Nhanganyaya
Network Traffic Kuunganidza uye Ongororo ndiyo inonyanya kushanda nzira yekuwana yekutanga ruoko network mushandisi maitiro zviratidzo uye paramita. Nekuenderera mberi kwekuvandudzwa kwenzvimbo yedata Q mashandiro uye kugadzirisa, kuunganidzwa kwetiweki traffic uye kuongororwa kwave chikamu chakakosha cheiyo data center zvivakwa. Kubva pakushandiswa kweindasitiri kwazvino, kuunganidzwa kwetiweki traffic kunonyanya kuzivikanwa netiweki michina inotsigira bypass traffic girazi. Kuunganidzwa kwetraffic kunoda kumisikidza yakazara yekuvhara, inonzwisisika uye inoshanda yekuunganidza traffic network, kuunganidzwa kwetraffic kwakadaro kunogona kubatsira kukwirisa zviratidziro zvetiweki uye bhizinesi uye kuderedza mukana wekutadza.
Iyo traffic yekuunganidza network inogona kutariswa seyakazvimirira network inoumbwa nemidziyo yekuunganidza traffic uye yakaiswa mukuenderana netiweki yekugadzira. Iyo inounganidza iyo traffic yemifananidzo yeimwe netiweki mudziyo uye inounganidza iyo traffic yemifananidzo zvinoenderana nedunhu uye mazinga ekuvaka. Inoshandisa iyo traffic kusefa yekutsinhana alarm mumidziyo yekutora traffic kuona iyo yakazara mutsara kumhanya kwedata kune 2-4 akaturikidzana ekusefa kwemamiriro, kubvisa akadhindwa mapaketi, truncating mapaketi uye mamwe mabasa epamberi anoshanda, uye yozotumira iyo data kune yega yega traffic. hurongwa hwekuongorora. Iyo traffic yekuunganidza network inogona kunyatso tumira chaiyo data kune yega yega kifaa zvinoenderana nezvinodiwa nedata rega yega system, uye kugadzirisa dambudziko iro rechinyakare girazi data harigone kusefa uye kutumirwa, iro rinodya mashandiro ekugadzirisa network switch. Panguva imwecheteyo, iyo traffic yekusefa uye yekutsinhana injini yetraffic collection network inoona kusefa uye kutumira kwedata nekunonoka kunonoka uye kumhanya kwakanyanya, inova nechokwadi chemhando yedata inounganidzwa netiweki yekuunganidza traffic, uye inopa hwaro hwakanaka hwe data kune midziyo yekuongorora traffic.
Kuti uderedze kukanganiswa pane yekutanga link, kopi yepakutanga traffic inowanzo wanikwa nenzira yekutsemura danda, SPAN kana TAP.
Passive Network Tap (Optical Splitter)
Nzira yekushandisa kupatsanurwa kwechiedza kuwana traffic kopi inoda rubatsiro rwechiedza chinoparadzanisa mudziyo. The light splitter is passive optical device iyo inogona kugoverazve simba rekusimba kwechiratidzo chemaziso maererano nechiyero chinodiwa. Iyo splitter inogona kupatsanura mwenje kubva 1 kusvika 2,1 kusvika 4 uye 1 kune akawanda chiteshi. Kuti uderedze mhedzisiro pane yekutanga link, iyo data data inowanzo tora iyo optical splitting ratio ye80:20, 70:30, umo 70,80 chikamu chechiratidzo chemaziso chinodzoserwa kune yekutanga link. Parizvino, optical splitters anoshandiswa zvakanyanya mu network performance analysis (NPM/APM), audit system, user behaviour analysis, network intrusion kuonekwa uye zvimwe zviitiko.
Zvakanakira:
1. Kuvimbika kwakanyanya, passive optical mudziyo;
2. Haitore chiteshi chekuchinja, midziyo yakazvimirira, inotevera inogona kuva yakanaka yekuwedzera;
3. Hapana chikonzero chekugadzirisa shanduko yekushandura, hapana kukanganisa kune mamwe midziyo;
4. Yakazara traffic muunganidzwa, hapana switch packet kusefa, kusanganisira kukanganisa mapaketi, nezvimwe.
Zvakaipa:
1. Kudiwa kweiyo nyore network cutover, backbone link fiber plug uye dial kune optical splitter, inoderedza simba rekuona reimwe backbone links.
SPAN(Port Mirror)
SPAN chinhu chinouya neiyo switch pachayo, saka chinongoda kugadziridzwa pane switch. Nekudaro, basa iri rinokanganisa mashandiro ekuchinja uye kukonzera kurasikirwa kwepaketi kana data yaremerwa.
Zvakanakira:
1. Izvo hazvifanirwe kuwedzera mimwe michina, gadzirisa switch kuti uwedzere inowirirana mufananidzo replication goho port
Zvakaipa:
1. Tora chiteshi chekuchinja
2. Shanduko dzinoda kugadziridzwa, izvo zvinosanganisira kubatana pamwe nevagadziri vebato rechitatu, kuwedzera njodzi inogona kuitika yekutadza network.
