Zvichitungamirirwa nekushandurwa kwedhijitari, ma network emakambani haasisiri "tambo shoma dzinobatanidza makomputa." Nekuwanda kwemidziyo yeIoT, kutamiswa kwemasevhisi kuenda kugore, uye kuwedzera kwekushandiswa kwebasa riri kure, network traffic yawedzera, setraffic iri mumugwagwa mukuru. Zvisinei, kuwedzera uku kwetraffic kunounzawo matambudziko: zvishandiso zvekuchengetedza hazvigone kutora data rakakosha, masisitimu ekutarisa anokundwa neruzivo rwakawandisa, uye kutyisidzira kwakavanzika mutraffic yakavharirwa hakuonekwe. Apa ndipo panobatsira "mutengi asingaonekwe" anonzi Network Packet Broker (NPB). Ichishanda sebhiriji rakangwara pakati pe network traffic nezvishandiso zvekutarisa, inobata kufamba kwetraffic mu network yese uku ichipa zvishandiso zvekutarisa data ravanoda nemazvo, ichibatsira mabhizinesi kugadzirisa matambudziko e network "asingaonekwe, asingawanikwe". Nhasi, tichapa kunzwisisa kwakazara kwebasa iri guru mukushanda kwe network nekugadzirisa.
1. Sei makambani ari kutsvaga maNPB pari zvino? — "Kudiwa kwekuona" kwemaComplex Networks
Funga izvi: Kana network yako ichishandisa mazana emidziyo yeIoT, mazana ema cloud servers, uye vashandi vanoiwana vari kure kubva kwese kwese, ungava sei nechokwadi chekuti hapana traffic yakaipa inopinda? Ungaziva sei kuti ndeapi ma link akazara uye anononotsa mashandiro ebhizinesi?
Nzira dzekare dzekutarisa dzagara dzisina kukwana: zvishandiso zvekutarisa zvinongogona kutarisa zvikamu zvetraffic, zvisipo ma key nodes; kana kuti zvinopa traffic yese kuchishandiso panguva imwe chete, zvichiita kuti chisakwanise kunzwisisa ruzivo uye zvichideredza kushanda kwekuongorora. Uyezve, nevanodarika 70% vetraffic yava kuvharwa, zvishandiso zvekare hazvichakwanisi kuona zviri mukati mazvo.
Kubuda kweNPBs kunogadzirisa dambudziko re "kushaya kuonekwa kwenetwork." Dziri pakati penzvimbo dzekupinda mutraffic nedzekutarisa, dzichiunganidza traffic yakapararira, dzichisefa data rakawandisa, uye pakupedzisira dzichigovera traffic chaiyo kuIDS (Intrusion Detection Systems), SIEMs (Security Information Management Platforms), maturusi ekuongorora mashandiro, nezvimwewo. Izvi zvinoita kuti maturusi ekutarisa asave nenzara kana kuti azere. NPBs dzinogonawo kubvisa traffic yakavharika uye yakavharika, dzichidzivirira data rakavanzika uye dzichipa mabhizinesi ruzivo rwakajeka rwemamiriro enetwork yavo.
Zvinogona kutaurwa kuti chero bedzi kambani iine kuchengetedzeka kwenetiweki, kugadzirisa mashandiro kana zvinodiwa kuti zvitevedzwe, NPB yave chinhu chikuru chisingadzivisike.
Chii chinonzi NPB? — Ongororo Iri Nyore Kubva paKuvaka kusvika kuCore Capabilities
Vanhu vazhinji vanofunga kuti izwi rekuti "packet broker" rine chipingamupinyi chikuru chehunyanzvi pakupinda. Zvisinei, fananidzo iri nyore kushandisa "express delivery sorting center": network traffic i "express parces," NPB ndiyo "sorting center," uye monitoring tool ndiyo "receiving point." Basa reNPB nderekuunganidza mapasuru akapararira (aggregation), kubvisa mapasuru asina kushanda (kusefa), uye kuaronga nekero (distribution). Inogona zvakare kuvhura nekuongorora mapasuru akakosha (decryption) uye kubvisa ruzivo rwepachivande (massaging) - maitiro ese anoshanda uye akarurama.
