Muri iki gihe cy’ikoranabuhanga, umutekano w’imiyoboro wabaye ikibazo gikomeye ibigo n’abantu ku giti cyabo bagomba guhangana na cyo. Bitewe n’iterambere rihoraho ry’ibitero by’imiyoboro, ingamba zisanzwe z’umutekano zarahindutse nke. Muri uru rwego, Sisitemu yo Gutahura Ubwinjira (IDS) na Sisitemu yo Gukumira Ubwinjira (IPS) biragaragara nk’uko The Times ibisaba, kandi biba abarinzi babiri bakomeye mu bijyanye n’umutekano w’imiyoboro. Bashobora gusa nkaho basa, ariko batandukanye cyane mu mikorere no mu mikoreshereze. Iyi nkuru isuzuma cyane itandukaniro riri hagati ya IDS na IPS, kandi isobanura neza ko aba bayobozi babiri b’umutekano w’imiyoboro badafite aho bahuriye.
IDS: Umuskuti w’Umutekano w’Umuyoboro
1. Ibitekerezo by'ibanze bya sisitemu yo gushakisha ukwinjira kwa IDS (IDS)ni igikoresho cy’umutekano w’umuyoboro cyangwa porogaramu ya porogaramu yagenewe kugenzura urujya n’uruza rw’umuyoboro no gutahura ibikorwa bibi bishobora gukorwa cyangwa amakosa. Mu gusesengura paki z’umuyoboro, dosiye z’inyandiko n’andi makuru, IDS igaragaza urujya n’uruza rudasanzwe kandi ikamenyesha abayobozi gufata ingamba zijyanye n’ibyo. Tekereza kuri IDS nk'umugenzuzi witonze ukurikirana buri gikorwa cyose kiri muri uwo muyoboro. Iyo hari imyitwarire iteye amakenga muri uwo muyoboro, IDS izaba ari ubwa mbere ibonye kandi igatanga umuburo, ariko ntabwo izafata ingamba zifatika. Akazi kayo ni "gushaka ibibazo," ntabwo ari "kubikemura."
2. Uko IDS ikora Uburyo IDS ikora ahanini bushingiye ku buhanga bukurikira:
Gutahura ibimenyetso:IDS ifite ububiko bunini bw'amasinya burimo imikono y'ibitero bizwi. IDS itanga integuza iyo urujya n'uruza rw'abantu ruhuye n'umukono uri muri ububiko bw'amasinya. Ibi ni nk'uko polisi ikoresha ububiko bw'amanota kugira ngo imenye abakekwaho icyaha, bakora neza ariko bashingiye ku makuru azwi.
Gusuzuma indwara zitari nziza:IDS yiga imiterere isanzwe y'imyitwarire y'umuyoboro, kandi iyo ibonye urujya n'uruza rw'abantu rutandukanye n'imyitwarire isanzwe, ibifata nk'ikibazo gishobora guteza akaga. Urugero, iyo mudasobwa y'umukozi yohereje amakuru menshi mu ijoro rituje, IDS ishobora kugaragaza imyitwarire idasanzwe. Ibi ni nk'umurinzi w'inararibonye uzi ibikorwa bya buri munsi by'abaturage kandi azaba maso igihe habonetse ibintu bidasanzwe.
Isesengura rya Porotokole:IDS izakora isesengura ryimbitse rya porogaramu za interineti kugira ngo imenye niba hari amakosa cyangwa ikoreshwa ridasanzwe rya porogaramu. Urugero, niba imiterere ya porogaramu ya paki runaka idahuye n'ibipimo ngenderwaho, IDS ishobora kubifata nk'igitero gishobora kubaho.
3. Ibyiza n'ibibi byabyo
Ibyiza bya IDS:
Gukurikirana mu buryo bufatika:IDS ishobora gukurikirana urujya n'uruza rw'itumanaho mu gihe nyacyo kugira ngo ibone ibibazo by'umutekano ku gihe. Kimwe n'umurinzi udasinzira, buri gihe rinda umutekano w'itumanaho.
Guhindura imiterere:IDS ishobora gushyirwa ahantu hatandukanye kuri network, nko ku mipaka, imbere mu miyoboro, nibindi, bitanga uburinzi butandukanye. Byaba ari igitero cyo hanze cyangwa ikibazo cy’imbere mu miyoboro, IDS irashobora kubimenya.
Igenzura ry'ibyabaye:IDS ishobora kwandika amateka y'ibikorwa bya network kugira ngo ikore isesengura ry'urupfu rwayo ndetse n'ubushakashatsi ku manza. Ni nk'umwanditsi wizerwa ubika buri kantu kose ka network.
