Ubugenzuzi bwimbitse (DPI)ni tekinoroji ikoreshwa mumiyoboro ya packet (npbs) kugenzura no gusesengura ibirimoro cyurusobe rwurugero. Harimo gusuzuma umushahara, imitwe, nizindi makuru yihariye mumapaki kugirango ubone ubushishozi burambuye murugendo.
DPI irenze imitwe yoroshye yo gusesengura kandi itanga imyumvire yimbitse yamakuru atemba kumurongo. Iremerera ubugenzuzi bwimbitse bwa Porotokole yo gusaba, nka http, FTP, SMTP, Voto, cyangwa protocole yoroshye. Mugusuzuma ibintu nyabyo mumapaki, DPI irashobora kumenya no kumenya porogaramu yihariye, protocole, cyangwa nuburyo bwihariye.
Usibye isesengura ryimirongo yinkomoko, aho yerekeza, ibyambu byimodoka, ibyambu byerekanwe, DPI nayo yongeyeho isesengura ryibiciro kugirango tumenye porogaramu zitandukanye nibirimo. Iyo paki ya 1p, TCP cyangwa UDP amakuru yanyuze muri sisitemu yo kuyobora ishingiye kuri tekinoroji ya DPI.
DPI ikora ite?
Fire ya Fire gakondo akenshi ibura imbaraga zo gutunganya kugirango igenzurwe neza-yubunini bwimodoka nini. Mugihe tekinoroji yihangana, DPI irashobora gukoreshwa mugukora igenzura ryinshi kugirango urebe imitwe namakuru. Mubisanzwe, firewall hamwe na sisitemu yo gutahura intera akenshi ikoresha DPI. Mw'isi aho amakuru ya digitale arimo kwifuza, buri gice cyamakuru ya digitale cyatanzwe kuri interineti mumapaki mato. Ibi birimo imeri, ubutumwa bwoherejwe binyuze muri porogaramu, imbuga zanduwe, ibiganiro bya videwo, nibindi byinshi. Usibye amakuru nyirizina, aya mapaki arimo metadata yerekana isoko yumuhanda, ibirimo, aho ujya, nandi makuru yingenzi. Hamwe nikoranabuhanga rya packket, amakuru arashobora gukurikiranwa kandi akabazwa kugirango yereke imbere ahantu heza. Ariko kugirango umutekano wurusobe, gushungura paki gakondo biri kure bihagije. Bumwe muburyo nyamukuru bwo kugenzura paki yimbitse mubuyobozi bwurusobe rwashyizwe ahagaragara hepfo:
Guhuza uburyo / umukono
Buri paki igenzurwa kugirango ihuze na data base ziterwa no kwibasirwa na firewall hamwe na sisitemu yo gutahura yinjira (IDS). Indangamuntu ishakisha uburyo buzwi bubi kandi buhagarika traffic mugihe habonetse uburyo bubi. Ibibi bya politiki yo guhuza umukono nuko bireba gusa imikono ikoreshwa kenshi. Byongeye kandi, iri koranabuhanga rirashobora kurengera gusa iterabwoba rizwi cyangwa ibitero.
Ibidasanzwe
Kubera ko tekinike idasanzwe itagaragaza gusa amakuru yose adahuye nububiko bwibitabo, protocol yubuhanga bukoreshwa na IDS Firewall ntabwo ifite inenge zidasanzwe zuburyo bwo kwerekana / uburyo bwo guhuza imikono. Ahubwo, ifata politiki isanzwe yo kwangwa. Ukurikije ibisobanuro bya protocole, firewalls hitamo ibyo traffic igomba kwemererwa no kurinda urusobe rwiterabwoba ritazwi.
Sisitemu yo gukumira (IP)
Ibisubizo by'i Ips birashobora guhagarika kwandura paki zangiza zishingiye kubirimo, bityo zigahagarara ibitero byahohotewe mugihe nyacyo. Ibi bivuze ko niba paki igereranya ibyago byumutekano bizwi, ips izakomeza guhagarika urujya n'uruza rushingiye ku mategeko asobanuwe. Ibibi bimwe bya IP nibyo bikenewe kuvugurura buri gihe ububiko bwa Cyber hamwe nibisobanuro birambuye kubyerekeye iterabwoba rishya, nibishoboka byo kubinyoma. Ariko akaga karashobora gutegurwa no gukora politiki yo guhana hamwe ninzego zifatika, zishyiraho imyitwarire ikwiye yo guhuza urusobe, kandi gusuzuma imiburo y'ibice, no gusuzuma ibyabaye kandi bivuga ibyabaye kugira ngo bigenzurwe no kubamenyesha.
