Muri iki gihe, aho interineti ikoreshwa cyane, ni ngombwa gushyiraho ingamba zikomeye zo kurinda abakoresha kwinjira ku mbuga za interineti zishobora kuba mbi cyangwa zitari zo. Uburyo bumwe bwiza ni ugushyiraho Network Packet Broker (NPB) kugira ngo ikurikirane kandi igenzure urujya n'uruza rw'abakoresha interineti.
Reka turebere hamwe uko NPB ishobora gukoreshwa muri iyi ntego:
1- Umukoresha yinjira ku rubuga rwa interineti: Umukoresha agerageza kwinjira ku rubuga rw'urubuga akoresheje igikoresho cye.
2- Amapaki anyuramo akorwa nk'ukoGukanda mu buryo butihuta: Uko ubusabe bw'umukoresha bunyura kuri interineti, Passive Tap ikora kopi y'amapaki, bigatuma NPB isesengura urujya n'uruza rw'abantu idahagaritse itumanaho ry'umwimerere.
3- Umuhuzabikorwa wa Network Packet yohereza abantu bakurikira kuri Seriveri ya Politiki:
- HTTP GET: NPB igaragaza ubusabe bwa HTTP GET hanyuma ikabwohereza kuri Seriveri ya Politiki kugira ngo igenzurwe kurushaho.
- HTTPS TLS Client Muraho: Ku bijyanye n'urujya n'uruza rwa HTTPS, NPB ifata paki ya TLS Client Hello hanyuma ikayohereza kuri Seriveri ya Politiki kugira ngo imenye urubuga rw'aho ijya.
4- Seriveri y'amategeko igenzura niba urubuga rwakoreshejwe ruri ku rutonde rw'abatarubona: Seriveri y’Igenamigambi, ifite ububiko bw’amakuru bw’imbuga za interineti zizwiho ubugizi bwa nabi cyangwa zidakwiye, igenzura niba urubuga rwasabwe ruri ku rutonde rw’abatarubona.
5- Iyo urubuga ruri ku rutonde rw'abatarubona, Seriveri ya Politiki yohereza paki ya TCP Reset:
- Ku mukoresha: Seriveri ya Politiki yohereza paki ya TCP Reset irimo IP y'urubuga na IP y'aho umukoresha aherereye, bigahagarika neza umurongo umukoresha ahurira n'urubuga rwashyizwe ku rutonde rw'ababura.
- Ku rubuga rwa interineti: Seriveri ya Politiki kandi yohereza paki ya TCP Reset irimo IP y'umukoresha na IP y'aho urubuga ruherereye, igaca umurongo uva ku rundi ruhande.
6- Kohereza HTTP (niba abantu basura urubuga ari HTTP): Niba icyifuzo cy'umukoresha cyatanzwe binyuze kuri HTTP, Seriveri ya Politiki nayo yohereza HTTP ku mukoresha, imwohereza ku rubuga rwizewe kandi rusimbura urundi.
Mu gushyira mu bikorwa iki gisubizo hakoreshejwe Network Packet Broker na Policy Server, imiryango ishobora kugenzura no kugenzura neza uburyo abakoresha bakoresha imbuga za internet zashyizwe ku rutonde rw’abatazikoresha, ikarinda imiyoboro yabo n’abayikoresha kwangirika.
Umuhuzabikorwa w'amapake y'umuyoboro (NPB)Izana urujya n'uruza rw'abantu baturutse ahantu henshi kugira ngo barusheho gushungura kugira ngo bifashe kuringaniza imitwaro y'urujya n'uruza rw'abantu, gukata no gupfuka ubushobozi. NPB zoroshya guhuza urujya n'uruza rw'abantu baturutse ahantu hatandukanye, harimo za router, switch, na firewalls. Iyi gahunda yo guhuza ikora umurongo umwe, byoroshya isesengura n'igenzura ry'ibikorwa bya network. Ibi bikoresho byoroshya kandi gushungura urujya n'uruza rw'abantu ku giti cyabo, bigatuma ibigo byibanda ku makuru akenewe haba mu isesengura no mu mutekano.
Uretse ubushobozi bwazo bwo guhuza no gushungura, NPB zigaragaza uburyo bwo gukwirakwiza amakuru ku miyoboro y’itumanaho hakoreshejwe uburyo bwo kugenzura no gucunga umutekano mu buryo bw’ubwenge. Ibi bituma buri gikoresho cyakira amakuru akenewe kitabanje kubishyiramo amakuru adafite ishingiro. Uburyo bwo guhuza amakuru ya NPB bugera ku kunoza urujya n’uruza rw’itumanaho, bujyanye n’ubushobozi n’ubushobozi bwihariye bw’ibikoresho bitandukanye byo kugenzura no gucunga umutekano. Uku kunoza amakuru bitera ikoreshwa neza ry’umutungo mu bikorwa remezo by’itumanaho.
Ibyiza by'ingenzi by'ubu buryo bwa Network Packet Broker birimo:
- Kugaragara neza: Ubushobozi bwa NPB bwo kwigana urujya n'uruza rw'itumanaho butuma habaho kureba neza itumanaho ryose, harimo n'uruza rwa HTTP na HTTPS.
- Igenzura ry'ibinure: Ubushobozi bwa Seriveri ya Politiki bwo gukomeza gushyira urutonde rw'abajura no gufata ingamba zigamije, nko kohereza paki za TCP Reset na HTTP redirects, butanga ububasha busesuye ku buryo abakoresha bagenzura imbuga za interineti batifuza.
- Gushobora kwaguka: Uburyo NPB ikoresha neza mu gucunga urujya n'uruza rw'imiyoboro y'itumanaho, butuma iki gisubizo cy'umutekano gishobora kwagurwa kugira ngo gihuze n'ibyo abakoresha bakenera biyongera ndetse n'ubukana bw'imiyoboro y'itumanaho.
Binyuze mu gukoresha imbaraga za Network Packet Broker na Policy Server, ibigo bishobora kongera umutekano wabyo mu mikorere no kurinda abakoresha babo ingaruka ziterwa no kwinjira ku mbuga za interineti zashyizwe ku rutonde rw’abatemerewe gukoresha.
Igihe cyo kohereza: Kamena-28-2024
