Kuongorora Paketi Yakadzika (DPI)tekinoroji inoshandiswa muNetwork Packet Brokers (NPBs) kuongorora nekuongorora zviri mumapaketi enetwork padanho re granular. Inosanganisira kuongorora payload, headers, uye rumwe ruzivo rwakanangana neprotocol mukati memapaketi kuti uwane ruzivo rwakadzama nezve network traffic.
DPI inopfuura kungoongorora musoro chete uye inopa kunzwisisa kwakadzama kwedata rinoyerera kuburikidza netiweki. Inobvumira kuongororwa kwakadzama kwemaitiro ekushandisa, akadai seHTTP, FTP, SMTP, VoIP, kana maprotocol ekutamba mavhidhiyo. Nekuongorora zviri mukati memapaketi, DPI inogona kuona nekuona maapplication chaiwo, maprotocol, kana kunyange mapatani chaiwo edata.
Pamusoro pekuongorora kwehierarchical kwekero dzemanyuko, kero dzenzvimbo, manyuko enzvimbo, manyuko enzvimbo, uye mhando dzeprotocol, DPI inowedzerawo application-layer analysis kuti ione maapplication akasiyana siyana uye zviri mukati mawo. Kana 1P packet, TCP kana UDP data ichifamba nebandwidth management system zvichibva paDPI technology, system inoverenga zviri mukati me1P packet load kuti igadzirise patsva ruzivo rwe application layer muOSI Layer 7 protocol, kuitira kuti iwane zviri mukati meapplication program yese, uye yozogadzira traffic zvichienderana ne management policy inotsanangurwa nesystem.
DPI inoshanda sei?
Mafirewall echinyakare anowanzo shaya simba rekugadzirisa kuti aite ongororo dzakakwana panguva chaiyo pane vanhu vakawanda vari mutraffic. Sezvo tekinoroji ichifambira mberi, DPI inogona kushandiswa kuita ongororo dzakaoma kuti iongorore misoro nedata. Kazhinji, mafirewall ane masisitimu ekuona kupinda kwedata anowanzo shandisa DPI. Munyika umo ruzivo rwedhijitari rwuri Paamount, ruzivo rwese rwedhijitari rwunotumirwa paInternet mumapaketi madiki. Izvi zvinosanganisira email, mameseji anotumirwa kuburikidza neapp, mawebhusaiti anoshanyirwa, hurukuro dzevhidhiyo, nezvimwewo. Kuwedzera kune data chairo, mapaketi aya anosanganisira metadata inoratidza kwakabva traffic, zviri mukati, kwainoenda, uye rumwe ruzivo rwakakosha. Nehunyanzvi hwekusefa mapaketi, data rinogona kugara richitariswa uye richitarisirwa kuti riendeswe kunzvimbo chaiyo. Asi kuti ive nechokwadi chekuchengetedzwa kwenetwork, kusefa mapaketi echinyakare hakuna kukwana. Dzimwe dzenzira huru dzekuongorora mapaketi akadzika mukutarisira network dzakanyorwa pazasi:
Maitiro/Siginicha Yekufananidza
Paketi yega yega inotariswa kuti ionekwe here kana kuti kwete ichienderana nedhatabhesi yekurwisa network kunozivikanwa nefirewall ine kugona kwekuona system yekupinda (IDS). IDS inotsvaga mapatani anozivikanwa ane njodzi uye inodzima traffic kana mapatani ane njodzi awanikwa. Dambudziko remutemo wekufananidza siginecha nderokuti inoshanda chete kumasaini anogadziriswa nguva nenguva. Pamusoro pezvo, tekinoroji iyi inogona kungodzivirira kubva kunjodzi dzinozivikanwa kana kurwiswa.
Kunze kweProtocol
Sezvo nzira yekusiya protocol isingabvumire data rese risingaenderane nedatabase resignature, nzira yekusiya protocol inoshandiswa neIDS firewall haina zvikanganiso zvemukati menzira yekufananidza pattern/signature. Pane kudaro, inoshandisa mutemo wekuramba wakatarwa. Nekutsanangurwa kweprotocol, firewalls inosarudza kuti ndeapi traffic inofanira kubvumidzwa uye inodzivirira network kubva kunjodzi dzisingazivikanwe.
