1- Ni iki gikoresho cyo gupima umutima gisobanura?
Udupaki tw’umutima twa Mylinking™ Network Tap Bypass Switch dusanzwe tujya kuri Ethernet Layer 2 frames. Mu gihe ukoresha uburyo bwa transparent Layer 2 bridging mode (nka IPS / FW), Layer 2 Ethernet frames zikunze koherezwa, gufungwa cyangwa gutabwa. Muri icyo gihe, Mylinking™ Network Tap Bypass Switch ishyigikira imiterere y’ubutumwa bw’umutima bwite kugira ngo ihuze n’ikibazo cy’uko bimwe mu bikoresho byihariye by’umutekano bidashobora kohereza frames zisanzwe za Layer 2 Ethernet.
Kandi Mylinking™ Network Tap Bypass Switch inashyigikira uburyo bwo kumenya paki y'umutima hashingiwe ku nyuguti za VLAN, ubwoko bw'ubutumwa bwa Layer 3 na Layer 4. Hashingiwe kuri ubu buryo, umukoresha ashobora gushyira mu bikorwa uburyo bwo gusuzuma umutekano w'igikoresho cy'umutekano cyo guhuza kugira ngo kirusheho gukora neza kugira ngo serivisi z'umutekano zijyanye nacyo zikore neza.
Mylinking™ Network Tap Bypass Switch ishobora gushyigikira monitor yo kohereza paki zitandukanye z'umutima mu byerekezo byombi. Urugero, paki z'umutima zo mu bwoko bwa TCP na UDP zikozwe ku buryo bwihariye kuri "Strategy Traction Protector", hakurikijwe umwihariko w'igikoresho cya serial. Ushobora gushyiraho uburyo bwo kohereza paki za TCP z'umutima kuri uplink monitor A port no kohereza paki za UDP z'umutima kuri downlink monitor B port kugira ngo ihuze n'uburyo bwo kohereza ubutumwa bw'igikoresho cya serial security. Iyi mikorere ishobora kwemeza neza umugozi. Huza ibikoresho by'umutekano ku mikorere isanzwe.
Mylinking™ Network Inline Bypass Switch yakorewe ubushakashatsi kandi igakorwa kugira ngo ikoreshwe mu gushyira mu bikorwa ibikoresho bitandukanye by’umutekano mu buryo bworoshye, mu gihe itanga uburyo bwo kwizerwa cyane.
2-Network Inline Bypass Switch Ibiranga n'ikoranabuhanga bigezweho
Uburyo bwo Kurinda bwa Mylinking™ “SpecFlow” n'ikoranabuhanga rya “FullLink”
Ikoranabuhanga ryo Kurinda Guhindura Inzira mu Buryo bwihuse bwa Mylinking™
Ikoranabuhanga rya Mylinking™ “LinkSafeSwitch”
Ikoranabuhanga rya Mylinking™ “WebService” rijyanye n'ingamba zihindagurika zo kohereza no gutanga amakuru
Ikoranabuhanga ryo Gutahura Ubutumwa bw'Umutima rya Mylinking™
Ikoranabuhanga rya Mylinking™ Definible Heartbeat Ubutumwa
Ikoranabuhanga ryo Kugabanya Umutwaro rya Mylinking™ Multi-link
Ikoranabuhanga ryo gukwirakwiza ibinyabiziga mu buryo bw'ubwenge bwa Mylinking™
Ikoranabuhanga rya Mylinking™ Dynamic Load Balancing
Ikoranabuhanga rya Mylinking™ ryo gucunga kure (HTTP/WEB, TELNET/SSH, "EasyConfig/AdvanceConfig")
Porogaramu ya 3-Network Inline Bypass Switch (nk'uko bikurikira)
3.1 Ingaruka z'ibikoresho by'umutekano biri kuri interineti (IPS / FW)
Ibi bikurikira ni uburyo busanzwe bwa IPS (Intrusion Prevention System), uburyo bwa FW (Firewall), IPS / FW ishyirwa ku bikoresho bya interineti (routers, switches, nibindi) hagati y’urujya n’uruza rw’abantu binyuze mu ishyirwa mu bikorwa ry’igenzura ry’umutekano, hakurikijwe politiki y’umutekano ijyanye nabyo kugira ngo hamenyekane uburyo bwo kurekura cyangwa guhagarika urujya n’uruza rw’abantu, kugira ngo hagerwe ku ngaruka zo kurinda umutekano.
