Bitewe n'impinduka mu ikoranabuhanga, imiyoboro y'ibigo ntabwo ikiri "insinga nke zihuza mudasobwa." Bitewe n'ubwiyongere bw'ibikoresho bya IoT, kwimuka kwa serivisi zijya mu bicu, no kwiyongera kw'imirimo yo gukorera kure, urujya n'uruza rw'imiyoboro rwariyongereye cyane, nk'urujya n'uruza rw'imihanda minini. Ariko, uku kwiyongera kw'urujya n'uruza rw'imihanda nabyo bitera imbogamizi: ibikoresho by'umutekano ntibishobora gufata amakuru y'ingenzi, sisitemu zo kugenzura zirengerwa n'amakuru adafite ishingiro, kandi iterabwoba rihishe mu muyoboro wanditseho amakuru ntirimenyekane. Aha niho "umucungamutungo utagaragara" witwa Network Packet Broker (NPB) aza ari ingirakamaro. Ikora nk'ikiraro cy'ubwenge gihuza urujya n'uruza rw'imiyoboro n'ibikoresho byo kugenzura, ikemura urujya n'uruza rw'imiyoboro mu buryo butunguranye mu gihe itanga neza ibikoresho byo kugenzura amakuru bakeneye, ifasha ibigo gukemura ibibazo "bitagaragara kandi bitagerwaho". Uyu munsi, tuzatanga ubumenyi busesuye kuri uru ruhare rw'ingenzi mu mikorere no kubungabunga imiyoboro.
1. Kuki amasosiyete arimo gushaka NPBs ubu? — "Icyo umuntu akeneye kugaragara" mu miyoboro ikomeye
Tekereza kuri ibi: Iyo umuyoboro wawe ukoresha amagana ya za IoT devices, amagana ya za servers zo mu bicu, n'abakozi bawukoresha bari kure, ni gute wakwizeza ko nta muyoboro mubi winjiramo? Ni gute wamenya amasano ahuze kandi agatuma ibikorwa by'ubucuruzi bitihuta?
Uburyo busanzwe bwo kugenzura bwamaze igihe kirekire budahagije: ibikoresho byo kugenzura bishobora kwibanda gusa ku bice bimwe na bimwe by’urujya n’uruza rw’abantu, aho amakuru y’ingenzi abura; cyangwa se bigashyira urujya n’uruza rw’abantu bose icyarimwe, bigatuma rudashobora gusesengura amakuru kandi bigatinza imikorere y’isesengura. Byongeye kandi, kubera ko abarenga 70% by’abagenda muri uru rubuga ubu bashyizwe mu buryo bwa "hidden", ibikoresho bisanzwe ntibishobora kubona neza ibikubiye muri urwo rubuga.
Kugaragara kwa NPBs bikemura ikibazo cy' "kubura uburyo bwo kubona amakuru ku rubuga." Biba hagati y'aho abantu binjirira n'aho bakurikirana amakuru, bikusanyiriza hamwe amakuru atatanye, bigasesengura amakuru adafite ishingiro, hanyuma bigakwirakwiza amakuru nyayo kuri IDS (Intrusion Detection Systems), SIEMs (Security Information Management Platforms), ibikoresho byo gusesengura imikorere, n'ibindi. Ibi bituma ibikoresho byo kugenzura bitaba bishonje cyangwa ngo byuzure cyane. NPBs zishobora kandi gukuraho amakuru no kuyahisha, zirinda amakuru y'ibanga kandi zigaha ibigo incamake y'uko amakuru ahagaze kuri interineti.
Dushobora kuvuga ko ubu igihe cyose ikigo gifite umutekano w’umuyoboro, kunoza imikorere cyangwa ibisabwa kugira ngo gikurikize amategeko, NPB yabaye ingenzi cyane.