Ingaruka mbi za IDS:
Igipimo cyo hejuru cy'ibyavuye mu bushakashatsi bitari byo:Kubera ko IDS ishingiye ku mabanga no ku kumenya ibitagenda neza, birashoboka gufata nabi urujya n'uruza rw'abantu nk'ibikorwa bibi, bigatera ingaruka mbi. Kimwe n'umurinzi w'umutekano uhora yibeshya cyane ushobora kwitiranya umutanga ibicuruzwa n'umujura.
Ntabwo nashoboye kwiregura nta shiti:IDS ishobora gusa kumenya no gutanga amakuru, ariko ntishobora guhagarika urujya n'uruza rw'abantu babi. Abayobozi nabo barasabwa kugira uruhare mu gihe habonetse ikibazo, ibyo bikaba bishobora gutuma habaho igihe kirekire cyo gusubiza.
Imikoreshereze y'umutungo:IDS igomba gusesengura umubare munini w'abakoresha interineti, bashobora gufata umutungo mwinshi wa sisitemu, cyane cyane mu gihe hari abakoresha benshi.
IPS: "Umwunganizi" w'Umutekano w'Umuyoboro
1. Igitekerezo cy'ibanze cya Sisitemu yo Kurwanya Kwinjira mu Bitero bya IPS (IPS)ni igikoresho cy’umutekano w’umuyoboro cyangwa porogaramu yakozwe hashingiwe kuri IDS. Ntabwo ishobora gusa kubona ibikorwa bibi, ahubwo inabikumira mu gihe nyacyo no kurinda umuyoboro ibitero. Niba IDS ari umusekirite, IPS ni umurinzi w’intwari. Ntabwo ishobora gusa kumenya umwanzi, ahubwo inafata iya mbere mu guhagarika igitero cy’umwanzi. Intego ya IPS ni "gushaka ibibazo no kubikosora" kugira ngo irinde umutekano w’umuyoboro binyuze mu buryo bwihuse.
2. Uburyo IPS ikora
Hashingiwe ku kazi ko gutahura IDS, IPS yongeraho uburyo bwo kwirwanaho bukurikira:
Guhagarika imodoka:Iyo IPS ibonye traffic mbi, ishobora guhita ihagarika iyi traffic kugira ngo iyibuze kwinjira muri network. Urugero, iyo habonetse paki igerageza gukoresha intege nke zizwi, IPS ihita iyihagarika.
Isozwa ry'ikiganiro:IPS ishobora guhagarika ikiganiro hagati y’umukozi wangiza amakuru no guhagarika umurongo w’uwateye. Urugero, iyo IPS ibonye ko hari igitero cya bruteforce kirimo gukorwa kuri aderesi ya IP, izahagarika gusa itumanaho na iyo IP.
Gushungura ibikubiye mu nyandiko:IPS ishobora gukora isesengura ry’ibiri ku rubuga kugira ngo ihagarike kohereza kode cyangwa amakuru mabi. Urugero, iyo hagaragaye ko hari porogaramu ya email irimo malware, IPS izahagarika kohereza iyo email.
IPS ikora nk'umurinzi w'inzugi, ntabwo ibona gusa abantu bakeka, ahubwo inababuza inzira. Irahita isubiza kandi ishobora gukumira iterabwoba mbere yuko rikwirakwira.
3. Ibyiza n'ibibi bya IPS
Ibyiza bya IPS:
Kwirwanaho mu buryo bwihuse:IPS ishobora gukumira urujya n'uruza rw'abantu babi mu gihe nyacyo no kurinda umutekano w'imiyoboro y'itumanaho neza. Ni nk'umurinzi watojwe neza, ushobora kwirukana abanzi mbere yuko begera.
Igisubizo cyikora:IPS ishobora gushyira mu bikorwa politiki z’ubwirinzi zagenwe mbere, ikagabanya umutwaro ku bayobozi. Urugero, iyo igitero cya DDoS kibonetse, IPS ishobora kugabanya urujya n’uruza rw’abantu ku buryo bwikora.
Uburinzi bwimbitse:IPS ishobora gukorana n'inkuta z'umuriro, inzira z'umutekano n'ibindi bikoresho kugira ngo itange uburinzi bwimbitse. Ntabwo irinda gusa umupaka w'umuyoboro, ahubwo inarinda imitungo y'ingenzi y'imbere mu kigo.
Ingaruka mbi za IPS:
Ingaruka zo gukumira ibitari byo:IPS ishobora guhagarika urujya n'uruza rw'abantu ku buryo busanzwe, bigatera ingaruka ku mikorere isanzwe y'umuyoboro. Urugero, iyo urujya n'uruza rwemewe rushyizwe mu byiciro bitari byo nk'urwangiza, bishobora gutuma serivisi ihagarara.
