Inofambiswa neshanduko yedhijitari, mabhizinesi network haasisiri "tambo shoma dzinobatanidza makomputa." Nekuwanda kwemidziyo yeIoT, kutama kwemasevhisi kune gore, uye kuwedzera kutorwa kwebasa riri kure, network traffic yaputika, senge traffic mumugwagwa mukuru. Nekudaro, uku kuwedzera kwetraffic kunopawo matambudziko: maturusi ekuchengetedza haakwanise kutora data rakakosha, masisitimu ekutarisa anokurirwa neruzivo rusina basa, uye kutyisidzira kwakavanzwa mumigwagwa yakavharidzirwa kunoenda kusingaonekwe. Apa ndipo panouya "invisible butler" inonzi Network Packet Broker (NPB) inobatsira. Ichiita sebhiriji rakangwara pakati petiweki traffic uye maturusi ekutarisa, inobata mhirizhonga yekuyerera kwetraffic kunetiweki yese uku ichidyisa maturusi ekutarisa data yavanoda, ichibatsira mabhizinesi kugadzirisa "zvisingaoneki, zvisingasvikike" matambudziko etiweki. Nhasi, tichapa kunzwisisa kwakadzama kweiyi basa rinokosha mukushanda kwetiweki uye kugadzirisa.
1. Sei makambani ari kutsvaga maNPB ikozvino? - Iyo "Kuonekwa Kunodiwa" kweComplex Networks
Funga izvi: Kana network yako ichimhanyisa mazana emidziyo yeIoT, mazana emaseva emakore, uye vashandi vanoiwana vari kure kubva pese pese, ungaite sei kuti ive nechokwadi chekuti hapana hutsinye hunopinda mukati? Iwe unogona sei kuona kuti ndeapi malink akazara uye anonotsa mashandiro ebhizinesi?
Nzira dzechinyakare dzekutarisa dzagara dzisina kukwana: chero maturusi ekutarisa anogona kungotarisa pane chaiwo zvikamu zvetraffic, zvisipo makiyi node; kana kuti vanopfuudza traffic yese kune chishandiso kamwechete, zvichiita kuti isakwanise kugaya ruzivo uye kunonoka ongororo yekuongorora. Uyezve, nepamusoro pe70% yetraffic ikozvino yakavharidzirwa, maturusi echinyakare haakwanise kuona kuburikidza nezviri mukati.
Kubuda kweNPBs kunotaura nezvekurwadziwa kwe "kushayikwa kwekuonekwa kwetiweki." Ivo vanogara pakati penzvimbo dzekupinda mumigwagwa uye maturusi ekutarisa, kuunganidza traffic yakapararira, kusefa data rakawandisa, uye pakupedzisira kugovera traffic chaiyo kuIDS (Intrusion Detection Systems), SIEMs (Security Information Management Platform), maturusi ekuongorora maitiro, nezvimwe. Izvi zvinova nechokwadi chekuti maturusi ekutarisa haana nzara kana kuwandisa. NPBs inokwanisawo kudhirowa uye encrypt traffic, kuchengetedza data rakadzama uye nekupa mabhizinesi tarisiro yakajeka yemamiriro avo etiweki.
Zvinogona kutaurwa kuti ikozvino chero bhizinesi riine network chengetedzo, kuita optimization kana kutevedzera zvinodiwa, NPB yave chinhu chisingadzivisike chepakati chikamu.
Chii chinonzi NPB? -Ongororo Yakareruka kubva kuArchitecture kuenda kuCore Capabilities
Vanhu vazhinji vanofunga kuti izwi rekuti "packet broker" rinotakura chipingamupinyi chehunyanzvi chekupinda. Zvakadaro, enzaniso inosvikika ndeye kushandisa "express delivery sorting center": network traffic is "express parcels," NPB ndiyo "sorting center," uye chekuongorora ndicho "pokugamuchira." Basa reNPB ndere kuunganidza mapasuru akapararira (aggregation), kubvisa mapasuru asina kushanda (sefa), nekuaronga nekero (kugovera). Inogonawo kusunungura uye kuongorora pasuru dzakakosha (decryption) uye kubvisa ruzivo rwepachivande (massaging) - maitiro ose anoshanda uye akajeka.