1. Kutanga, ngatitarisei "skeleton" yeNPB: mamodule matatu makuru ekuvaka
Kushanda kweNPB kunoenderana zvachose nekushanda pamwe chete kwemamodules matatu aya; hapana kana rimwe rawo rinogona kushaikwa:
○Module yekupinda muTraffic: Yakaenzana ne "express delivery port" uye inonyanya kushandiswa kugamuchira network traffic kubva ku switch mirror port (SPAN) kana splitter (TAP). Pasinei nekuti traffic inobva ku physical link kana kuti virtual network, inogona kuunganidzwa nenzira yakabatana.
○Injini Yekugadzirisa:Uyu ndiwo "pfungwa huru yenzvimbo yekuronga" uye ndiwo une basa re "kugadzirisa" kwakakosha - sekubatanidza traffic ye-multi-link (aggregation), kusefa traffic kubva kune imwe mhando yeIP (kusefa), kukopa traffic imwechete uye kuitumira kune zvishandiso zvakasiyana (kukopa), kubvisa SSL/TLS encrypted traffic (kusefa), nezvimwewo. "Mabasa ese akanaka" apedzwa pano.
○Module yekugovera: Zvakafanana ne "courier" inogovera nemazvo traffic yakagadziriswa kune zvishandiso zvinoenderana zvekutarisa uye inogonawo kuita load balancing - semuenzaniso, kana chishandiso chekuongorora mashandiro chakabatikana zvakanyanya, chikamu chetraffic chichagoverwa kune backup tool kudzivirira kuremedza chishandiso chimwe chete.
2. "Hard Core Capabilities" yeNPB: mabasa gumi nemaviri epakati anogadzirisa 90% yematambudziko enetwork
NPB ine mabasa akawanda, asi ngatitarisei pane anonyanya kushandiswa nemabhizinesi. Rimwe nerimwe rinoenderana nedambudziko rinoshanda:
○Kudzokororwa kweTraffic / Kuunganidzwa + KusefaSemuenzaniso, kana kambani iine network links gumi, NPB inotanga yabatanidza traffic ye 10 links, yozobvisa "duplicate data packets" uye "irrelevant traffic" (yakadai se traffic kubva kuvashandi vari kuona mavhidhiyo), uye inongotumira traffic ine chekuita nebhizinesi kuchishandiso chekutarisa - zvichivandudza kushanda kwayo ne300%.
○Kubvisa Kunyorwa Kwemashoko muSSL/TLS: Mazuva ano, kurwiswa kwakawanda kwehuipi kwakavanzika muHTTPS encrypted traffic. NPB inogona kubvisa traffic iyi zvakachengeteka, zvichibvumira maturusi akadai seIDS neIPS "kuona" zviri mukati me encrypted uye kubata njodzi dzakavanzika dzakadai se phishing links uye malicious code.
○Kuvhara/Kubvisa Ruzivo rweData: Kana vanhu vari mutraffic vaine ruzivo rwakakosha rwakadai senhamba dzemakadhi echikwereti nenhamba dzekuchengetedzwa kwevanhu, NPB inodzima ruzivo urwu yoga isati yarutumira kumudziyo wekutarisa. Izvi hazvizokanganisi kuongororwa kwechishandiso, asi zvinotevedzerawo zvinodiwa nePCI-DSS (kubhadhara) uye HIPAA (hutano) kudzivirira kubuda kwedata.
○Kuenzanisa Mutoro + KukundikanaKana kambani iine maturusi matatu eSIEM, NPB inogovera vanhu zvakaenzana pakati pavo kudzivirira kuti chero chishandiso chimwe chete chisanyanya kukanganiswa. Kana chishandiso chimwe chikakundikana, NPB inochinja vanhu ipapo ipapo kuenda kune chishandiso chekuchengetedza kuti ive nechokwadi chekuti vanochitarisa vasingakanganisike. Izvi zvakakosha zvikuru kumaindasitiri akadai sezvemari nehutano uko nguva yekushanda isingagamuchirwi.
○Kugumiswa kweMugero: VXLAN, GRE nedzimwe "Tunnel Protocols" ikozvino dzave kushandiswa zvakanyanya muma cloud network. Zvishandiso zvechinyakare hazvigone kunzwisisa ma protocol aya. NPB inogona "kuparadzanisa" ma tunnel aya uye kubvisa traffic chaiyo iri mukati, zvichibvumira zvishandiso zvekare kugadzirisa traffic munzvimbo dzegore.