3. Mirror traffic replication ine chekuita pane port uye switch performance.
Active Network TAP (TAP Aggregator)
A Network TAP ndeyekunze network mudziyo unogonesa port mirroring uye inogadzira kopi yetraffic kuti ishandiswe neakasiyana maturusi ekutarisa. Zvishandiso izvi zvinounzwa pane imwe nzvimbo munzira yetiweki inoda kucherechedzwa, uye inokopa iyo data IP mapaketi uye inoatumira kune network yekutarisa chishandiso. Sarudzo yenzvimbo yekuwana yeNetwork TAP mudziyo inoenderana nekutarisa kweiyo network traffic - data kuunganidza zvikonzero, yenguva dzose yekutarisisa yekuongorora uye kunonoka, kuona intrusion, etc. Network TAP zvishandiso zvinogona kuunganidza uye girazi data hova pachiyero che1G kusvika. 100G.
Aya maturusi anowana traffic pasina network TAP chishandiso chinogadzirisa kuyerera kwepaketi chero nzira, zvisinei nechiyero chetraffic data. Izvi zvinoreva kuti network traffic haisi pasi pekutarisa uye port mirroring, izvo zvakakosha pakuchengetedza kutendeseka kweiyo data paunenge uchiendesa kune chengetedzo uye kuongorora maturusi.
Iyo inova nechokwadi chekuti network yeperipheral zvishandiso inotarisisa makopi etraffic kuitira kuti network TAP zvishandiso zviite sevacherechedzi. Nekudyisa kopi yedata rako kune chero / ese akabatana zvishandiso, iwe unowana kuoneka kuzere pane network point. Muchiitiko chekuti network TAP mudziyo kana yekutarisisa mudziyo ikatadza, unoziva kuti traffic haizokanganiswe, kuve nechokwadi chekuti sisitimu yekushandisa inoramba yakachengeteka uye iripo.
Panguva imwecheteyo, inova iyo chinangwa chese chetiweki TAP zvishandiso. Kuwanikwa kumapakiti kunogona kupihwa nguva dzese pasina kukanganisa traffic munetiweki, uye idzi mhinduro dzekuonekwa dzinogona zvakare kugadzirisa nyaya dzepamberi. Izvo zvinodiwa zvekutarisisa zvezvishandiso kubva kuchizvarwa chinotevera firewall kusvika kune data leakage dziviriro, application performance monitoring, SIEM, digital forensics, IPS, IDS nezvimwe, kumanikidza network TAP zvishandiso kushanduka.
Pamusoro pekupa kopi yakazara yetraffic uye kuchengetedza kuwanikwa, TAP zvishandiso zvinogona kupa zvinotevera.
1. Sefa Packets kuti Uwedzere Network Monitoring Performance
Kungoti Network TAP mudziyo unogona kugadzira 100% kopi yepakiti pane imwe nguva hazvireve kuti chese chekutarisa uye chekuchengetedza chishandiso chinoda kuona chinhu chose. Kutepfenyura traffic kune ese maturusi ekutarisa uye ekuchengetedza maturusi munguva chaiyo anozokonzeresa kuwandisa, nekudaro kukuvadza kushanda kwezvishandiso uye network mukuita.
Kuisa iyo chaiyo Network TAP mudziyo unogona kubatsira kusefa mapaketi kana uchiendeswa kune chekutarisa chishandiso, kugovera iyo data chaiyo kune chaiyo chishandiso. Mienzaniso yezvishandiso zvakadaro zvinosanganisira Intrusion monitoring systems (IDS), data loss Prevention (DLP), security information and event management (SIEM), forensic analysis, nezvimwe zvakawanda.
2. Aggregate Links for Efficient Networking
Sezvo Network Monitoring uye Chengetedzo zvinodiwa zvichiwedzera, mainjiniya etiweki anofanirwa kutsvaga nzira dzekushandisa mabhajeti eIT aripo kuita mamwe mabasa. Asi pane imwe nguva, haugone kuramba uchiwedzera zvishandiso zvitsva kune stack uye kuwedzera kuoma kwetiweki yako. Izvo zvakakosha kuti uwedzere kushandiswa kwekutarisa uye kuchengetedza maturusi.
Network TAP zvishandiso zvinogona kubatsira nekuunganidza akawanda network traffic, kumabvazuva uye kumadokero, kuendesa mapaketi kumidziyo yakabatana kuburikidza nechiteshi chimwe chete. Kuendesa maturusi ekuona nenzira iyi kunoderedza huwandu hwematurusi ekutarisa anodiwa. Sezvo East-West data traffic iri kuramba ichikura munzvimbo dzedata uye pakati penzvimbo dzedata, chinodiwa chetiweki TAP zvishandiso zvakakosha kuchengetedza kuoneka kwese kuyerera kwese kuyerera kwedata hombe.
Chinyorwa chine hukama chaungafarira, ndapota shanya pano:Nzira yekubata Network Traffic? Network Tap vs Port Mirror
Nguva yekutumira: Oct-24-2024