NPB ni iki? — Isesengura ryoroshye kuva ku bwubatsi kugeza ku bushobozi bw'ibanze
Abantu benshi batekereza ko ijambo "umuhuza w'amapaki" rifite imbogamizi ikomeye mu buryo bwa tekiniki ku kwinjira. Ariko, ikigereranyo cyoroshye ni ugukoresha "ikigo cyo gutondeka amakuru ajyanye n'ubutumwa bwa elegitoroniki": urujya n'uruza rw'amakuru ni "amapaki agezweho", NPB ni "ikigo cyo gutondeka amakuru," naho igikoresho cyo gukurikirana ni "ahantu ho kwakira amakuru." Akazi ka NPB ni ugukusanya amakuru atatanye (gukusanya amakuru), gukuraho amakuru adafite akamaro (gushungura amakuru), no kuyatondekanya hakurikijwe aderesi (gukwirakwiza amakuru). Ishobora kandi gupakurura no kugenzura amakuru yihariye (gukuraho amakuru ajyanye n'ubutumwa) no gukuraho amakuru yihariye (gukora massage) - igikorwa cyose kiba cyiza kandi gisobanutse.
1. Mbere na mbere, reka turebe "amagufwa" ya NPB: module eshatu z'ingenzi z'ubwubatsi
Imikorere ya NPB ishingiye gusa ku mikoranire y'izi module eshatu; nta na kimwe muri zo gishobora kubura:
○Uburyo bwo kugera ku muhanda: Bingana na "aho kohereza amakuru hifashishijwe ikoranabuhanga rigezweho" kandi by'umwihariko bikoreshwa mu kwakira urujya n'uruza rw'itumanaho ruturutse kuri "switch mirror port" (SPAN) cyangwa "splitter" (TAP). Nubwo byaba ari urujya n'uruza ruturutse kuri "physical link" cyangwa "virtual network", rushobora gukusanywa mu buryo bumwe.
○Moteri itunganya:Ubu ni bwo "bwonko bw'ibanze bw'ikigo cyo gutondekanya" kandi bushinzwe "gutunganya" by'ingenzi cyane - nko guhuza urujya n'uruza rw'abantu benshi (guteranya), gushungura urujya n'uruza rw'abantu bava mu bwoko runaka bwa IP (gushungura), gukoporora urujya n'uruza rw'abantu bamwe no kohereza ku bikoresho bitandukanye (gukoporora), gukuraho uburiganya bw'urujya n'uruza rw'abantu banditseho SSL/TLS (gusiba uburiganya), n'ibindi. "Ibikorwa byiza" byose birangirira hano.
○Igice cyo Gukwirakwiza: Ni nk'"umukozi w'iperereza" ukwirakwiza neza urujya n'uruza rw'abantu ku bikoresho bireba kandi akaba ashobora no gukora isuzuma ry'imizigo - urugero, niba igikoresho cyo gusesengura imikorere gihuze cyane, igice cy'urujya n'uruza rw'abantu kizashyirwa ku gikoresho cyo kwifashisha kugira ngo hirindwe ko igikoresho kimwe kirenga umutwaro.
2. "Ubushobozi bw'ibanze bukomeye" bwa NPB: imikorere 12 y'ibanze ikemura 90% by'ibibazo bya interineti
NPB ifite imirimo myinshi, ariko reka twibande ku ikoreshwa cyane n'ibigo. Buri imwe ijyanye n'ingorane ifatika:
○Gukurikirana / Guteranya Ibinyabiziga + GushunguraUrugero, niba ikigo gifite imiyoboro 10 y’itumanaho, NPB ibanza guhuza urujya n’uruza rw’imiyoboro 10, hanyuma igakuraho "udupaki tw’amakuru dukoporoye" na "urujya n’uruza rudafite aho ruhuriye" (nk'uruza rw’abakozi bareba amashusho), hanyuma yohereza gusa urujya n’uruza rw’imiyoboro ijyanye n’ubucuruzi ku gikoresho cyo gukurikirana - bikongera imikorere ku kigero cya 300%.