1. Chekutanga, ngatitarisei "skeleton" yeNPB: matatu core architectural modules.
Iyo NPB workflow inotsamira zvachose pakubatana kweaya matatu module; hapana chimwe chazvo chingashayikwa:
○Traffic Access Module: Yakaenzana ne "express delivery port" uye inonyanya kushandiswa kugamuchira network traffic kubva kune switch mirror port (SPAN) kana splitter (TAP). Kunyangwe iri traffic kubva kune yemuviri link kana chaiyo network, inogona kuunganidzwa nenzira yakabatana.
○Processing Engine:Iyi ndiyo "huropi hwepakati penzvimbo yekurongedza" uye ine basa re "kugadziridza" kwakanyanya - sekubatanidza akawanda-link traffic (aggregation), kusefa traffic kubva kune imwe mhando yeIP (sefa), kukopa iyo yakafanana traffic uye kuitumira kune akasiyana maturusi (kukopa), decrypting SSL/TLS encrypted traffic (decryption), nezvimwe" zvese "zvakapera pano.
○Distribution Module: Zvakafanana ne "courier" inogovera nenzira kwayo traffic yakagadziridzwa kune inoenderana yekutarisa maturusi uye inogona zvakare kuita mitoro yekuenzanisa - semuenzaniso, kana chishandiso chekuongorora mashandiro chakanyanya kubatikana, chikamu chetraffic chinogoverwa kune chekuchengetedza chishandiso kudzivirira kuremedza chinhu chimwe chete.
2. NPB's "Hard Core Capabilities": 12 core mabasa anogadzirisa 90% yematambudziko etiweki
NPB ine mabasa mazhinji, asi ngatitarisei pane anonyanya kushandiswa nemabhizinesi. Imwe neimwe inoenderana neanoshanda pain point:
○Traffic Replication / Aggregation + KusefaSemuenzaniso, kana bhizinesi riine gumi network link, iyo NPB inotanga kusanganisa traffic yegumi malink, yobva yasefa "duplicate data packets" uye "zvisina basa traffic" (senge traffic kubva kuvashandi vachiona mavhidhiyo), uye inongotumira ine chekuita nebhizinesi kune chekutarisa chishandiso - kuvandudza zvakanangana ne300%.
○SSL/TLS Decryption: Mazuva ano, kurwiswa kwakashata kwakawanda kwakavanzwa muHTTPS encrypted traffic. NPB inogona kutsikisa traffic iyi zvakachengeteka, ichibvumira maturusi akadai seIDS uye IPS "kuona kuburikidza" zvakavharidzirwa zvemukati uye kutora kutyisidzira kwakavanzika senge phishing link uye yakaipa kodhi.
○Data Masking / Desensitization: Kana traffic iine ruzivo rwakadzama senge nhamba dzekadhi rechikwereti uye nhamba dzekuchengetedza magariro, NPB inozo "dzima" ruzivo urwu isati yatumira kune chekutarisa chishandiso. Izvi hazvizokanganisa kuongororwa kwechishandiso, asi zvakare zvinoenderana nePCI-DSS (mubhadharo kutevedzera) uye HIPAA (kuteerera kwehutano) zvinodiwa kudzivirira kudonha kwedata.
○Load Bancing + FailoverKana bhizinesi riine maturusi matatu eSIEM, iyo NPB inogovera zvakaenzana traffic pakati pavo kudzivirira chero chishandiso kubva mukuremerwa. Kana chishandiso chimwe chikatadza, iyo NPB ichakurumidza chinja traffic kune chekuchengetedza chishandiso kuti ive nechokwadi chekutarisisa kusingapindiki. Izvi zvinonyanya kukosha kumaindasitiri akadai semari uye hutano hwehutano uko nguva yekuderera isingatenderwe.
○Tunnel Kugumiswa: VXLAN, GRE uye mamwe "Tunnel Protocols" ikozvino anowanzoshandiswa mumafu network. Zvishandiso zvechinyakare hazvigone kunzwisisa maprotocol aya. NPB inogona "kuparadzanisa" tunnels uye kubvisa iyo chaiyo traffic mukati, ichibvumira maturusi ekare kugadzirisa traffic munzvimbo dzemakore.