Muri icyo gihe, dushobora kubona IPS / FW nk'uburyo ibikoresho bishyirwa mu buryo bw'uruhererekane, akenshi bigashyirwa ahantu fatizo h'umuyoboro w'ikigo kugira ngo bishyire mu bikorwa umutekano w'uruhererekane, ubwizerwe bw'ibikoresho byayo bihujwe bigira ingaruka zitaziguye ku mikoreshereze y'umuyoboro w'ikigo muri rusange. Iyo ibikoresho bishyirwa mu buryo bw'uruhererekane byuzuye, bigacika, bigahinduka porogaramu, bigavugurura politiki, nibindi, imikoreshereze y'umuyoboro w'ikigo cyose izahinduka cyane. Muri iki gihe, binyuze gusa mu gukata umuyoboro, dukoresha uburyo bwa "physical bypass jumper" dushobora gutuma umuyoboro usubizwamo, bigira ingaruka zikomeye ku bwizerwe bw'umuyoboro. IPS / FW n'ibindi bikoresho bishyirwa mu buryo bw'uruhererekane ku ruhande rumwe binoza uburyo umutekano w'umuyoboro w'ikigo ushyirwa mu bikorwa, ku rundi ruhande bigabanya kandi uburyo imiyoboro y'ikigo ishyirwa mu bikorwa, bikongera ibyago byo kuba umuyoboro utaboneka.
3.2 Uburinzi bw'ibikoresho bya Inline Link Series
"Network Inline Bypass" ya Mylinking™ ishyirwa mu buryo bukurikiranye hagati y'ibikoresho by'umuyoboro (routers, switches, nibindi), kandi urujya n'uruza rw'amakuru hagati y'ibikoresho by'umuyoboro ntirukomeza kugera kuri IPS / FW, "Network Inline Bypass" kuri IPS / FW, iyo IPS / FW bitewe no kurenza urugero, kugwa, kuvugurura porogaramu, kuvugurura politiki n'izindi mpamvu zo gutsindwa, "Network Inline Bypass" binyuze mu buryo bw'ubwenge bwo kumenya ubutumwa bw'umutima. Imikorere yo kuvumbura ubutumwa ku gihe, bityo ikarenga igikoresho gifite ikibazo, idahagaritse intego y'umuyoboro, ibikoresho byihuse by'umuyoboro bihujwe neza kugira ngo birinde umuyoboro usanzwe w'itumanaho; iyo IPS / FW inaniwe gusubirana, ariko nanone binyuze mu mapaki y'ubwenge yo kumenya imikorere. Kumenya imikorere ku gihe, umurongo w'umwimerere wo kugarura umutekano w'igenzura ry'umutekano w'umuyoboro w'ikigo.
Mylinking™ “Network Inline Bypass” ifite ubushobozi bwo kumenya ubutumwa bw’umutima bukoresha ubwenge, umukoresha ashobora guhindura igihe umutima utera n’umubare ntarengwa w’ibizamini byo gusubiramo, binyuze mu butumwa bwihariye bw’umutima kuri IPS / FW kugira ngo habeho isuzuma ry’ubuzima, nko kohereza ubutumwa bwo kugenzura umutima kuri IPS / FW, hanyuma ukabona ubutumwa buturutse kuri IPS / FW, hanyuma ugasuzuma niba IPS / FW ikora neza binyuze mu kohereza no kwakira ubutumwa bw’umutima.