Sisitimu yekudzivirira kupinda (IPS)
Mhinduro dzeIPS dzinogona kudzivirira kutapurirana kwemapaketi ane njodzi zvichienderana nezvaari, nokudaro dzichimisa kurwiswa kunofungidzirwa munguva chaiyo. Izvi zvinoreva kuti kana paketi ichiratidza njodzi yekuchengetedza inozivikanwa, IPS ichavhara traffic yenetiweki zvichibva pamitemo yakatarwa. Chimwe chakaipa cheIPS ndechekuda kugadzirisa database yekutyisidzira kwecyber nguva dzose neruzivo nezvenjodzi itsva, uye mukana wekuti pave nenhema. Asi njodzi iyi inogona kuderedzwa nekugadzira mitemo yekuchengetedza uye miganhu yecustom, kugadzira maitiro akakodzera ezvikamu zvenetiweki, uye kuongorora nguva nenguva yambiro nezviitiko zvakataurwa kuti kuwedzere kutarisa nekuzivisa.
1- Iyo DPI (Kuongorora Kwakadzika Kwepaketi) muNetwork Packet Broker
"Kudzika" ndiko kuenzanisa kwakaenzana uye kwakajairika kwekuongorora mapaketi, "kuongororwa kwepaketi kwakajairika" chete kuongorora kunotevera kweIP packet 4 layer, kusanganisira kero yekwakabva, kero yekwakabva, chiteshi chekwakabva, chiteshi chekwakabva uye mhando yeprotocol, uye DPI kunze kwekuongorora kwehierarchical, zvakare kwakawedzera ongororo yechirongwa, kuziva mashandisirwo akasiyana-siyana uye zvirimo, kuti zviitike mabasa makuru:
1) Kuongorora Mashandisirwo -- kuongorora kuumbwa kwetraffic ye network, kuongorora mashandiro, uye kuongorora kuyerera kwemafambiro
2) Kuongorora Mushandisi -- kusiyanisa boka revashandisi, kuongorora maitiro, kuongorora magumo, kuongorora maitiro, nezvimwewo.
3) Kuongororwa kweNetwork Element -- ongororo yakavakirwa pahunhu hwenzvimbo (guta, dunhu, mugwagwa, nezvimwewo) uye mutoro wechiteshi chepasi
4) Kudzora Traffic -- Kudzora kumhanya kweP2P, kuvimbiswa kweQoS, kuvimbiswa kwebandwidth, kugadzirisa zviwanikwa zve network, nezvimwewo.
5) Kuvimbiswa Kwekuchengetedzwa -- Kurwiswa kweDDoS, dutu rekuparadzira data, kudzivirira kurwiswa kwehutachiona hwakaipisisa, nezvimwewo.
2- Kurongeka Kwakazara kweNetwork Applications
Nhasi kune mapurogiramu akawanda paInternet, asi mapurogiramu epa internet anogona kuva akawanda.
Sekuziva kwangu, kambani inonyanya kuzivikanwa kwemaapp iHuawei, iyo inoti inoziva maapplication anosvika zviuru zvina. Kuongororwa kweprotocol ndiyo module huru yemakambani mazhinji efirewall (Huawei, ZTE, nezvimwewo), uye zvakare imodule yakakosha zvikuru, inotsigira kuzadzikiswa kwemamwe mamodule anoshanda, kuzivikanwa kwemaapplication kwakarurama, uye kuvandudza mashandiro uye kuvimbika kwezvigadzirwa. Mukuenzanisa kuzivikanwa kwemalware zvichibva pane hunhu hwe network traffic, sezvandiri kuita izvozvi, kuzivikanwa kweprotocol kwakarurama uye kwakakura kwakakoshawo. Kunze kwe network traffic yemaapplication akajairika kubva kune traffic yekambani yekutumira kunze, traffic yasara ichave chikamu chidiki, izvo zviri nani pakuongorora malware uye alarm.
