Umuhuzabikorwa w'amapaki y'itumanahoIbikoresho bitunganya urujya n'uruza rw'amakuru ku buryo ibindi bikoresho bigenzura, nk'ibyagenewe kugenzura imikorere ya Network no kugenzura ibijyanye n'umutekano, bishobora gukora neza kurushaho. Ibiranga birimo gushungura amapaki kugira ngo hamenyekane urwego rw'ibyago, imitwaro y'amapaki, no gushyiramo igihe gishingiye ku bikoresho.
Umuhanga mu by'umutekano w'imiyoboroyerekeza ku nshingano zijyanye n'imiterere y'umutekano w'ibicu, imiterere y'umutekano w'umuyoboro w'itumanaho, n'imiterere y'umutekano w'amakuru. Bitewe n'ingano y'ikigo, hashobora kuba hari umunyamuryango umwe ushinzwe buri domaine. Ubundi buryo, umuryango ushobora guhitamo umuyobozi. Uko byagenda kose, imiryango igomba kugaragaza ushinzwe no kuyiha ububasha bwo gufata ibyemezo by'ingenzi mu butumwa.
Isuzuma ry’Ibibazo by’Umuyoboro ni urutonde rwuzuye rw’uburyo ibitero by’imbere cyangwa ibyo hanze bishobora gukoreshwa mu guhuza umutungo. Isuzuma ryimbitse ryemerera umuryango gusobanura ibyago no kubigabanya binyuze mu kugenzura umutekano. Izi ngaruka zishobora kuba zirimo:
- Kudasobanukirwa neza gahunda cyangwa imikorere
- Sisitemu zigoye gupima urwego rw'ibyago
- sisitemu "zivanze" zihura n'ibibazo by'ubucuruzi n'ibya tekiniki
Gutegura isuzuma rifatika bisaba ubufatanye hagati y’ikoranabuhanga n’abafatanyabikorwa mu bucuruzi kugira ngo bumve urwego rw’ibyago. Gukorera hamwe no gushyiraho inzira yo gusobanukirwa ishusho rusange y’ibyago ni ingenzi kimwe n’ibyago bya nyuma.
Ubwubatsi bw'Inyubako za Zero Trust (ZTA)ni uburyo bwo kurinda umutekano w’umuyoboro bw’itumanaho bugaragaza ko bamwe mu basura umuyoboro ari abateje akaga kandi ko hari ahantu henshi ho kwinjira hadashobora kurindwa byuzuye. Bityo rero, rinda neza imitungo iri kuri umuyoboro aho kurinda umuyoboro ubwawo. Kubera ko bifitanye isano n’umukoresha, umukozi afata icyemezo cyo kwemeza buri busabe bwo kwinjira hashingiwe ku miterere y’ibyago bibarwa hashingiwe ku bintu bitandukanye nko gukoresha, aho uherereye, umukoresha, igikoresho, igihe, uburyo amakuru akoreshwa, n'ibindi. Nk'uko izina ribisobanura, ZTA ni imiterere, si ibicuruzwa. Ntushobora kuyigura, ariko ushobora kuyiteza imbere ushingiye ku bintu bimwe na bimwe bya tekiniki birimo.
Firewall y'umuyoboroni ibikoresho by’umutekano bikuze kandi bizwi cyane bifite urukurikirane rw’ibintu bigamije gukumira kugera kuri porogaramu z’ikigo na seriveri z’amakuru. Inkuta z’umutekano zitanga uburyo bworoshye bwo guhuza imiyoboro y’imbere n’ibicu. Kuri cloud, hari serivisi zishingiye ku bicu, ndetse n’uburyo bukoreshwa n’abatanga serivisi za IaaS kugira ngo bashyire mu bikorwa bimwe mu bushobozi.
Irembo rya SecurewebByavuye mu kunoza uburyo interineti ikoreshwa mu kurinda abakoresha ibitero bibi biva kuri interineti. Gushungura URL, kurwanya virusi, gusiba no kugenzura imbuga za interineti zikoreshwa kuri HTTPS, gukumira ihohoterwa rishingiye ku makuru (DLP), hamwe n’uburyo buke bwo kurinda umutekano w’abantu basura urubuga (CASB) ubu ni byo bintu bisanzwe.
Uburyo bwo kwinjira kureikoresha cyane VPN, ahubwo ikoresha cyane uburyo bwo kwinjira kuri zero-trust network (ZTNA), ibyo bigatuma abakoresha bashobora kugera kuri porogaramu ku giti cyabo bakoresheje imiterere y’urubuga badashyizwe ku rutonde rw’ibikoresho.
Uburyo bwo gukumira ukwinjira mu bwihisho (IPS)irinda intege nke zitari zihari kwibasirwa no guhuza ibikoresho bya IPS na seriveri zitari zihari kugira ngo hamenyekane kandi haburwe ibitero. Ubu bushobozi bwa IPS ubu bukunze gushyirwa mu bindi bikoresho by'umutekano, ariko haracyariho ibicuruzwa byigenga. IPS itangiye kongera kuzamuka uko ubuyobozi bwa cloud native buyinjiza buhoro buhoro muri icyo gikorwa.
