Nhanganyaya
Kuunganidzwa kweTraffic neNetwork ndiyo nzira inoshanda zvikuru yekuwana zviratidzo zvemaitiro evashandisi venetwork zvakananga. Nekuvandudzwa kuri kuitwa nekushanda nekugadzirisa Q data center, kuunganidzwa kwetraffic nenetwork kwave chikamu chakakosha chezvivakwa zvedata center. Kubva pakushandiswa kuri kuitwa muindasitiri, kuunganidzwa kwetraffic nenetwork kunonyanya kuitwa nemidziyo yenetwork inotsigira bypass traffic mirror. Kuunganidzwa kwetraffic kunofanirwa kugadzira kufukidza kwakakwana, network yekuunganidza traffic inonzwisisika uye inoshanda, kuunganidzwa kwetraffic kwakadaro kunogona kubatsira kugadzirisa zviratidzo zvenetwork nebhizinesi uye kuderedza mukana wekukundikana.
Network yekuunganidza traffic inogona kuonekwa senetwork yakazvimiririra inoumbwa nemidziyo yekuunganidza traffic uye inoshandiswa pamwe chete nenetwork yekugadzira. Inounganidza traffic yemufananidzo wenetwork yega yega uye inounganidza traffic yemifananidzo zvichienderana nemazinga edunhu uye ekuvaka. Inoshandisa alarm yekutsvaira traffic mumidziyo yekuwana traffic kuti iwane kumhanya kwakazara kwedata rema layers maviri kusvika mana ekusefa, kubvisa mapaketi maviri, kudimbura mapaketi nezvimwe zvinoshanda zvepamusoro, uye yozotumira data kune yega yega traffic analysis system. Network yekuunganidza traffic inogona kutumira data chaiyo kune yega yega mudziyo zvichienderana nezvinodiwa nedata resystem yega yega, uye kugadzirisa dambudziko rekuti data regirazi rekare harigone kusefa uye kutumirwa, izvo zvinoshandisa mashandiro ekugadzirisa enetwork switches. Panguva imwecheteyo, injini yekufambisa traffic uye exchange network yetraffic collection network inoita filtering uye kutumira data nekunonoka kushoma uye nekukurumidza, inovimbisa mhando yedata rakaunganidzwa netraffic collection network, uye inopa hwaro hwakanaka hwedata remichina inotevera yekuongorora traffic.
Kuti kuderedze kukanganiswa kwekubatanidza kwekutanga, kopi yetraffic yekutanga inowanzo kuwanikwa kuburikidza nekupatsanura beam, SPAN kana TAP.
Tap yeNetwork Isingashande (Optical Splitter)
Nzira yekushandisa kupatsanura chiedza kuti uwane kopi yetraffic inoda rubatsiro rwechishandiso chekupatsanura chiedza. Chinopatsanura chiedza mudziyo wekuona usingashande unogona kugovera simba rechiratidzo chekuona zvichienderana nehuwandu hunodiwa. Chinopatsanura chinogona kupatsanura chiedza kubva pa1 kusvika 2,1 kusvika 4 uye 1 kune nzira dzakawanda. Kuti kuderedze kukanganiswa kwekubatanidza kwekutanga, nzvimbo yedata inowanzo tora chiyero chekupatsanura che80:20, 70:30, umo 70,80 chikamu chechiratidzo chekuona chinodzoserwa kukubatanidza kwekutanga. Parizvino, ma optical splitters anoshandiswa zvakanyanya mukuongorora mashandiro enetwork (NPM/APM), audit system, user behavior analysis, network intrusion detection nezvimwe zviitiko.
Zvakanakira:
1. Kuvimbika kwakanyanya, mudziyo wekuona usingashande;
2. Haigari muchiteshi chekuchinja, michina yakazvimirira, inogona kuwedzera zvakanaka;
3. Hapana chikonzero chekugadzirisa magadzirirwo eswitch, hapana kukanganiswa kwezvimwe zvishandiso;
4. Kuunganidzwa kwetraffic yakazara, hapana switch packet filtering, kusanganisira error packets, nezvimwewo.
Zvakashata:
1. Kudiwa kwekucheka network zviri nyore, plug yefiber yekubatanidza musana uye dial kune optical splitter, kunoderedza simba re optical remamwe ma backbone links.
SPAN (Girazi rePort)
SPAN chinhu chinouya neswitch pachayo, saka inongoda kugadziriswa paswitch. Zvisinei, basa iri richakanganisa mashandiro eswitch uye richakonzera kurasikirwa kwepaketi kana data rakawandisa.