○Gukuraho uburiganya bwa SSL/TLS: Muri iki gihe, ibitero byinshi bibi bihishe muri HTTPS hifashishijwe uburyo bwa "encrypted traffic". NPB ishobora gukuraho ubu buryo mu buryo butaziguye, bigatuma ibikoresho nka IDS na IPS "bireba" ibikubiye muri ubwo buryo bwa "encrypted" no gufata ibintu bihishe nk'amakuru ya phishing na code mbi.
○Gupfuka amakuru / Gukuraho ubwiyongere bw'amakuru: Iyo abantu basura urubuga rwabo bafite amakuru y’ibanga nka nimero z’ikarita y’inguzanyo n’inomero z’ubwishingizi bw’imibereho myiza, NPB izahita "isiba" ayo makuru mbere yo kuyohereza mu gikoresho cyo kugenzura. Ibi ntibizagira ingaruka ku isesengura ry’igikoresho, ahubwo bizanakurikiza ibisabwa na PCI-DSS (kwiyandikisha mu kwishyura) na HIPAA (kwiyandikisha mu buvuzi) kugira ngo hirindwe ko amakuru yasohoka.
○Kugabanya Imitwaro + GutsindwaIyo ikigo gifite ibikoresho bitatu bya SIEM, NPB izakwirakwiza urujya n'uruza rw'abantu ku buryo bungana kugira ngo hirindwe ko hari igikoresho kimwe cyangirika. Iyo igikoresho kimwe cyananiwe, NPB izahita ihindura urujya n'uruza rw'abantu ikajya ku gikoresho cyo kwifashisha kugira ngo ikurikirane neza. Ibi ni ingenzi cyane cyane ku nganda nk'imari n'ubuvuzi aho igihe cyo kuruhuka kitemewe.
○Guhagarika Umuyoboro w'amazi: VXLAN, GRE n'izindi "Tunnel Protocols" ubu zikoreshwa cyane mu miyoboro y'ibicu. Ibikoresho gakondo ntibishobora gusobanukirwa izi protocole. NPB ishobora "gusenya" izi tunnels no gukuramo urujya n'uruza rw'abantu imbere, bigatuma ibikoresho bishaje bitunganya urujya n'uruza rw'abantu mu bicu.
Uruvange rw'ibi bintu rutuma NPB idakoresha "uburyo bwo kureba" gusa amakuru ahishe, ahubwo inashobora no "kurinda" amakuru y'ingenzi no "guhuza" n'ibidukikije bitandukanye bigoye by'urusobe rw'itumanaho - niyo mpamvu ishobora kuba igice cy'ingenzi.
III. NPB ikoreshwa he? — Ibintu bitanu by'ingenzi bikemura ibibazo by'ibigo nyabyo
NPB si igikoresho kimwe gikwiranye na byose; ahubwo, ihinduranya ibintu mu buryo bworoshye bitewe n'ibintu bitandukanye. Yaba ari ikigo cy'amakuru, umuyoboro wa 5G, cyangwa ibidukikije byo mu bicu, ibona porogaramu zisobanutse neza. Reka turebere hamwe ingero nke zisanzwe kugira ngo dusobanure iyi ngingo:
1. Ikigo cy'amakuru: Urufunguzo rwo kugenzura urujya n'uruza rw'abantu mu burasirazuba no mu burengerazuba
Ibigo bisanzwe by’amakuru byibanda gusa ku rujya n’uruza rw’abantu binjira mu majyaruguru ugana mu majyepfo (urujya n’uruza rw’abantu bava kuri seriveri bajya hanze). Ariko, mu bigo by’amakuru byakozwe mu buryo bwa virtualized, 80% by’urujya n’uruza rw’abantu ni iburasirazuba ugana mu burengerazuba (urujya n’uruza rw’abantu hagati y’imashini zikoresha ikoranabuhanga), ibikoresho bisanzwe bidashobora gufata. Aha niho NPBs zifasha:
Urugero, ikigo kinini cya interineti gikoresha VMware kugira ngo yubake ikigo cy’amakuru cya virtualised. NPB ihujwe na vSphere (urubuga rwo gucunga VMware) kugira ngo ifate neza urujya n’uruza rw’abantu hagati y’imashini za virtualise no kuyikwirakwiza kuri IDS n’ibikoresho by’imikorere. Ibi ntibikuraho gusa "gukurikirana ahantu hatagaragara," ahubwo binatuma ibikoresho birushaho gukora neza ku kigero cya 40% binyuze mu kuyungurura urujya n’uruza rw’abantu, bigaca mu buryo butaziguye ikigo cy’amakuru mo kabiri.
