Chii chinonzi Network Tap uye Network Packet Broker

Kana mudziyo weIntrusion Detection System (IDS) ukaiswa, chiteshi chegirazi pachibatiso chepakati cheruzivo chevezera hachina kukwana (semuenzaniso, chiteshi chegirazi chimwe chete chinotenderwa, uye chiteshi chegirazi chatora mimwe michina).

Panguva ino, kana isu tisingawedzere akawanda emirroring ports, tinogona kushandisa network replication, aggregation uye kutumira mudziyo kugovera huwandu hwakafanana hwemirroring data kune yedu kifaa.

Chii chinonzi Network TAP?

Zvimwe wakatanga kunzwa zita rekuti TAP switch.TAP (Terminal Access Point), inozivikanwawo seNPB (Network Packet Broker), kana Tap Aggregator?

Basa guru reTAP nderekumisa pakati pemirroring port pane network yekugadzira uye yekuongorora mudziyo cluster.Iyo TAP inounganidza yakamisikidzwa kana yakapatsanurwa traffic kubva kune imwe kana kupfuura yekugadzira network zvishandiso uye inogovera iyo traffic kune imwe kana anopfuura data data dhizaini.

Mylinking Out-of-Band Application

Common Network TAP network deployment scenarios

Network Tap ine mavara akajeka, akadai se:

Independent Hardware

TAP chidimbu chakaparadzana chehardware chisingakanganise mutoro pamidziyo iripo yetiweki, inova imwe yemabhenefiti pane port mirroring.

ML-TAP-2810 Network TapKuchinja?

ML-NPB-5410+ Network Packet BrokerNetwork Tap?

Network Transparent

Mushure mekunge TAP yabatanidzwa kunetiweki, mamwe ese maturusi ari panetwork haana kukanganiswa.Kwavari, iyo TAP iri pachena semhepo, uye michina yekutarisa yakabatana neTAP iri pachena kune network yese.

TAP yakangofanana nePort Mirroring pane switch.Saka sei uchitumira imwe TAP yakasiyana?Ngatitarisei mimwe misiyano pakati peNetwork TAP neNetwork Port Mirroring pamwe chete.

Musiyano 1: Network TAP iri nyore kugadzirisa pane port mirroring

Port mirroring inoda kugadzirwa pane switch.Kana iyo yekutarisa ichida kugadziriswa, switch inoda kugadziridzwa ALL.Nekudaro, iyo TAP inongoda kugadziridzwa payakakumbira, iyo isina kukanganisa pane iripo network zvishandiso.

Musiyano 2: Network TAP haikanganisi mashandiro etiweki zvine chekuita nechiteshi chegirazi

Port mirroring pane switch inokanganisa mashandiro eiyo switch uye inokanganisa kugona kwekuchinja.Kunyanya, kana shanduko yakabatana kune network munhevedzano se inline, iyo yekuendesa kugona kweiyo network yese inokanganiswa zvakanyanya.TAP ndeye yakazvimirira Hardware uye haikanganise mashandiro emudziyo nekuda kwetraffic mirroring.Naizvozvo, haina kukanganisa pakuremerwa kweiyo iripo network zvishandiso, iyo ine mabhenefiti makuru pane port mirroring.

Musiyano 3: Network TAP inopa yakazara yakazara traffic process pane port mirroring kudzokorora

Port mirroring haigone kuona kuti traffic yese inogona kuwanikwa nekuti switch port pachayo inosefa mamwe mapaketi ekukanganisa kana madiki saizi mapaketi.Nekudaro, iyo TAP inova nechokwadi chekuvimbika kwedata nekuti "kudzokorodza" kwakazara pachikamu chemuviri.

Musiyano 4: Kunonoka kutumira kweTAP kudiki pane kwePort Mirroring

Pane mamwe akadzika-magumo switch, port mirroring inogona kuunza latency kana uchikopa traffic kune mirroring ports, pamwe nekukopa 10/100m ports kuGiga Ethernet ports.

Kunyangwe izvi zvichinyorwa zvakanyanya, tinotenda kuti ongororo mbiri dzekupedzisira hadzina rutsigiro rwakasimba rwehunyanzvi.

Saka, mumamiriro api akajairwa, isu tinofanirwa kushandisa TAP yekugovera network traffic?Zviri nyore, kana uine zvinotevera zvinodiwa, saka Network TAP ndiyo yako yakanakisa sarudzo.

Network TAP Technologies

Teerera kune zviri pamusoro, inzwa iyo TAP network shunt ichokwadi chishandiso chemashiripiti, musika wazvino uno wakajairika TAP shunt uchishandisa iyo yepasi pedhizaini yeanosvika mapoka matatu:

FPGA

- Kuita kwepamusoro

- Zvakaoma kuvandudza

- Mutengo wepamusoro

MIPS

- Flexible uye nyore

- Kuoma kuri pakati nepakati

-Mainstream vatengesi RMI neCavium vakamira kusimudzira uye vakakundikana gare gare

ASIC

- Kuita kwepamusoro

-Kuwedzera basa rekuvandudza kwakaoma, kunyanya nekuda kwekugumira kweiyo chip pachayo

- Iyo interface uye zvakatemwa zvinoganhurirwa neiyo chip pachayo, zvichikonzera kusasimba kwekuwedzera kuita

Naizvozvo, iyo yakakwira density uye yakanyanya kumhanya Network TAP inoonekwa mumusika ine yakawanda nzvimbo yekuvandudza mukushanduka mukushandisa kunoshanda.TAP network shunters inoshandiswa kushandura protocol, kuunganidza data, shunting data, data mirroring, uye kusefa traffic.Mhando huru dzechiteshi chengarava dzinosanganisira 100G, 40G, 10G, 2.5G POS, GE, etc. Pamusana pekubviswa zvishoma nezvishoma kwezvigadzirwa zveSDH, ikozvino Network TAP shunters inonyanya kushandiswa mune zvose-Ethernet network environment.


Nguva yekutumira: May-25-2022