Ingaruka ku musaruro:IPS isaba isesengura ryihuse no gutunganya urujya n'uruza rw'itumanaho ry'itumanaho, ibyo bikaba bishobora kugira ingaruka ku mikorere y'urujya n'uruza rw'itumanaho. Cyane cyane mu gihe urujya n'uruza rw'itumanaho rwinshi rushobora gutuma habaho gutinda gukomeye.
Imiterere igoye:Imiterere n'imicungire ya IPS biragoye cyane kandi bisaba abakozi b'inzobere kuyicunga. Iyo idakozwe neza, ishobora gutuma ubwirinzi budakora neza cyangwa ikongera ikibazo cyo guhagarika ibintu bitari byo.
Itandukaniro riri hagati ya IDS na IPS
Nubwo IDS na IPS bifite itandukaniro rimwe gusa mu izina, bifite itandukaniro ry'ingenzi mu mikorere no mu mikoreshereze. Dore itandukaniro ry'ingenzi hagati ya IDS na IPS:
1. Gushyira imikorere mu mwanya wayo
IDS: Ikoreshwa cyane cyane mu kugenzura no gutahura ibibangamiye umutekano mu miyoboro, ikoreshwa mu kwirwanaho kudakora. Ikora nk'umusekiri, ivuza induru iyo ibonye umwanzi, ariko ntifate iya mbere ngo itere.
IPS: Umurimo wo kwirwanaho wongerwa kuri IDS, ushobora guhagarika urujya n'uruza rw'abantu babi mu gihe nyacyo. Ni nk'umurinzi, ntabwo ashobora gusa gutahura umwanzi, ahubwo anashobora kumurinda.
2. Uburyo bwo gusubiza
IDS: Itangazo ritangwa nyuma y’uko habonetse ikibazo, bigasaba ko umuyobozi abikora n’intoki. Ni nk’umurinzi ubonye umwanzi agatanga raporo ku bayobozi be, ategereje amabwiriza.
IPS: Ingamba zo kwirwanaho zishyirwa mu bikorwa mu buryo bwikora nyuma y’uko ikibazo kibonetse nta muntu ugifashe. Ni nk’umurinzi ubona umwanzi akamusubiza inyuma.
3. Aho ibikorwa byo kohereza
IDS: Ubusanzwe ishyirwa ahantu hanyura umuyoboro kandi ntigira ingaruka ku buryo butaziguye ku muyoboro. Inshingano yayo ni ukwitegereza no kwandika, kandi ntabwo izabangamira itumanaho risanzwe.
IPS: Ubusanzwe ikoreshwa aho umuyoboro uri kuri interineti, igenzura urujya n'uruza rw'itumanaho mu buryo butaziguye. Ikenera isesengura ryihuse n'ubwitabire bw'urujya n'uruza rw'itumanaho, bityo ikaba ikora neza cyane.
4. Ingaruka zo kubura amakuru y'ibinyoma/guhagarika amakuru y'ibinyoma
IDS: Ibimenyetso by'ibinyoma ntibigira ingaruka ku mikorere ya network, ariko bishobora gutuma abayobozi bagorwa. Kimwe n'umurinzi uhora yumva cyane, ushobora kuvuga kenshi usaba amakuru y'ibanga no kongera akazi kawe.
IPS: Gufunga ibyuma mu buryo butari bwo bishobora guteza ikibazo gisanzwe cya serivisi no kugira ingaruka ku mikoreshereze y'umuyoboro w'itumanaho. Ni nk'umurinzi ukabije kandi ushobora gukomeretsa abasirikare b'inshuti.
5. Ingero z'imikoreshereze
IDS: Ikwiriye ibintu bisaba isesengura ryimbitse no gukurikirana ibikorwa by'umuyoboro, nko kugenzura umutekano, guhangana n'impanuka, nibindi. Urugero, ikigo gishobora gukoresha IDS kugira ngo gikurikirane imyitwarire y'abakozi kuri interineti kandi kimenye amakuru yangiritse.
IPS: Ikwiriye ibintu bigomba kurinda umuyoboro w’itumanaho ibitero mu gihe nyacyo, nko kurinda umupaka, kurinda serivisi zikomeye, nibindi. Urugero, ikigo gishobora gukoresha IPS kugira ngo kibuze abatera baturutse hanze kwinjira mu muyoboro wacyo.