Iko kusanganiswa kweaya maficha kunoita kuti NPB isango "kuona kuburikidza" yakavharidzirwa traffic, asi zvakare "kudzivirira" data inonzwisisika uye "kuchinjika" kune dzakasiyana siyana dzakaoma network nharaunda - ndosaka ichigona kuve chinhu chakakosha.
III. NPB inoshandiswa kupi? -Mamiriro mashanu akakosha anogadzirisa zvinodikanwa zvebhizinesi chairo
NPB haisi imwe-saizi-inokodzera-zvese chishandiso; pachinzvimbo, inochinja-chinja kune akasiyana mamiriro. Kunyangwe iri data data, 5G network, kana gore nharaunda, inowana chaiyo maapplication. Ngatitarisei mashoma akajairwa kesi kuenzanisira iyi pfungwa:
1. Data Center: Kiyi yekutarisa East-West Traffic
Traditional data centers inotarisa chete kuchamhembe-kumaodzanyemba traffic (traffic kubva kumaseva kuenda kune kunze kwenyika). Nekudaro, mune virtualized data centers, 80% yetraffic iri kumabvazuva-kumadokero (traffic pakati pemashini chaiwo), ayo echinyakare maturusi haagone kubata. Apa ndipo panouya maNPB anoshanda:
Semuenzaniso, kambani hombe yeinternet inoshandisa VMware kuvaka iyo virtualized data center. Iyo NPB yakanyatsobatanidzwa nevSphere (VMware's manejimendi chikuva) kubata nemazvo kumabvazuva-kumadokero traffic pakati pemashini chaiwo uye kuigovera kuIDS uye maturusi ekuita. Izvi hazvingobvisi "kutarisa mapofu," asi zvakare zvinowedzera kushanda zvakanaka kwezvishandiso ne40% kuburikidza nekusefa kwetraffic, kucheka zvakananga data center's mean-time-to-repair (MTTR) nepakati.
Uye zvakare, NPB inogona kutarisa sevha kuremerwa uye kuona kuti yekubhadhara data inoenderana nePCI-DSS, ichiva "yakakosha mashandiro uye kugadzirisa zvinodiwa" kune nzvimbo dzedata.
2. SDN/NFV Environment: Flexible Roles Kugadzirisa kune Software-Defined Networking
Makambani mazhinji ave kushandisa SDN (Software Defined Networking) kana NFV (Network Function Virtualization). Manetiweki haasisiri akagadziriswa Hardware, asi pane anochinjika software masevhisi. Izvi zvinoda maNPB kuti awedzere kuchinjika:
Semuyenzaniso, yunivhesiti inoshandisa SDN kushandisa "Bring Your Own Device (BYOD)" kuitira kuti vadzidzi nevadzidzisi vakwanise kubatana netiweki yekambasi vachishandisa nhare dzavo nemakombiyuta. NPB inosanganiswa neSDN controller (yakadai seOpenDaylight) kuve nechokwadi chekuparadzaniswa kwetraffic pakati penzvimbo dzekudzidzisa nenzvimbo dzehofisi uku ichinyatso kugovera traffic kubva munzvimbo yega yega kune maturusi ekutarisa. Iyi nzira haikanganisi kushandiswa kwevadzidzi nevadzidzisi, uye inobvumira kuonekwa nenguva kwekubatana kusina kujairika, sekuwana kubva kune yakaipa off-campus IP kero.
Zvimwe chetezvo kune nharaunda dzeNFV. NPB inogona kutarisa traffic yeanoona mafirewall (vFWs) uye chaiwo mabharadhi emutoro (vLBs) kuti ive nechokwadi chekuita kwakadzikama kweaya "software zvishandiso", izvo zvinochinjika zvakanyanya kupfuura zvechinyakare hardware yekutarisa.
3. 5G Networks: Kugadzirisa Sliced Traffic uye Edge Nodes
Iwo epakati maficha e5G "kumhanya kwazvo, kudzika latency, uye kubatanidza kwakakura", asi izvi zvinounza zvakare matambudziko matsva ekutarisa: semuenzaniso, 5G's "network slicing" tekinoroji inogona kupatsanura iyo imwechete yemuviri network kuita akawanda anonzwisisika network (semuenzaniso, yakaderera-latency chidimbu chekutyaira wega uye yakakura-yekubatanidza chidimbu cheIoT), uye iyo traffic yakazvimirira yega yega yega.