Zvichibva pane zvakaitika kwandiri, maapplication aripo anowanzo shandiswa akapatsanurwa zvichienderana nemabasa awo:
PS: Zvichienderana nekunzwisisa kwako pachako kurongwa kwezvikumbiro, une mazano akanaka ekugamuchira kusiya meseji yekukurudzira.
1). E-mail
2). Vhidhiyo
3). Mitambo
4). Kirasi yeOA yeHofisi
5). Kugadziridzwa kwesoftware
6). Zvemari (bhangi, Alipay)
7). Masheya
8). Kutaurirana Pamagariro Evanhu (software yeIM)
9). Kutsvaga pawebhu (zvichida zviri nani kuziva maURL)
10). Zvishandiso zvekudhawunirodha (web disk, kudhawunirodha P2P, zvine chekuita neBT)
Zvadaro, mashandiro anoita DPI (Deep Packet Inspection) muNPB:
1). Kubatwa Kwemapaketi: Iyo NPB inobata traffic yenetiweki kubva kunzvimbo dzakasiyana siyana, dzakadai semaswichi, marouter, kana matepi. Inogamuchira mapaketi anoyerera nepanetwork.
2). Kuongorora Packet: Mapaketi akabatwa anoongororwa neNPB kuti abudise ma layers akasiyana-siyana eprotocol nedata rakabatana. Maitiro aya ekuongorora anobatsira kuona zvikamu zvakasiyana mukati memapaketi, zvakaita seEthernet headers, IP headers, transport layer headers (semuenzaniso, TCP kana UDP), uye application layer protocols.
3). Kuongororwa kweMutoro: NeDPI, NPB inopfuura kuongororwa kwemusoro wenyaya asi inotarisa pamutoro wepayload, kusanganisira data chairo riri mumapaketi. Inoongorora zviri mukati memutoro wepayload zvakadzama, zvisinei nekushandiswa kana protocol yakashandiswa, kuti iwane ruzivo rwakakodzera.
4). Kuzivikanwa kweProtocol: DPI inogonesa NPB kuziva maprotocol chaiwo nemaapplication ari kushandiswa mukati me network traffic. Inogona kuona nekupatsanura maprotocol akadai seHTTP, FTP, SMTP, DNS, VoIP, kana maprotocol evhidhiyo.
5). Kuongorora Zviri Mukati: DPI inobvumira NPB kuti iongorore zviri mumapaketi kuti ione mapatani chaiwo, masiginecha, kana mazwi akakosha. Izvi zvinoita kuti pave nekuonekwa kwezvipingamupinyi zvenetwork, zvakaita se malware, mavhairasi, kuedza kupinda munetwork, kana zviitiko zvinofungirwa. DPI inogona zvakare kushandiswa mukuchenesa zviri mukati, kusimbisa mitemo yenetwork, kana kuona kutyorwa kwemitemo yedata.
6). Kubviswa kweMetadata: Munguva yeDPI, NPB inoburitsa metadata yakakodzera kubva mumapaketi. Izvi zvinogona kusanganisira ruzivo rwakadai sekero dzeIP dzinobva uye dzekwadzinoenda, nhamba dzechiteshi, ruzivo rwechikamu, data rekutengeserana, kana chero humwe hunhu hwakakodzera.
7). Kufambisa Mafambiro Emota Kana Kusefa: Zvichibva pakuongorora kweDPI, NPB inogona kuendesa mapaketi chaiwo kunzvimbo dzakatarwa kuti agadziriswe, zvakaita semidziyo yekuchengetedza, maturusi ekutarisa, kana mapuratifomu ekuongorora. Inogona zvakare kushandisa mitemo yekusefa kurasa kana kutungamira mapaketi zvichienderana nezviri mukati kana mapatani akaonekwa.
Nguva yekutumira: Chikumi-25-2023