Byongeye kandi, NPB ishobora gukurikirana imitwaro ya seriveri no kwemeza ko amakuru yo kwishyura akurikije PCI-DSS, ikaba "igisabwa cy'ingenzi mu mikorere no kubungabunga" ku bigo by'amakuru.
2. SDN/NFV Environment: Inshingano zihindagurika zo guhuza na porogaramu zishingiye ku mikoranire
Ibigo byinshi ubu birimo gukoresha SDN (Software Defined Networking) cyangwa NFV (Network Function Virtualization). Imiyoboro ntabwo ikiri ibikoresho bihoraho, ahubwo ni serivisi za porogaramu zihindagurika. Ibi bisaba ko NPB zirushaho kuba nziza:
Urugero, kaminuza ikoresha SDN mu gushyira mu bikorwa "Bring Your Own Device (BYOD)" kugira ngo abanyeshuri n'abarimu bashobore guhuza umurongo wa kaminuza bakoresheje telefoni na mudasobwa zabo. NPB ihujwe na SDN controller (nka OpenDaylight) kugira ngo habeho kwitandukanya kw'imodoka hagati y'ahantu ho kwigisha n'aho ibiro biherereye mu gihe hakwirakwizwa neza urujya n'uruza rw'imodoka ziva muri buri gace zijya mu bikoresho byo kugenzura. Ubu buryo ntibugira ingaruka ku mikoreshereze y'abanyeshuri n'abarimu, kandi butuma hamenyekana ku gihe aho amakuru adasanzwe ahurira, nko kubona aderesi za IP mbi hanze ya kaminuza.
Ibyo ni ko bimeze no ku bidukikije bya NFV. NPB ishobora gukurikirana urujya n'uruza rw'insinga zo mu bwoko bwa virtual firewalls (vFWs) na virtual load balancers (vLBs) kugira ngo irebe ko izi "software devices" zikora neza, kandi zoroshye cyane kuruta uburyo bwa gakondo bwo kugenzura ibikoresho.
3. Imiyoboro ya 5G: Gucunga imiyoboro y'itumanaho n'iy'inkombe
Ibintu by'ingenzi biranga 5G ni "umuvuduko mwinshi, gutinda guke, n'imiyoboro minini", ariko ibi binazana imbogamizi nshya mu igenzura: urugero, ikoranabuhanga rya 5G ryo "gukata umuyoboro" rishobora kugabanya umuyoboro umwe w'ikoranabuhanga mu miyoboro myinshi isobanutse (urugero, igice cyo gutinda guke cyo gutwara wigenga n'igice kinini cyo guhuza IoT), kandi urujya n'uruza rw'abantu muri buri gice rugomba gukurikiranwa rwigenga.
Umukozi umwe yakoresheje NPB kugira ngo akemure iki kibazo: yashyizeho uburyo bwo kugenzura NPB bwigenga kuri buri gice cya 5G, butabasha kureba gusa igihe cyo gutinda no gukoresha buri gice mu gihe nyacyo, ahubwo bunashobora gukumira urujya n'uruza rw'abantu (nk'uburyo bwo kwinjira hagati y'ibice) mu buryo bwihuse, butuma ubucuruzi bw'ingenzi nko gutwara imodoka mu buryo bwigenga budasaba igihe kinini cyo gutinda.