Ishyirwa mu bikorwa rya IDS na IPS mu buryo bufatika
Kugira ngo dusobanukirwe neza itandukaniro riri hagati ya IDS na IPS, dushobora kwerekana uburyo bukurikira bwo gushyira mu bikorwa:
1. Uburinzi bw'umutekano w'umuyoboro w'ibigo. Muri uwo muyoboro w'ibigo, IDS ishobora gushyirwa mu muyoboro w'imbere kugira ngo ikurikirane imyitwarire y'abakozi kuri interineti kandi imenye niba hari uburyo bunyuranyije n'amategeko cyangwa amakuru asohoka. Urugero, iyo mudasobwa y'umukozi igaragaye ko ikoresha urubuga rwa interineti rubi, IDS izatanga ubutumwa kandi ikaburira umuyobozi kugira ngo akore iperereza.
Ku rundi ruhande, IPS ishobora gushyirwa ku mupaka w'umuyoboro kugira ngo hirindwe ko abagaba ibitero bo hanze binjira mu muyoboro w'ikigo. Urugero, iyo aderesi ya IP igaragaye ko iri mu gitero cya SQL, IPS izahagarika urujya n'uruza rwa IP kugira ngo irinde umutekano w'ububiko bw'amakuru bw'ikigo.
2. Umutekano w'Ikigo cy'Amakuru Mu bigo by'amakuru, IDS ishobora gukoreshwa mu kugenzura urujya n'uruza rw'abantu hagati ya seriveri kugira ngo hamenyekane ko hari itumanaho ridasanzwe cyangwa malware. Urugero, niba seriveri yohereza amakuru menshi akekwa ku isi yo hanze, IDS izagaragaza imyitwarire idasanzwe kandi ikamenyesha umuyobozi kuyigenzura.
Ku rundi ruhande, IPS ishobora gushyirwa ku muryango w’ibigo by’amakuru kugira ngo ihagarike ibitero bya DDoS, inshinge za SQL n’izindi nzira mbi zo gukwirakwiza amakuru. Urugero, iyo tubonye ko igitero cya DDoS kirimo kugerageza gusenya ikigo cy’amakuru, IPS izagabanya urujya n’uruza rw’amakuru kugira ngo serivisi ikore neza.
3. Umutekano mu bicu Mu bicu, IDS ishobora gukoreshwa mu kugenzura ikoreshwa rya serivisi zo mu bicu no kumenya niba hari uburenganzira bwo kwinjira cyangwa gukoresha nabi umutungo. Urugero, niba umukoresha agerageza kwinjira mu bicu bitarageze, IDS izatanga ubutumwa kandi ikaburira umuyobozi kugira ngo agire icyo akora.
Ku rundi ruhande, IPS ishobora gushyirwa ku nkengero z'umuyoboro w'ibicu kugira ngo irinde serivisi z'ibicu ibitero byo hanze. Urugero, iyo aderesi ya IP ibonetse kugira ngo itangire igitero cy'imbaraga nyinshi kuri serivisi y'ibicu, IPS izahita ihagarika IP kugira ngo irinde umutekano wa serivisi y'ibicu.
Gukoresha IDS na IPS mu buryo buhuriweho
Mu by’ukuri, IDS na IPS ntibibaho ukwabyo, ariko bishobora gukorana kugira ngo bitange uburinzi bwuzuye bw’umutekano w’umuyoboro. Urugero:
IDS nk'inyongera kuri IPS:IDS ishobora gutanga isesengura ryimbitse ry’urujya n’uruza rw’abantu no kwandika ibyabaye kugira ngo ifashe IPS kumenya no gukumira ibitero. Urugero, IDS ishobora kubona imiterere y’ibitero byihishe binyuze mu kugenzura igihe kirekire, hanyuma igasubiza aya makuru kuri IPS kugira ngo yongere ingamba zayo zo kwirwanaho.
IPS ikora nk'umuyobozi ushinzwe gukurikirana IDS:Iyo IDS imaze kubona ikibazo, ishobora gutuma IPS ishyira mu bikorwa ingamba zo kwirwanaho kugira ngo ibone igisubizo cyikora. Urugero, iyo IDS ibonye ko aderesi ya IP irimo gusuzumwa nabi, ishobora kumenyesha IPS guhagarika urujya n'uruza rw'abantu kuri iyo IP.
Mu guhuza IDS na IPS, ibigo n'imiryango bishobora kubaka uburyo bukomeye bwo kurinda umutekano w'imiyoboro kugira ngo birwanye neza ibibazo bitandukanye by'imiyoboro. IDS ifite inshingano zo gushaka ikibazo, IPS ifite inshingano zo gukemura ikibazo, byombi byuzuzanya, nta na kimwe muri byo gishobora gukurwaho.
Shaka iburyoUmuhuzabikorwa w'amapaki y'itumanahogukorana na IDS yawe (Sisitemu yo Gutahura Intrusion)
Shaka iburyoGuhindura Tap Bypass mu murongogukorana na IPS (Sisitemu yo Kurwanya Kwinjira)
Igihe cyo kohereza: 23 Mata 2025