Kusanganiswa kwezvinhu izvi kunoita kuti NPB isango "ona" chete traffic yakavharidzirwa, asiwo "chengetedza" data rakavanzika uye "chinja" zvinoenderana nenzvimbo dzakasiyana-siyana dzakaoma dzenetwork - ndosaka ichigona kuva chinhu chikuru.
III. NPB inoshandiswa kupi? — Mamiriro mashanu akakosha anotarisana nezvinodiwa nemabhizinesi chaiwo
NPB haisi chishandiso chinokodzera zvese; panzvimbo pezvo, inochinjika nyore nyore kune mamiriro akasiyana. Ingave iri nzvimbo yedata, network ye5G, kana nzvimbo yegore, inowana mashandisirwo akakodzera. Ngatitarisei zviitiko zvishoma zvakajairika kuti tiratidze pfungwa iyi:
1. Data Center: Kiyi Yekutarisa Kufamba Kwevanhu Kubva Kumabvazuva Kuenda Kumadokero
Nzvimbo dzedata dzechinyakare dzinongotarisa chete traffic kubva kuchamhembe kuenda kumaodzanyemba (traffic kubva kumaseva kuenda kunze). Zvisinei, munzvimbo dzedata dzakagadzirwa nedhijitari, 80% yetraffic iri kumabvazuva-kumadokero (traffic pakati pemachina edhijitari), izvo zvishandiso zvechinyakare zvisingagoni kubata. Apa ndipo panobatsira maNPB:
Semuenzaniso, kambani hombe yeinternet inoshandisa VMware kuvaka nzvimbo yedata yakashandisirwa ruzivo rwemakombiyuta. Iyo NPB yakabatana zvakananga ne vSphere (puratifomu yekutonga yeVMware) kuti itore traffic yekumabvazuva-kumadokero pakati pemacomputer emakombiyuta uye igovane kuIDS nematurusi ekushanda. Izvi hazvingobvisi chete "kutarisa nzvimbo dzisingaonekwe," asi zvinowedzerawo kushanda zvakanaka kwemidziyo ne40% kuburikidza nekusefa traffic, zvichicheka zvakananga mean-time-to-repair yenzvimbo yedata nepakati.
Pamusoro pezvo, NPB inogona kutarisa mutoro weseva uye kuona kuti data rekubhadhara rinoenderana nePCI-DSS, zvichiva "chinodiwa pakushanda nekugadzirisa" kune nzvimbo dzedata.
2. SDN/NFV Environment: Mabasa Anochinjika Anochinjika Kuenderana neSoftware-Defined Networking
Makambani mazhinji ari kushandisa SDN (Software Defined Networking) kana NFV (Network Function Virtualization). Manetwork haasisiri hardware yakagadziriswa, asi masevhisi esoftware anochinjika. Izvi zvinoda kuti maNPB ave anochinjika:
Semuenzaniso, yunivhesiti inoshandisa SDN kuita "Bring Your Own Device (BYOD)" kuitira kuti vadzidzi nevadzidzisi vagone kubatana nenetwork yekambasi vachishandisa mafoni nemakombiyuta avo. NPB yakabatanidzwa neSDN controller (yakaita seOpenDaylight) kuve nechokwadi chekuti traffic iri pakati penzvimbo dzekudzidzisa nedzehofisi uku ichigovera traffic kubva kunzvimbo yega yega nemazvo kune zvishandiso zvekutarisa. Maitiro aya haakanganisi mashandisirwo evadzidzi nevadzidzisi, uye anobvumira kuonekwa panguva yakakodzera kwekubatana kusina kujairika, senge kuwana kubva kune ma IP address ane hukasha kunze kwekambasi.
Izvi ndizvo zvinoitikawo kune nharaunda dzeNFV. NPB inogona kutarisa traffic yevirtual firewalls (vFWs) uye virtual load balancers (vLBs) kuti ive nechokwadi chekuti "software devices" idzi dzinoshanda zvakanaka, izvo zvinochinjika zvakanyanya kupfuura zvechinyakare zvekutarisira hardware.
