Chii chinonzi Bypass?
Chishandiso cheNetwork Security chinowanzo shandiswa pakati pema network maviri kana anopfuura, senge pakati pe network yemukati ne network yekunze. Chishandiso cheNetwork Security kuburikidza ne network packet analysis yacho, kuti chione kana paine njodzi, mushure mekugadziriswa zvinoenderana nemitemo ye routing, kutumira packet kuti ibude, uye kana network security midziyo ikasashanda zvakanaka, Semuenzaniso, mushure mekukundikana kwemagetsi kana kubonderana, network segments dzakabatana ne device dzinobviswa kubva kune imwe. Muchiitiko ichi, kana network yega yega ichida kubatana, ipapo Bypass inofanira kuoneka.
Basa reBypass, sezvinoreva zita racho, rinoita kuti ma network maviri aya abatane panyama pasina kupfuura nepa system ye network security device kuburikidza ne specific triggering state (kukundikana kwemagetsi kana kudonha kwemagetsi). Saka, kana network security device ikakundikana, network yakabatana neBypass device inogona kutaurirana. Ehe, network device haigadzirise mapaketi pa network.
Maitiro ekuisa Bypass Application Mode muzvikamu zvipi?
Bypass yakakamurwa kuita nzira dzekudzora kana dzekuita kuti zvinhu zvitange, idzo dzinotevera
1. Inokonzerwa nemagetsi. Mumuitiro uyu, basa reBypass rinoita kuti mudziyo ushande kana wadzima. Kana mudziyo ukashanda, basa reBypass rinodzimwa ipapo ipapo.
2. Inodzorwa neGPIO. Mushure mekupinda muOS, unogona kushandisa GPIO kushandisa maports chaiwo kudzora switch yeBypass.
3. Kudzora neWatchdog. Uku kuwedzera kwemodhi 2. Unogona kushandisa Watchdog kudzora kubvumira nekudzima chirongwa cheGPIO Bypass kudzora mamiriro eBypass. Nenzira iyi, kana puratifomu ikadonha, Bypass inogona kuvhurwa neWatchdog.
Mumashandisirwo anoitwa, mamiriro matatu aya anowanzovapo panguva imwe chete, kunyanya nzira mbiri 1 ne2. Nzira yekushandisa ndeyekuti: kana mudziyo wadzimwa, Bypass inobatidzwa. Kana mudziyo wabatidzwa, Bypass inobatidzwa neBIOS. Kana BIOS yatora mudziyo, Bypass ichiri kubatidzwa. Dzima Bypass kuitira kuti application ishande. Munguva yekutanga, hapana kana network inobatidzwa.
Chii chinonzi Nheyo yekushandiswa kweBypass?
1. Dhigirii reHardware
Padanho rehardware, marelay anonyanya kushandiswa kuita kuti pave neBypass. Marelay aya akabatana netambo dzesignal dzemaports maviri eBypass network. Mufananidzo unotevera unoratidza mashandiro erelay uchishandisa tambo imwe chete yesignal.
Semuenzaniso, tora chinhu chinotanga magetsi. Kana magetsi apera, switch iri mu relay ichasvika pa 1, kureva kuti, Rx iri pa RJ45 interface yeLAN1 ichabatana zvakananga ne RJ45 Tx yeLAN2, uye kana mudziyo wabatidzwa, switch yacho ichabatana ne 2. Nenzira iyi, kana network yekutaurirana pakati peLAN1 neLAN2 ichidikanwa, unofanirwa kuita izvozvo kuburikidza ne application iri pamudziyo.
2. Chikamu cheSoftware
Muchikamu cheBypass, GPIO neWatchdog zvinotaurwa kuti zvinodzora uye zvinokonzeresa Bypass. Kutaura zvazviri, nzira mbiri idzi dzinoshandisa GPIO, uye GPIO inodzora relay iri pahardware kuti iite kusvetuka kwakakodzera. Kunyanya, kana GPIO inoenderana yakaiswa padanho repamusoro, relay ichasvetuka kuenda panzvimbo 1 zvinoenderana, nepo kana GPIO cup yakaiswa padanho repasi, relay ichasvetuka kuenda panzvimbo 2 zvinoenderana.
Kune Watchdog Bypass, inowedzerwa Watchdog control Bypass zvichibva paGPIO control iri pamusoro. Mushure mekunge watchdog yatanga kushanda, isa chiito chekupfuura paBIOS. Sisitimu iyi inovhura basa re watchdog. Mushure mekunge watchdog yatanga kushanda, network port bypass inoenderana inogoneswa uye mudziyo unopinda mu bypass state. Kutaura zvazviri, Bypass inodzorwawo neGPIO, asi muchiitiko ichi, kunyorwa kwemazinga akaderera kuGPIO kunoitwa neWatchdog, uye hapana imwe purogiramu inodiwa kuti unyore GPIO.
Basa reHardware Bypass ibasa rinosungirwa kuitwa nezvigadzirwa zvekuchengetedza network. Kana mudziyo ukadzima kana kupwanyika, maport emukati nekunze anobatanidzwa kuti agadzire tambo yenetwork. Nenzira iyi, traffic yedata inogona kupfuura zvakananga nemudziyo pasina kukanganiswa nemamiriro aripo pari zvino emudziyo.
Kushandiswa Kwakanyanya Kuwanikwa (HA):
Mylinking™ inopa mhinduro mbiri dziripo zvakanyanya (HA), Active/Standby uye Active/Active. Kuiswa kweActive Standby (kana active/passive) kumaturusi ekubatsira kupa failover kubva kumidziyo yekutanga kuenda kumidziyo yekuchengetedza. Uye Active/Active Inotumirwa kumalink asina kushandiswa kupa failover kana chero mudziyo unoshanda ukakundikana.
Mylinking™ Bypass TAP inotsigira maturusi maviri asina kushandiswa, anogona kuiswa muActive/Standby solution. Imwe inoshanda semudziyo wekutanga kana kuti "Active". Mudziyo weStandby kana kuti "Passive" uchiri kugamuchira traffic chaiyo kuburikidza neBypass series asi hauonekwe semudziyo wemukati. Izvi zvinopa "Hot Standby" redundancy. Kana mudziyo unoshanda ukakundikana uye Bypass TAP ikarega kugamuchira kurova kwemoyo, mudziyo westandby unobva watora nzvimbo semudziyo wekutanga uye unobva watanga kushanda ipapo ipapo.
Ndezvipi zvakanakira zvaunogona kuwana zvichibva paBypass yedu?
1-Kuisa traffic pamberi uye mushure mechishandiso chiri mukati (senge WAF, NGFW, kana IPS) kuchishandiso chiri kunze kwebhendi
2-Kutarisira maturusi akawanda ari mukati mewebhu panguva imwe chete kunoita kuti kuchengetedza kuve nyore uye kunoderedza kuoma kwenetwork
3-Inopa kusefa, kuunganidzwa, uye kuenzanisa mutoro wezvinobatanidza zviri mukati
4-Deredzai njodzi yekusaita zororo zvisina kurongwa
5-Kukundikana, kuwanikwa kwakanyanya [HA]
Nguva yekutumira: Zvita-23-2021
