NetFlow uye IPFIX ese ari maviri matekinoroji anoshandiswa kune network kuyerera kwekutarisa uye kuongorora.Ivo vanopa ruzivo rwetiweki traffic maitiro, kubatsira mukuita optimization, kugadzirisa matambudziko, uye kuchengetedzwa kwekuongorora.
NetFlow:
Chii chinonzi NetFlow?
NetFlowndiyo yekutanga kuyerera kwekutarisa mhinduro, yakatanga kugadzirwa naCisco mukupera kwema1990s.Shanduro dzinoverengeka dzakasiyana dziripo, asi kutumirwa kwakawanda kunobva pane NetFlow v5 kana NetFlow v9.Nepo imwe neimwe vhezheni iine akasiyana maitiro, iyo yekutanga mashandiro inoramba yakafanana:
Chekutanga, router, switch, firewall, kana imwe mhando yechishandiso ichatora ruzivo panetiweki "inoyerera" - chakanyanya seti yemapaketi anogovera akajairwa seti yehunhu sekwakabva uye kero yekuenda, kwainobva, uye kwekuenda chiteshi, uye protocol. type.Mushure mekunge kuyerera kwaenda kwakamira kana kuti nguva yakafanotaurwa yapfuura, mudziyo unotumira marekodhi ekuyerera kune chimwe chinozivikanwa se "kuyerera muunganidzi".
Chekupedzisira, "flow analyzer" inoita pfungwa yeaya marekodhi, ichipa nzwisiso muchimiro chekuona, nhamba, uye yakadzama nhoroondo uye chaiyo-nguva yekushuma.Mukuita, vaunganidzi uye vanoongorora vanowanzova chinhu chimwe chete, kazhinji chinosanganiswa kuita yakakura network performance monitoring solution.
NetFlow inoshanda pane yakasarudzika.Kana muchina wevatengi unosvika kune sevha, NetFlow ichatanga kutora uye kuunganidza metadata kubva mukuyerera.Mushure mekunge chikamu chamiswa, NetFlow inotumira kunze rekodhi rimwechete rakazara kumuunganidzi.
Kunyangwe ichiri kushandiswa kazhinji, NetFlow v5 ine akati wandei asingakwanisi.Minda inotengeswa kunze kwenyika yakagadziriswa, kutarisa kunotsigirwa chete munzira yekupinda, uye matekinoroji emazuva ano seIPv6, MPLS, uye VXLAN haatsigirwe.NetFlow v9, yakanziwo Flexible NetFlow (FNF), inogadzirisa zvimwe zvezvipimo izvi, zvichibvumira vashandisi kuvaka matemplate etsika uye kuwedzera rutsigiro rwematekinoroji matsva.
Vatengesi vazhinji vanewo yavo yekumisikidzwa kweNetFlow, senge jFlow kubva kuJuniper uye NetStream kubva kuHuawei.Kunyangwe iyo gadziriso ingasiyana neimwe nzira, izvi zvinoshandiswa zvinowanzo gadzira kuyerera marekodhi anowirirana neNetFlow vateresi uye vanoongorora.
Zvinokosha zveNetFlow:
~ Flow Data: NetFlow inogadzira marekodhi ekuyerera anosanganisira madhairekitori akadai sosi uye kwekuenda IP kero, zviteshi, timestamps, packet uye byte kuverenga, uye maprotocol marudzi.
~ Traffic Monitoring: NetFlow inopa kuoneka munetiweki traffic mapatani, ichibvumira vatariri kuona epamusoro maapplication, endpoints, uye traffic masosi.
~Anomaly Detection: Nekuongorora dhata rekuyerera, NetFlow inogona kuona zvisingaite senge yakawandisa bandwidth kushandiswa, network congestition, kana zvisina kujairika traffic traffic.
~ Security Analysis: NetFlow inogona kushandiswa kuona uye kuongorora zviitiko zvekuchengetedza, senge kuparadzirwa kwekuramba-sevhisi (DDoS) kurwiswa kana kuedza kusingatenderwe kuwana.
NetFlow Versions: NetFlow yakashanduka nekufamba kwenguva, uye shanduro dzakasiyana dzakaburitswa.Dzimwe shanduro dzinozivikanwa dzinosanganisira NetFlow v5, NetFlow v9, uye Flexible NetFlow.Imwe neimwe vhezheni inounza ekuwedzera uye mamwe maitiro.