3.3 Politiki ya "SpecFlow" yo kurinda uruhererekane rw'imiyoboro y'amashanyarazi
Iyo igikoresho cy’umutekano gikeneye gusa guhangana n’umutekano wihariye w’urujya n’uruza rw’imodoka, binyuze mu buryo bwa Mylinking™ "Network Inline Bypass" bwo kugenzura urujya n’uruza rw’imodoka buri gihe, binyuze mu ngamba zo gusuzuma urujya n’uruza rw’imodoka kugira ngo gihuze igikoresho cy’umutekano ""Urujya n’uruza rw’imodoka rusubijwe ku murongo w’itumanaho, kandi "igice cy’uruza rw’imodoka" kireba "ni ugufata igikoresho cy’umutekano kiri ku murongo kugira ngo gikore igenzura ry’umutekano. Ibi ntibizakomeza gusa gukoresha neza imikorere y’igikoresho cy’umutekano, ahubwo bizanagabanya urujya n’uruza rw’ibikoresho by’umutekano kugira ngo bihangane n’umuvuduko; icyarimwe, "Network Inline Bypass" ishobora kumenya imikorere y’igikoresho cy’umutekano mu gihe nyacyo. Igikoresho cy’umutekano gikora mu buryo budasanzwe kinyura mu buryo butaziguye urujya n’uruza rw’amakuru kugira ngo hirindwe ko serivisi y’umuyoboro yahungabanywa.
3.4 Uburinzi bw'uruhererekane rw'imizigo buringaniye
"Network Inline Bypass" ya Mylinking™ ishyirwa mu buryo butandukanye hagati y’ibikoresho bya interineti (routers, switches, nibindi). Iyo imikorere imwe ya IPS / FW idahagije kugira ngo ihangane n’urujya n’uruza rw’itumanaho, imikorere yo kuringaniza umutwaro w’urujya n’uruza rw’itumanaho rya interineti, "guhuza" urujya n’uruza rw’itumanaho rya interineti rya IPS / FW, bishobora kugabanya neza igitutu cyo gutunganya IPS / FW, kunoza imikorere rusange yo gutunganya kugira ngo ihuze n’umuvuduko munini w’ahantu ho kohereza.
Mylinking™ “Network Inline Bypass” ifite imikorere ikomeye yo kuringaniza umutwaro, hakurikijwe ikirango cya VLAN, amakuru ya MAC, amakuru ya IP, nimero ya port, protocole n'andi makuru ku ikwirakwizwa rya Hash ry’umutwaro mu kuringaniza umutwaro kugira ngo buri IPS / FW yakiriye ubuziranenge bwa Session y’umuvuduko w’amakuru.
3.5 Uburinzi bw'ibikoresho byinshi biri mu murongo (Hindura umurongo uhuza ibikoresho kuri parallel connection)
Muri zimwe mu mbuga z'ingenzi (nk'amasoko ya interineti, umurongo wo guhanahana amakuru ku gace ka seriveri), aho hantu akenshi haterwa n'ibikenewe ku bikoresho by'umutekano no gushyiraho ibikoresho byinshi byo gupima umutekano (nk'umuriro, ibikoresho byo kurwanya DDOS, umuriro wo kwirinda kwinjira muri porogaramu ya WEB, ibikoresho byo gukumira kwinjira, nibindi), ibikoresho byinshi byo kumenya umutekano icyarimwe mu buryo bukurikiranye kuri uwo murongo kugira ngo byongere umurongo w'aho ikintu kimwe cyangiritse, bigabanye icyizere rusange cy'umuyoboro. Kandi muri ibyo bikoresho by'umutekano byavuzwe haruguru byo gushyira ahagaragara kuri interineti, kuvugurura ibikoresho, gusimbuza ibikoresho n'ibindi bikorwa, bizatuma umuyoboro uhagarara igihe kirekire kandi umushinga munini ugahagarika ibikorwa byo kurangiza ishyirwa mu bikorwa ry'iyo mishinga neza.
