagira uburyo bwo gukoresha TAP mu bicu rusange (AWS, Azure, GCP). Kugorwa no gufata no kuyobora imashini/ibigega bikoresha ikoranabuhanga mu bikoresho by’umutekano no kugenzura.
○ Igisubizo cya NPB:
* Shyira NPB zisanzwe (vNPBs) mu bidukikije by'ibicu.
* VNPBs zikoresha uburyo bwa virtual switch traffic (urugero, binyuze kuri ERSPAN, VPC Traffic Mirroring).
* Kuyungurura, guhuza, no kuringaniza imitwaro y'ibicu mu burasirazuba-iburengerazuba no mu majyaruguru-epfo.
* Kohereza amakuru ajyanye n'ibyo ureba mu buryo bwizewe ugana kuri NPB cyangwa ibikoresho byo kugenzura bishingiye ku bicu.
* Huza na serivisi zo kubona ibintu mu buryo bwa "cloud-native".Ibisubizo:Imiterere y'umutekano ihoraho no kugenzura imikorere mu bidukikije bivanze, birwanya imbogamizi zo kubona ibicu.
4. Gukumira ibura ry'amakuru (DLP) no kubahiriza amategeko:
○ Ishusho: Ibikoresho bya DLP bigomba kugenzura urujya n'uruza rw'abantu basohoka kugira ngo barebe amakuru y'ibanga (PII, PCI) ariko byuzuyemo urujya n'uruza rw'abantu badafite aho ruhuriye n'ibyo basura. Gukurikiza amategeko bisaba kugenzura urujya n'uruza rw'amakuru runaka rugenzurwa.
○ Igisubizo cya NPB:
* Hindura urujya n'uruza rw'abantu kugira ngo wohereze gusa inzira zisohoka (urugero, zigenewe interineti cyangwa abafatanyabikorwa runaka) kuri moteri ya DLP.
* Shyiraho igenzura ryimbitse ry’amakuru (DPI) kuri NPB kugira ngo umenye ubwoko bw’amakuru agenzurwa kandi uyashyire imbere mu gikoresho cya DLP.
* Shyira amakuru y'ingenzi mu gapfukamunwa (urugero, nimero z'amakarita y'inguzanyo) mu mapakimberekohereza ku bikoresho byo kugenzura bidahambaye cyane kugira ngo harebwe uburyo bwo kubahiriza amategeko.Ibisubizo:Imikorere ya DLP irushaho kuba myiza, kugabanya amakosa y’impimbano, kugenzura amategeko byihuse, no kunoza ubuzima bwite bw’amakuru.
5. Ubushakashatsi ku mikorere y'ikoranabuhanga no gukemura ibibazo:
○ Ingero: Gusuzuma ikibazo cy’imikorere kigoye cyangwa kutumvikana bisaba gufata paki yose (PCAP) uhereye ku ngingo nyinshi uko igihe kigenda gihita. Gufata ibintu n'intoki biratinda; kubika byose ntabwo ari ingirakamaro.
○ Igisubizo cya NPB:
* NPB zishobora gukumira urujya n'uruza rw'abantu mu buryo buhoraho (ku muvuduko w'umurongo).
* Gushyiraho ibitera ibibazo (urugero, imiterere y'ikosa runaka, kwiyongera kw'urujya n'uruza rw'abantu, imenyesha ry'ibitero) kuri NPB kugira ngo ifate urujya n'uruza rw'abantu ku gikoresho gifata paki gihujwe.
* Kuyungurura mbere y'igihe ibinyabiziga byoherejwe mu gikoresho cyo gufata amakuru kugira ngo bibike gusa ibikenewe.
* Kongera umurongo w'ingenzi w'imodoka ku gikoresho cyo gufata amakuru nta ngaruka ku bikoresho byo gukora.Ibisubizo:Gukemura ikibazo byihuse (MTTR) ku bijyanye n'ibura ry'ibikoresho/ibitagenda neza, ifatwa ry'amadosiye y'ubucamanza, igabanuka ry'ikiguzi cyo kubika.
Ibitekerezo ku ishyirwa mu bikorwa n'ibisubizo:
○Uburyo bwo kwaguka: Hitamo NPB zifite ubucucike buhagije bwa port n'umuvuduko uhagije (1/10/25/40/100GbE+) kugira ngo uhuze n'urujya n'uruza rw'abantu ruriho ubu n'uruza. Chassis ya modular ikunze gutanga uburyo bwiza bwo kwaguka. NPB za virtual zikura mu buryo bworoshye mu bicu.
○Ubushobozi bwo guhangana n'ibibazo: Shyiraho NPB zidafite akamaro (HA pairs) n'inzira zidafite akamaro zijya ku bikoresho. Menya neza ko imiterere y'ibikoresho ihuye. Koresha uburyo bwo guhuza NPB kugira ngo ushobore guhangana n'ibibazo.
○Ubuyobozi n'Ubukorabuhanga: Konsole z'ubuyobozi zihuriweho ni ingenzi cyane. Shaka API (RESTful, NETCONF / YANG) kugira ngo zihuzwe na porogaramu zo gutunganya (Ansible, Puppet, Chef) na sisitemu za SIEM / SOAR kugira ngo ubone impinduka za politiki zishingiye ku matangazo.
○Umutekano: Shinga urubuga rwo gucunga NPB. Genzura neza uburyo bwo kwinjira. Niba ukuraho uburyo abantu basura urubuga, menya neza politiki zikomeye zo gucunga urubuga n'imiyoboro ihamye yo kohereza urubuga. Tekereza guhisha amakuru y'ingenzi.
○Guhuza Ibikoresho: Menya neza ko NPB ishyigikira uburyo ibikoresho bikoreshwa (uburyo bufatika/bukoresha ikoranabuhanga, protocole). Emeza ko ibikoresho bihuye n'ibisabwa byihariye.
Rero,Abahuza ba Network PacketNtabwo bikiri ibintu by'agaciro gakomeye; ni ibice by'ingenzi by'ibikorwa remezo kugira ngo imiyoboro igaragare neza muri iki gihe. Mu guhuza, gushungura, kuringaniza imizigo, no gutunganya urujya n'uruza rw'abantu mu buryo bw'ubwenge, NPBs ziha ubushobozi ibikoresho by'umutekano n'igenzura bwo gukora neza no mu buryo bwiza. Zisenya silos zo kubona, zigatsinda imbogamizi zo gupima no gusiba amakuru, kandi amaherezo zigatanga uburyo bwo gusesengura imiyoboro, zigatuma habaho imikorere myiza, zikubahiriza amabwiriza yo kubahiriza amategeko, kandi zigakemura ibibazo vuba. Gushyira mu bikorwa ingamba zikomeye za NPB ni intambwe ikomeye mu kubaka umuyoboro ugaragara neza, ufite umutekano kandi uhamye.
Igihe cyo kohereza: Nyakanga-07-2025