Igenzura ry'injira mu muyoboroitanga uburyo bwo kugaragara ku bikubiye kuri Network no kugenzura uburyo bwo kugera ku bikorwa remezo by’ikigo bishingiye kuri politiki. Politiki zishobora gusobanura uburyo bwo kugera ku rubuga hashingiwe ku nshingano z’umukoresha, kwemeza, cyangwa ibindi bintu.
Gusukura DNS (Sisitemu y'amazina y'urubuga isukuye)ni serivisi itangwa n'abacuruzi ikora nka Sisitemu y'amazina y'ikigo kugira ngo ikumire abakoresha (harimo n'abakozi ba kure) kwinjira ku mbuga zitazwi neza.
Gukuraho DDoS (Gukuraho DDoS)bigabanya ingaruka mbi zo kwanga serivisi ku rubuga. Ibi bicuruzwa bigira uburyo bwinshi bwo kurinda umutungo wa interineti uri imbere y’urukuta rw’itumanaho, uwo ushyirwa imbere y’urukuta rw’itumanaho, n’uwo hanze y’ikigo, nk’imiyoboro y’ibikoresho biva ku batanga serivisi za interineti cyangwa gutanga ibikubiye mu butumwa.
Gucunga Politiki y'Umutekano w'Umuyoboro (NSPM)Bikubiyemo isesengura n'igenzura kugira ngo binoze amategeko agenga Umutekano wa Network, ndetse n'imikorere y'imicungire y'impinduka, isuzuma ry'amategeko, isuzuma ry'iyubahirizwa ry'amategeko, no kwerekana. Igikoresho cya NSPM gishobora gukoresha ikarita y'urusobe rw'amashusho kugira ngo cyerekane ibikoresho byose n'amategeko agenga uburyo bwo kwinjira muri firewall bikubiyemo inzira nyinshi z'urusobe rw'amakuru.
Gutandukanya ibiceni uburyo butuma ibitero bya interineti bikomeje kubaho bitagenda mu buryo butambitse kugira ngo bigere ku bintu by'ingenzi. Ibikoresho bya microisolation mu kurinda umutekano w'urubuga biri mu byiciro bitatu:
- Ibikoresho bishingiye kuri interineti bishyirwa ku rwego rw'umuyoboro, akenshi bihujwe n'imiyoboro yagenwe na porogaramu, kugira ngo birinde umutungo uhujwe n'umuyoboro.
- Ibikoresho bishingiye kuri Hypervisor ni ubwoko bw'ibice bishya byo gutandukanya kugira ngo byongere uburyo urujya n'uruza rw'itumanaho rudasobanutse rugenda hagati ya hypervisor.
- Ibikoresho bishingiye kuri Host agent bishyiraho agents kuri Host bashaka kuzitandukanya n'izindi network; Igisubizo cya Host agent gikora neza kimwe no ku mirimo yo mu bicu, imirimo yo mu bicu, na seriveri zifatika.
Serivisi yo Kubona Serivisi Ifite Umutekano (SASE)ni urwego rushya ruhuza ubushobozi bwose bw'umutekano w'imiyoboro, nka SWG, SD-WAN na ZTNA, ndetse n'ubushobozi bwa WAN busesuye kugira ngo bushyigikire ibyo imiryango ikeneye mu bijyanye no kugera ku mutekano. SASE, nk'igitekerezo kuruta urwego, igamije gutanga icyitegererezo cya serivisi y'umutekano ihuriweho itanga imikorere ku miyoboro mu buryo bworoshye, bworoshye kandi butatinda.
Gutahura no gusubiza umuyoboro (NDR)ihora isesengura amakuru y’urujya n’uruza rw’abantu n’abasohoka kugira ngo yandike imyitwarire isanzwe ya Network, bityo ibintu bitari byo bishobora kumenyekana no kumenyeshwa ibigo. Ibi bikoresho bihuza imashini yiga (ML), ubuhanga bwo gusesengura ibintu, isesengura, no gutahura bishingiye ku mategeko.
Ibikoresho by'umutekano bya DNSni inyongera kuri protocole ya DNS kandi yagenewe kugenzura ibisubizo bya DNS. Inyungu z'umutekano za DNSSEC zisaba ko amakuru ya DNS yemewe ashyirwa ku isoko mu buryo bw'ikoranabuhanga, uburyo bukoresha ikoranabuhanga rikoresha ikoranabuhanga rikoresha ikoranabuhanga rigezweho.
Firewall nka serivisi (FWaaS)ni ikoranabuhanga rishya rifitanye isano rya hafi na SWGS ishingiye ku bicu. Itandukaniro riri mu bwubatsi, aho FWaaS inyura mu miyoboro ya VPN hagati y’aho ikorera n’ibikoresho biri ku nkengero z’umuyoboro, ndetse n’aho umutekano uri mu bicu. Ishobora kandi guhuza abakoresha serivisi zo mu gace binyuze muri tunnel za VPN. FWaaS ubu ntabwo ikunze kugaragara cyane nka SWGS.
Igihe cyo kohereza ubutumwa: Werurwe-23-2022