Mu gushyira "Network Inline Bypass" mu buryo bumwe, uburyo bwo gushyiraho ibikoresho byinshi by’umutekano bihujwe mu buryo bukurikiranye ku murongo umwe bushobora guhinduka kuva kuri "physical concatenation mode" kugera kuri "physical concatenation, logical concatenation mode". Umurongo uri ku murongo w’ingingo imwe yo kunanirwa kunoza ubwizigirwa bw’umurongo, mu gihe "Network Inline Bypass" ku murongo ugenda ku gikenewe, kugira ngo hagerwe ku murongo umwe n’uburyo bw’umwimerere bwo gutunganya neza.
Ibikoresho by'umutekano birenze kimwe icyarimwe mu mbonerahamwe yo gushyira mu bikorwa:
Ishusho yo Gukoresha Interineti Inline Bypass Switch:
3.6 Hashingiwe ku ngamba zihamye zo kurinda umutekano wo gushakisha inzira z'imodoka
"Network Inline Bypass" Indi porogaramu igezweho ishingiye ku ngamba zihamye zo kugenzura umutekano w'imodoka, ikoreshwa ry'inzira nk'uko bigaragara hano hasi:
Fata ibikoresho byo gupima umutekano bya "Anti-DDoS attack protection and detection", urugero, binyuze mu gushyira imbere "Network Inline Bypass" hanyuma ibikoresho byo kurinda anti-DDOS hanyuma uhuzwe na "Network Inline Bypass", mu "Traction protector" isanzwe "ku mubare wose w'umuvuduko w'inzira y'imodoka icyarimwe n'indorerwamo y'amazi ijya kuri "anti-DDOS attack protection tool", iyo imaze kugaragara kuri seriveri ya IP (cyangwa segiteri ya IP network) nyuma y'igitero, igikoresho cyo kurinda ibitero cya anti-DDOS "kizakora amategeko ajyanye n'inzira y'imodoka kandi kiyohereze kuri "Network Inline Bypass" binyuze mu buryo bwo gutanga politiki ihindagurika. "Network Inline Bypass" ishobora kuvugurura "traffic traction dynamic" nyuma yo kwakira amategeko agenga politiki ihindagurika Itegeko rigenga "kandi ako kanya" rigakubita ibikoresho byo kurinda no gutahura bya seriveri y'igitero "traction to the" anti-DDoS attack protection, kugira ngo bikore neza nyuma y'igitero hanyuma bikongere gushyirwa muri network.
Gahunda yo gukoresha ishingiye kuri "Network Inline Bypass" iroroshye kuyishyira mu bikorwa kurusha uburyo busanzwe bwo gushyira inzira ya BGP cyangwa ubundi buryo bwo gukurura abantu, kandi ibidukikije ntibishingira cyane ku muyoboro kandi icyizere kiri hejuru.
"Network Inline Bypass" ifite ibi bikurikira kugira ngo ishyigikire uburyo bwo kurinda umutekano w'abantu ku buryo buhindagurika:
1, "Network Inline Bypass" kugira ngo bitange ibidakurikije amategeko ashingiye kuri interface ya WEBSERIVCE, byoroshye guhuza n'ibikoresho by'umutekano by'abandi.
2, "Network Inline Bypass" ishingiye kuri chip ya ASIC yohereza ubutumwa bugufi kugeza kuri paki za 10Gbps nta gufunga uburyo bwo kohereza ubutumwa, hamwe n'"isomero ry'amategeko agenga uburyo bwo kohereza ubutumwa" hatitawe ku mubare.
3, "Network Inline Bypass" imikorere y’umwuga ya BYPASS, nubwo umurinzi ubwe yananirwa, ashobora no kunyura ku murongo w’ibanze w’ibanze ako kanya, ntibigira ingaruka ku murongo w’ibanze w’itumanaho risanzwe.
Igihe cyo kohereza: Ukuboza-23-2021