Zvakanakira:
1. Hazvidikanwi kuwedzera mimwe michina, gadzirisa switch kuti iwedzere port inoenderana yekuburitsa mufananidzo
Zvakashata:
1. Shandisa chiteshi chekuchinja
2. Maswichi anofanirwa kugadziriswa, izvo zvinosanganisira kubatana pamwe chete nevagadziri vemamwe mapato, zvichiwedzera njodzi yekukundikana kwenetwork
3. Kudzokorora kwetraffic mugirazi kune chekuita nekushanda kwechiteshi uye switch.
Active Network TAP (TAP Aggregator)
Network TAP mudziyo wekunze wenetwork unogonesa kuratidzwa kweport uye kugadzira kopi yetraffic kuti ishandiswe nemidziyo yakasiyana-siyana yekutarisa. Midziyo iyi inounzwa panzvimbo iri munzira yenetwork inoda kucherechedzwa, uye inokopa mapaketi eIP data uye inoatumira kune network monitoring tool. Kusarudzwa kwenzvimbo yekupinda yeNetwork TAP device kunoenderana nekutarisa kwenetwork traffic - zvikonzero zvekuunganidza data, kutarisa nguva dzose kwekuongorora nekunonoka, kuona kupinda, nezvimwewo. Network TAP devices inogona kuunganidza uye kuratidza data streams pa1G rate kusvika ku100G.
Midziyo iyi inopinda mutraffic pasina network TAP device inochinja mafambiro epaketi nenzira ipi zvayo, zvisinei nehuwandu hwedata traffic. Izvi zvinoreva kuti network traffic haisi pasi pekutarisa uye kuenzanisa port, izvo zvakakosha pakuchengetedza kuvimbika kwedata parinoriendesa kune zvekuchengetedza uye zvekuongorora.
Inoita kuti zvishandiso zve network zvinotarisa makopi etraffic kuitira kuti zvishandiso zve network TAP zviite sevatariri. Nekupa kopi yedata rako kune chero mudziyo/ese akabatana, unowana kuoneka kwakazara panzvimbo ye network. Kana mudziyo we network TAP kana mudziyo we monitoring ukakundikana, unoziva kuti traffic haizokanganisike, zvichiita kuti operating system irambe yakachengeteka uye iripo.
Panguva imwe chete, inova chinangwa chikuru chemidziyo yeTAP yenetwork. Kuwana mapaketi kunogona kupihwa nguva dzose pasina kukanganisa traffic munetwork, uye mhinduro idzi dzekuonekwa dzinogonawo kugadzirisa nyaya dzakanyanya kunaka. Zvinodiwa zvekutarisa zvishandiso kubva kumadziro emoto echizvarwa chinotevera kusvika pakudzivirira kudonha kwedata, kutarisa mashandiro eapplication, SIEM, digital forensics, IPS, IDS nezvimwe, zvinomanikidza michina yeTAP yenetwork kuti ishanduke.
Pamusoro pekupa kopi yakazara yetraffic uye kuchengetedza kuwanikwa, zvishandiso zveTAP zvinogona kupa zvinotevera.
1. Sefa Mapaketi Kuti Uwedzere Kushanda Kwekutarisa Network
Kungoti mudziyo weNetwork TAP unogona kugadzira kopi ye100% yepaketi pane imwe nguva hazvirevi kuti chishandiso chega chega chekutarisa nekuchengetedza chinofanira kuona zvese. Kutumira traffic kune ese maturusi ekutarisa nekuchengetedza network panguva chaiyo kunongokonzera kuodha kwakawandisa, nokudaro zvichikanganisa mashandiro ezvishandiso nenetwork panguva yacho.
Kuisa mudziyo weNetwork TAP wakakodzera kunogona kubatsira kusefa mapaketi kana aendeswa kune chishandiso chekutarisa, kuparadzira data rakakodzera kune chishandiso chakakodzera. Mienzaniso yezvishandiso zvakadaro inosanganisira masisitimu ekuona kupinda muchivande (IDS), Kudzivirira kurasikirwa nedata (DLP), ruzivo rwekuchengetedza uye manejimendi ezviitiko (SIEM), kuongorora kwezvekuferefeta, nezvimwe zvakawanda.
2. Malink Akabatanidzwa Ekubatanidza Nzvimbo Nevanhu Vanoshanda Zvakanaka
Sezvo zvinodiwa zveNetwork Monitoring and Security zvichiwedzera, mainjiniya enetwork anofanirwa kutsvaga nzira dzekushandisa bhajeti reIT riripo kuti aite mabasa akawanda. Asi pane imwe nguva, haugone kuramba uchiwedzera zvishandiso zvitsva mu stack uye kuwedzera kuoma kwenetwork yako. Zvakakosha kushandisa zvakanyanya maturusi ekutarisa uye ekuchengetedza.
Zvishandiso zveNetwork TAP zvinogona kubatsira nekuunganidza traffic yakawanda yenetwork, kuenda kumabvazuva nekumadokero, kuti zvitumire mapaketi kumidziyo yakabatana kuburikidza nechiteshi chimwe chete. Kushandisa maturusi ekuonekwa nenzira iyi kuchaderedza huwandu hwezvishandiso zvekutarisa zvinodiwa. Sezvo traffic yedata yeEast-West ichiramba ichikura munzvimbo dzedata uye pakati penzvimbo dzedata, chinodiwa chezvishandiso zvenetwork TAP chakakosha kuchengetedza kuonekwa kwemafambiro ese edata muhuwandu hwakawanda hwedata.
Nyaya yakafanana nayo ingakufadza, ndapota shanyira pano:Ungatora sei vanhu vari paNetwork Tap vs Port Mirror?
Nguva yekutumira: Gumiguru-24-2024