3. 5G Networks: Kutarisira Sliced Traffic uye Edge Nodes
Zvinhu zvikuru zve5G "zvinokurumidza kumhanya, kunonoka kushoma, uye kubatana kukuru", asi izvi zvinounzawo matambudziko matsva ekutarisa: semuenzaniso, tekinoroji ye5G ye "network slicing" inogona kupatsanura network imwecheteyo kuita network dzakawanda dze logical (semuenzaniso, slice yakaderera yekunonoka yekutyaira yega uye slice yakakura yekubatanidza yeIoT), uye traffic muslice yega yega inofanira kutariswa yakazvimirira.
Mumwe mushandi akashandisa NPB kugadzirisa dambudziko iri: akaisa NPB yakazvimirira yekutarisa 5G slice yega yega, iyo isingangogone kungoona latency uye throughput ye slice yega yega munguva chaiyo, asiwo kudzivirira traffic isina kujairika (yakadai sekupinda pakati pe slices zvisina mvumo) nenguva, ichivimbisa zvinodiwa zvishoma zve latency yemabhizinesi makuru akadai sekutyaira ari ega.
Pamusoro pezvo, ma "5G edge computing nodes" akapararira munyika yese, uye NPB inogonawo kupa "shanduro yakareruka" inoshandiswa pama "edge nodes" kutarisa traffic yakapararira uye kudzivirira kunonoka kunokonzerwa nekutumira data kumashure nekudzoka.
4. Nzvimbo yeMakore/Hybrid IT: Kubvisa Zvipingamupinyi zveKutarisa Makore eVeruzhinji neAkavanzika
Makambani mazhinji ikozvino anoshandisa dhizaini ye hybrid cloud—mamwe mabasa ari paAlibaba Cloud kana Tencent Cloud (public cloud), mamwe ari pa clouds dzavo, uye mamwe ari pamaseva emunharaunda. Muchiitiko ichi, traffic inopararira munzvimbo dzakasiyana-siyana, zvichiita kuti kutarisa kuvhiringidzwe zviri nyore.
China Minsheng Bank inoshandisa NPB kugadzirisa dambudziko iri: bhizinesi rayo rinoshandisa Kubernetes pakuisa ma container. NPB inogona kubata zvakananga traffic pakati pema container (Pods) uye kubatanidza traffic pakati pe cloud servers ne private clouds kuti igadzire "end-to-end monitoring" - zvisinei nekuti bhizinesi riri mu public cloud here kana kuti private cloud, chero bedzi paine dambudziko rekushanda, timu yekushanda nekugadzirisa inogona kushandisa NPB traffic data kuti ikurumidze kuona kana iri dambudziko re inter-container calls kana cloud link congestion, zvichivandudza kushanda kwe diagnostic ne60%.
Kune vanhu vakawanda vanobhadhara mari, NPB inogonawo kuve nechokwadi chekuti traffic iri pakati pemakambani akasiyana, kudzivirira kubuda kwedata, uye kusangana nezvinodiwa neindasitiri yemari.
Mukupedzisa: NPB haisi "sarudzo" asi "inofanira kutorwa"
Mushure mekuongorora mamiriro ezvinhu aya, muchaona kuti NPB haisisiri tekinoroji chaiyo asi chishandiso chakajairika chemakambani kuti agone kubata nemanetwork akaomarara. Kubva kunzvimbo dzedata kusvika ku5G, kubva kuma clouds ega kusvika kuhybrid IT, NPB inogona kuita basa chero painenge ichida kuonekwa kwenetwork.
Nekuwedzera kuri kuita AI ne edge computing, network traffic ichawedzera kuoma, uye kugona kweNPB kuchawedzerwa (semuenzaniso, kushandisa AI kuona otomatiki traffic isina kujairika uye kugonesa kugadziriswa kwakareruka kuma edge nodes). Kune mabhizinesi, kunzwisisa nekuisa NPBs pakutanga kuchavabatsira kutora danho re network uye kudzivirira nzira dzekutsauka mukuchinja kwavo kwedhijitari.
Wakambosangana nematambudziko ekutarisa network muindasitiri yako here? Semuenzaniso, haugone kuona traffic yakavharirwa, kana kuti hybrid cloud monitoring yakakanganiswa? Inzwa wakasununguka kugovera pfungwa dzako muchikamu chemashoko uye ngationgororei mhinduro pamwe chete.
Nguva yekutumira: Gunyana-23-2025