1- Dpi (Ubugenzuzi bwimbitse) muburyo bwa paki
"Iterambere" ni urwego kandi isesengura rya papa risanzwe "
1) Isesengura rya Gusaba - Isesengura ryumuhanda ugizwe nisesengura, gusesengura imikorere, no gusesengura gutemba
2) Isesengura ryumukoresha - Isura ryumukoresha Isura, Isesengura ryimyitwarire, Isesengura rya Terminal, gusesengura ibimenyetso, nibindi
3) Isesengura ry'amavuta yo gusesengura - Isesengura rishingiye ku mico y'akarere (umujyi, akarere, umuhanda, n'ibindi) n'umutwaro wa base
4) kugenzura umuhanda - P2P Umuvuduko Wihuta, Qos Ibyiringiro, Amatsinda Yicyizere, Oxt Streatice Opticisation, nibindi
5) Ibyiringiro byumutekano - Ibitero bya DDOS, amakuru yamakuru yatangajwe numuyaga, gukumira ibitero bibi bya virusi, nibindi.
2- Rusange rusange
Muri iki gihe, hari porogaramu zitabarika kuri interineti, ariko gusaba urubuga rusange birashobora kunaniza.
Nkuko mbizi, isosiyete yemewe nziza ya porogaramu ni Huawei, ivuga ko kumenya porogaramu 4000. Isesengura rya protocole nigitekerezo cyibanze cyamasosiyete menshi ya firewall (Huawei, zte, etc.) Mu kwerekana kwerekana ibikoresho bya malware bishingiye kubiranga umuyoboro, nkuko nkora ubu, indangamuntu nziza kandi yagutse kandi nayo ni ngombwa cyane. Ukuyemo urujya n'uruza rw'ibicuruzwa rusange uhereye ku modoka yohereza ibicuruzwa hanze, traffic isigaye izabara umubare muto, icy'Imana nziza mu gusesengura malware.
Ukurikije uburambe bwanjye, porogaramu zisanzwe zikoreshwa zishyirwa mubikorwa ukurikije imikorere yabo:
PS: Ukurikije imyumvire yihariye yo gushyira mu bikorwa ibyiciro, ufite ibyifuzo byiza bikaze kugirango usige icyifuzo cyubutumwa
1). E-imeri
2). Video
3). Imikino
4). Ibiro OA Icyiciro
5). Kuvugurura software
6). Imari (Banki, ALIPAY)
7). Ububiko
8). Itumanaho ryimibereho (SOFTY)
9). Urubuga rushakisha (birashoboka ko rwamenyekanye na URLS)
10). Kuramo Ibikoresho (disiki y'urubuga, P2P Gukuramo, BT Bifitanye isano)
Noneho, mbega dpi (kugenzura kwinshi k'ipaki) bikora muri NPB:
1). Ifatwa rya Packet: NPB ifata urujya n'uruza ruturutse mu masoko atandukanye, nko kuzunguruka, router, cyangwa gukanda. Yakira paki itemba binyuze murusobe.
2). Packet Parsing: Ibipaki byafashwe byashizweho na NPB kugirango bakuremo ibice bitandukanye bya protocole hamwe namakuru ajyanye. Iyi mikorere ya parsing ifasha kumenya ibice bitandukanye mumakipe, nka ethernet imitwe, imitwe ya IP, imitwe yimodoka (urugero, TCP cyangwa UDP), no gusaba protocole.
3). Isesengura ryishura: Hamwe na DPI, NPB irenze umugenzuzi wumutwe kandi yibanda kuri paki, harimo amakuru nyayo mumapaki. Irasuzuma ibikubiyemo ni ubujyakuzimu, hatitawe kubisabwa cyangwa protocole ikoreshwa, kugirango akure amakuru.
4). Indangamuntu ya protokole: DPI ifasha NPB kugirango umenye protocole yihariye na porogaramu zikoreshwa mumodoka. Irashobora kumenya no gutondekanya protocole nka http, FTP, SMTP, DNS, voki, protocole yoroshye.
5). Ubugenzuzi bubiri: DPI yemerera NPB kugenzura ibikubiye mubipaki muburyo bwihariye, imikono, cyangwa ijambo ryibanze. Ibi bifasha kumenya iterabwoba ryurusobe, nka porogaramu, virusi, kugerageza kwinjira, cyangwa ibikorwa biteye amakenga. DPI irashobora kandi gukoreshwa muyungurura ibikubiye, shyira mu bikorwa politiki y'urusobe, cyangwa kumenya ihohoterwa rishingiye ku bijyanye no kubahiriza amakuru.
6). Metadata Gukuramo: Mugihe cya DPI, NPB ikuramo metadata ijyanye nipaki. Ibi birashobora kubamo amakuru nka sosiyete nicyerekezo cya IP ya Aderesi, nimero yicyambu, ibisobanuro birambuye, amakuru yubucuruzi, cyangwa ikindi kintu cyose cyingirakamaro.
7). Inzira nyabagendwa cyangwa kuyungurura: Ukurikije isesengura rya DPI, NPB irashobora kunyuramo paki yihariye kugirango igere kubindi bikoresho byo gutunganywa, nkibikoresho byumutekano, kugenzura ibikoresho, cyangwa ibikoresho bikurikirana. Irashobora kandi gukoresha amashusho yo kuyuzuzanya kugirango ajugunye cyangwa ayobora paki zishingiye kubirimo cyangwa imiterere.
Igihe cyohereza: Jun-25-2023