IPFIX:
Chii chinonzi IPFIX?
Iyo IETF chiyero chakabuda mukutanga 2000s, Internet Protocol Flow Information Export (IPFIX) yakafanana zvakanyanya neNetFlow.Muchokwadi, NetFlow v9 yakashanda sehwaro hweIPFIX.Musiyano wekutanga pakati pezviviri ndewekuti IPFIX chiyero chakavhurika, uye inotsigirwa nevazhinji vatengesi venetwork kunze kweCisco.Kunze kwemamwe mashoma minda akawedzerwa muIPFIX, mafomati akada kufanana.Muchokwadi, IPFIX dzimwe nguva inotonzi "NetFlow v10".
Nekuda kwechikamu chekufanana kwayo neNetFlow, IPFIX inonakidzwa nerutsigiro rwakafara pakati pematanho ekutarisa mhinduro pamwe nemidziyo yetiweki.
IPFIX (Internet Protocol Flow Information Export) ndeye yakavhurika chiyero protocol yakagadziriswa neInternet Engineering Task Force (IETF).Iyo yakavakirwa paiyo NetFlow Version 9 kutsanangurwa uye inopa yakamisikidzwa fomati yekutumira kunze kuyerera marekodhi kubva kunetiweki zvishandiso.
IPFIX inovaka pamusoro peiyo pfungwa dzeNetFlow uye inoawedzera iwo kuti ape yakawedzera kuchinjika uye kudyidzana kune vakasiyana vatengesi nemidziyo.Iyo inosuma iyo pfungwa yematemplate, ichibvumira kune ine simba tsananguro yekuyerera rekodhi chimiro uye zvirimo.Izvi zvinogonesa kuisirwa kwetsika minda, tsigiro yemaprotocol matsva, uye kuwedzera.
Zvinokosha zveIPFIX:
~ Template-Based Approach: IPFIX inoshandisa ma templates kutsanangura chimiro uye zviri mukati meyekuyerera marekodhi, ichipa kuchinjika mukugadzirisa dzakasiyana data data uye protocol-yakanangana ruzivo.
~ Kudyidzana: IPFIX chiyero chakavhurika, kuve nechokwadi chekuenderana kuyerera kwekutarisa kugona kune akasiyana siyana network vatengesi nemidziyo.
~ IPv6 Tsigiro: IPFIX natively inotsigira IPv6, ichiita kuti ive yakakodzera kutarisa uye kuongorora traffic muIPv6 network.
~Enhanced Security: IPFIX inosanganisira kuchengetedza maficha akadai seTrans Layer Security (TLS) encryption uye meseji yekuvimbika inoongorora kuchengetedza kuvanzika uye kutendeseka kwekuyerera kwedata panguva yekufambisa.
IPFIX inotsigirwa zvakanyanya neakasiyana siyana vatengesi vezvishandiso zvetiweki, zvichiita kuti ive mutengesi-asina kwaakarerekera uye anogamuchirwa zvakanyanya sarudzo yetiweki kuyerera kwekutarisa.
Saka, ndeupi musiyano uripo pakati peNetFlow neIPFIX?
Mhinduro iri nyore ndeyekuti NetFlow iCisco proprietary protocol yakaunzwa kutenderera 1996 uye IPFIX ndiyo miitiro yayo yakatenderwa hama.
Ose maprotocol anoshanda chinangwa chimwe chete: kugonesa mainjiniya etiweki uye maneja kuunganidza uye kuongorora network level IP traffic inoyerera.Cisco yakagadzira NetFlow kuitira kuti ma switch uye ma routers akwanise kuburitsa ruzivo rwakakosha urwu.Tichifunga nezvekutonga kweCisco giya, NetFlow yakakurumidza kuve iyo de-facto chiyero chekuongorora traffic network.Zvakadaro, vakwikwidzi veindasitiri vakaona kuti kushandisa proprietary protocol inodzorwa nemukwikwidzi wayo mukuru yaisava pfungwa yakanaka uye nekudaro IETF yakatungamira kuyedza kumisa mutemo wakavhurika wekuongorora traffic, inova IPFIX.
IPFIX yakavakirwa paNetFlow vhezheni 9 uye yakatanga kuunzwa kutenderera 2005 asi zvakatora makore akati wandei kuti iwane kutorwa kweindasitiri.Panguva ino, maprotocol maviri acho akafanana uye kunyangwe izwi rekuti NetFlow richiri kuwanda kwekuita (kunyangwe zvisiri zvese) zvinoenderana neiyo IPFIX standard.