Byongeye kandi, utudomo twa mudasobwa twa 5G edge computing dukwirakwiriye mu gihugu hose, kandi NPB ishobora no gutanga "version yoroheje" ishyirwa ku tudomo twa edge kugira ngo ikurikirane urujya n'uruza rw'abantu bakwirakwira no kwirinda gutinda guterwa no kohereza amakuru.
4. Ibidukikije mu bicu/ikoranabuhanga rivanze: Gukuraho inzitizi zo kugenzura ibicu bya leta n'iby'abikorera ku giti cyabo
Ibigo byinshi ubu bikoresha uburyo bwo guhuza ikoranabuhanga mu bicu—hari ibikorwa bimwe na bimwe bikorera kuri Alibaba Cloud cyangwa Tencent Cloud (ibicu rusange), bimwe bikorera kuri clouds zabyo bwite, ibindi bikorera kuri seriveri zo mu gace runaka. Muri iki gihe, urujya n'uruza rw'abantu rukwirakwira ahantu henshi, bigatuma gukurikirana byoroha guhagarika.
Banki y’Ubushinwa Minsheng ikoresha NPB kugira ngo ikemure iki kibazo: ubucuruzi bwayo bukoresha Kubernetes mu gushyiraho kontineri. NPB ishobora gufata urujya n’uruza rw’abantu hagati ya kontineri (Pods) no guhuza urujya n’uruza rw’abantu hagati ya seriveri z’ibicu n’ibicu byigenga kugira ngo ikore "gukurikirana kuva ku mpera kugeza ku mpera" - hatitawe ku kuba ubucuruzi buri mu bicu rusange cyangwa mu bicu byigenga, igihe cyose hari ikibazo cy’imikorere, itsinda rishinzwe ibikorwa n’imicungire y’ibikoresho rishobora gukoresha amakuru y’urujya n’uruza rw’abantu muri NPB kugira ngo rimenye vuba niba ari ikibazo kiri mu guhamagara hagati ya kontineri cyangwa gucucikana kw’ibicu, bityo bikongera ubushobozi bwo gusuzuma ku kigero cya 60%.
Ku bijyanye n’amakuru rusange y’abakodesha benshi, NPB ishobora kandi kwemeza ko habaho kwitandukanya kw’abakodesha hagati y’ibigo bitandukanye, gukumira ihungabana ry’amakuru, no kubahiriza ibisabwa n’inganda z’imari.
Mu gusoza: NPB si "amahitamo" ahubwo ni "ngombwa"
Nyuma yo gusuzuma ibi bintu, uzasanga NPB itakiri ikoranabuhanga ryihariye ahubwo ari igikoresho gisanzwe ku bigo kugira ngo bihangane n’imiyoboro igoye. Kuva ku bigo bitanga amakuru kugeza kuri 5G, kuva ku bicu byigenga kugeza ku ikoranabuhanga rivanze, NPB ishobora kugira uruhare aho hose hakenewe ko umuyoboro ugaragara.
Kubera ko ubuhanga bwa AI na edge computing bukomeje kwiyongera, urujya n'uruza rw'amakuru ruzarushaho kuba ingorabahizi, kandi ubushobozi bwa NPB buzarushaho kunozwa (urugero, gukoresha AI mu kumenya urujya n'uruza rudasanzwe no gutuma habaho uburyo bworoshye bwo guhuza node z'amakuru). Ku bigo, gusobanukirwa no gukoresha NPB hakiri kare bizabafasha gufata ingamba zo guhuza no kwirinda inzira zo guhindura ikoranabuhanga.
Ese wigeze uhura n'ibibazo byo kugenzura umuyoboro w'itumanaho mu nganda zawe? Urugero, ntushobora kubona urujya n'uruza rw'abantu rudasobanutse, cyangwa se gukurikirana ibicu bivanze bigahagarara? Sangiza ibitekerezo byawe mu gice cy'ibitekerezo hanyuma turebere hamwe ibisubizo.
Igihe cyo kohereza: 23 Nzeri 2025