Mumwe mushandisi akashandisa NPB kugadzirisa dambudziko iri: yakatumira yakazvimirira NPB yekutarisa kune yega yega 5G slice, iyo isingagone kungoona latency uye throughput yega yega chidimbu munguva chaiyo, asi zvakare inobata isina kujairika traffic (yakadai sekupinda kusingabvumirwe pakati pezvimedu) panguva yakakodzera, kuve nechokwadi chepasi latency zvinodiwa zvemabhizinesi akakosha akadai sekutyaira akazvimirira.
Mukuwedzera, 5G edge computing nodes yakapararira munyika yose, uye NPB inogonawo kupa "lightweight version" iyo inoiswa pamucheto nodes kutarisa kugoverwa kwemotokari uye kudzivisa kunonoka kunokonzerwa nekutumira data kumashure nekudzoka.
4. Cloud Environment/Hybrid IT: Kuputsa Zvipingamupinyi zvePublic and Private Cloud Monitoring
Mazhinji emabhizinesi ave kushandisa hybrid cloud architecture - mamwe maoperation anogara paAlibaba Cloud kana Tencent Cloud (makore eruzhinji), mamwe pamakore awo ega, uye mamwe pamaseva emuno. Muchiitiko ichi, traffic inoparadzirwa munzvimbo dzakawanda, zvichiita kuti kutarisa kuve nyore kukanganisa.
China Minsheng Bank inoshandisa NPB kugadzirisa iyi pain point: bhizinesi rayo rinoshandisa Kubernetes kutumirwa kwemidziyo. NPB inogona kubata zvakananga traffic pakati pemidziyo (Pods) uye inobatanidza traffic pakati pemasevha egore uye makore akavanzika kuti aite "kuguma-kusvika-kumagumo kutarisa" - zvisinei nekuti bhizinesi riri mugore reruzhinji kana gore rakavanzika, chero paine dambudziko rekuita, timu yekushanda nekugadzirisa inogona kushandisa NPB traffic data kuti ikurumidze kutsvaga kana iri dambudziko ne-inter-container-inogadzirisa nhare kana 60 yekubatanidza mafoni.
Kune akawanda-anogara veruzhinji makore, NPB inogona zvakare kuve nechokwadi chekuparadzaniswa kwetraffic pakati pemabhizinesi akasiyana, kudzivirira kudonha kwedata, uye kusangana nezvinodiwa zvekuteedzera zveindasitiri yezvemari.
Mukupedzisa: NPB haisi "sarudzo" asi "inofanira"
Mushure mekuongorora zviitiko izvi, iwe uchaona kuti NPB haichisiri niche tekinoroji asi yakajairwa chishandiso chemabhizinesi kubata netiweki yakaoma. Kubva kunzvimbo dzedata kuenda ku5G, kubva kumakore akavanzika kuenda kune yakasanganiswa IT, NPB inogona kuita basa pese panenge paine kudiwa kwekuonekwa kwetiweki.
Nekuwedzera kuri kuita AI uye kumucheto komputa, network traffic ichawedzera kuomarara, uye NPB hunyanzvi huchawedzera kukwidziridzwa (semuenzaniso, kushandisa AI kuona otomatiki traffic isina kujairika uye kugonesa mamwe kureruka kuchinjika kumanodhi ekumucheto). Kune mabhizinesi, kunzwisisa uye kuendesa NPBs kutanga kunovabatsira kubata network yekutanga uye kudzivirira kutsauka mukushandurwa kwavo kwedhijitari.
Wakambosangana nematambudziko ekutarisa network muindasitiri yako? Semuyenzaniso, hausi kuona yakavharidzirwa traffic, kana hybrid cloud monitoring inovhiringwa? Inzwa wakasununguka kugovera pfungwa dzako muchikamu chemhinduro uye ngationgororei mhinduro pamwe chete.
Nguva yekutumira: Sep-23-2025