Heino tafura inopfupikisa mutsauko uripo pakati peNetFlow neIPFIX:
| Aspect | NetFlow | IPFIX |
|---|---|---|
| Origin | Proprietary tekinoroji yakagadzirwa neCisco | Indasitiri-yakajairwa protocol yakavakirwa paNetFlow Version 9 |
| Standardization | Cisco-chaiyo tekinoroji | Vhura mwero unotsanangurwa neIETF muRFC 7011 |
| Kuchinja-chinja | Evolved shanduro dzine chaiwo maficha | Kukuru kuchinjika uye kudyidzana kune vese vatengesi |
| Data Format | Yakagadziriswa-saizi mapaketi | Template-based approach ye customizable flow rekodhi mafomati |
| Template Support | Haisi kutsigirwa | Dynamic ma templates eku flexible field inclusion |
| Vendor Support | Kunyanya Cisco zvishandiso | Rutsigiro rwakakura kune vatengesi venetiweki |
| Extensibility | Kugadzirisa zvishoma | Kubatanidzwa kwetsika minda uye application-chaiyo data |
| Protocol Kusiyana | Cisco-chaiyo misiyano | Native IPv6 rutsigiro, yakawedzera kuyerera rekodhi sarudzo |
| Security Features | Zvishoma zvekuchengetedza maitiro | Transport Layer Security (TLS) encryption, meseji kutendeseka |
Network Flow Monitoringndiko kuunganidza, kuongorora, uye kutarisa kwetraffic inopfuura netiweki yakapihwa kana network segment.Zvinangwa zvinogona kusiyana kubva pakugadzirisa matambudziko ekubatanidza kusvika kuronga ramangwana bandwidth kugoverwa.Kuyerera kwekutarisa uye packet sampling inogona kubatsira mukuziva nekugadzirisa nyaya dzekuchengetedza.
Kuyerera kwekutarisa kunopa zvikwata zvetiweki zano rakanaka rekuti network iri kushanda sei, ichipa ruzivo mukushandiswa kwese, mashandisiro ekushandisa, zvingangoita mabhodhoro, anomalies anogona kuratidza kutyisidzira kwekuchengetedza, nezvimwe.Kune akati wandei akasiyana mazinga uye mafomati anoshandiswa mu network kuyerera kwekutarisa, kusanganisira NetFlow, sFlow, uye Internet Protocol Flow Information Export (IPFIX).Imwe neimwe inoshanda neimwe nzira yakati siyanei, asi ese akasiyana kubva kune port mirroring uye yakadzika packet ongororo pakuti haatore zviri mukati mepakeji rega rega rinopfuura pachiteshi kana kuburikidza nekuchinja.Nekudaro, kuyerera kwekutarisa kunopa ruzivo rwakawanda kupfuura SNMP, iyo inowanzoganhurwa kune yakakura nhamba senge yakazara packet uye bandwidth kushandiswa.
Network Kuyerera Zvishandiso Kuenzaniswa
| Feature | NetFlow v5 | NetFlow v9 | sFlow | IPFIX |
| Open or Proprietary | Proprietary | Proprietary | Vhura | Vhura |
| Sampled kana Flow Based | Kunyanya Kuyerera Kwakavakirwa;Sampled Mode iripo | Kunyanya Kuyerera Kwakavakirwa;Sampled Mode iripo | Sampled | Kunyanya Kuyerera Kwakavakirwa;Sampled Mode iripo |
| Information Captured | Metadata uye ruzivo rwehuwandu, kusanganisira mabhaiti akatamiswa, interface counter uye zvichingodaro | Metadata uye ruzivo rwehuwandu, kusanganisira mabhaiti akatamiswa, interface counter uye zvichingodaro | Yakwana Packet Headers, Partial Packet Payloads | Metadata uye ruzivo rwehuwandu, kusanganisira mabhaiti akatamiswa, interface counter uye zvichingodaro |
| Ingress / Egress Monitoring | Ingress Chete | Ingress uye Egress | Ingress uye Egress | Ingress uye Egress |
| IPv6/VLAN/MPLS Tsigiro | No | Ehe | Ehe | Ehe |
Nguva yekutumira: Mar-18-2024
