Chii chinonzi SSL / tls decryption?
SSL Decryption, inozivikanwa zvakare seSSL / TLS Decryption, inoreva maitiro ekurindira uye kuderera kwekuchengetedza mikova SSL / TLS ndeyekunyoreswa kwakashandiswa zvakanyanya protocol iyo inochengetedza data kutapurirana pamusoro pemakomputa network network.
SSL Decryption inowanzoitwa nekuchengetedza michina, senge firewalls, intrusion yekudzivirira masisitimu (IPS), kana yakazvitsaurira SSL decryption zvishandiso. Midziyo iyi inoiswa zvine hunyanzvi mukati me network yekuongorora yakashamiswa traffic yezvinangwa zvekuchengetedza. Chinangwa chikuru ndechekuongorora iyo yakanyorwa data yekukanganisa kunogona kutyisidzira, Malware, kana zviitiko zvisina kubvumidzwa.
Kuita SSL Decryption, chishandiso chengetedzo chinoita semurume-mu-pakati pakati pemutengi (semuenzaniso, web browser) uye seva. Kana mutengi achitanga iyo SSL / TLS yekubatanidza ne server, mudziyo wekuchengetedza anokanganisa traffic
Chengetedzo chengetedzo saka decrypts traffic kubva kumutengi, inoongorora zvakanyorwa zvinyorwa, uye zvinoshandisa maitiro ekuchengetedza kuti uzive chero chiitiko chakaipa kana chekufungidzira. Inogona zvakare kuita mabasa akadai sekudzivirira kwedatha yedata, zvirimo kusviba, kana malware kuongororwa pane iyo decrypted data. Kamwe chete traffic yakaongororwa, iyo yekuchengetedza mudziyo zvakare inoshandisa iyo itsva SSL / TL Setifiketi uye inotumira iyo kune seva.
Izvo zvakakosha kuti uone kuti SSL decryption inomutsa zvakavanzika uye kuchengetedza kunetsekana. Sezvo mudziyo wekuchengetedza unokwanisa kuwana data decrypt Naizvozvo, SSL decryption inowanzoitwa mukati mekudzorwa uye yakachengetedzwa nharaunda kuti ive nechokwadi chekuvanzika uye kutendeseka kwe data rakabatanidzwa.
SSL Decryption ine nzira nhatu dzakajairika, ndeiyi:
- Passive mode
- Inbound maitiro
- Outbound maitiro
Asi, chii kusiyana kwemhando nhatu dzeSSL decryption?
| Maitiro | Passive mode | Inbound mode | Outbound maitiro |
| Tsananguro | Kungoendesa mberi SSL / TLS traffic isina kutsvaira kana kuchinjika. | Decrypts Zvekukumbira Vatengi, anoongorora uye anoshandisa marongero ekuchengetedza, anobva atumira zvikumbiro kuseva. | Decrypts Server Mhinduro, kuongorora uye inoshandisa marongero ekuchengetedza, zvinoendesa mhinduro kumutengi. |
| Kuyerera traffic | Bi-kutungamira | Mutengi kuseva | Server kune mutengi |
| Mudziyo wekushandisa | Mucherechedzi | Man-In-The-Pakati | Man-In-The-Pakati |
| Decryption Nzvimbo | Hapana kutsauka | Decrypts pane network perimeter (kazhinji pamberi pe server). | Decrypts pane network perimeter (kazhinji pamberi pemutengi). |
| Kuoneka kwemotokari | Encrypted traffic chete | Decrypted Mutengi zvikumbiro | Decrypted server mhinduro |
| Traffic shanduko | Hapana shanduko | Inogona kugadzirisa traffic yekuongorora kana kuchengetedza zvinangwa. | Inogona kugadzirisa traffic yekuongorora kana kuchengetedza zvinangwa. |
| SSL Chitupa | Hapana chikonzero chekiyi yakavanzika kana chitupa | Inoda yakavanzika kiyi uye chitupa chekureva sevha ichirongwa | Inoda yakavanzika kiyi uye chitupa chemutengi ari kuwiriranwa |
| Kuchengetedza Kudzora | Kushoma kutonga sezvo zvisingakwanise kuongorora kana kushandura cletrypt traffic | Inogona kuongorora uye kushandisa kuchengetedza marongero kune vevatengi zvikumbiro usati wasvika server | Inogona kuongorora uye kushandisa kuchengetedza marongero kune server mhinduro usati wasvika kune mutengi |
| Zvekuvanzika Zvinonetsa | Haina kupinda kana kuongorora yakanyorwa data | Ine mukana wekunyora madhiri emutengi, kusimudzira kunetsekana kwekuvanzika | Inowana mukana wekusimbisa server mhinduro, kusimudzira zvinetso zvekuvanzika |
| Kutevedzera kufunga | Kukanganisa kushoma pakuvanzika uye kutevedzera | Inogona kuda kuteerana ne data rekuchengetedza data | Inogona kuda kuteerana ne data rekuchengetedza data |
Kuenzaniswa neiyo serial decryption yeiyo yakachengeteka yekufambisa chikuva, iyo tsika serial decryption tekinoroji ine zvisingakwanisi.
Firewalls uye Network Security Gedhi iyo Decrypt SSL / TLT Traffic inowanzotadza kutumira decrypt Saizvozvo, mutevedzeri kuenzanisa kunobvisa SSL / TLS traffic uye inogovera zvakanyatsogovera mutoro pakati pemaseva, asi zvinotadza kugovera traffic kune akawanda kuchenesa zvishandiso zvekuchengetedza usati wanyorerwazve. Pakupedzisira, mhinduro idzi dzinoshaya kusarudzwa kwetraffic uye kuchagovera kusarudzika traffic kuWire-kumhanya, kazhinji kutumira traffic yese kune injini yekusagadzikana, kugadzira matambudziko ekuita.
NesLNGING ™ SSL Decryption, iwe unogona kugadzirisa matambudziko aya:
1- Kuvandudza zviripo zviripo zvekuchengetedza neCentralation uye Offloading SSL Decryption uye Re-encryption;
2- Pfumai kutyisidzira kwakavanzika, data rakaputsika, uye malware;
3- Remekedzeka data yekuvanzika yekuvanzika ine mutemo-yakavakirwa sarudzo nzira dzekugadzirisa;
4 -
5- Chinja kuita kwako network, uye kugadzirisa zvakakodzera kuti uve nechokwadi chekuyera pakati pekuchengetedza uye kuita.
Izvi ndezvimwe zvezvinhu zvakakosha zveSSL decryption mune network packet broker. NaDecrypting SSL / TLS Traffic, NPBS inosimudzira kuoneka uye nekubudirira kwekuchengetedza uye kuongorora zvishandiso zvekuchengetedza, kuve nekuchengetedza network kuchengetedza network network uye chekuita kwekutarisa kwekutarisa. SSL Decryption mune Network Packet Broker (NPBS) inosanganisira kuwana uye kuderera concrypted traffic yekuongorora uye kuongororwa. Kuverengera kuvanzika uye chengetedzo yeiyo decrypted traffic ndeyekukosha zvakanyanya. Izvo zvakakosha kuti zvioneke kuti masangano anoendesa SSL decryption muNPS inofanirwa kunge iine marongero akajeka uye maitiro ari munzvimbo yekutonga traffic Kuteerana nezvinodiwa zvepamutemo zvinokosha zvinokosha kuti uve nechokwadi chekuvanzika uye kuchengetedzeka kwemakadhidhi ekugadzirisa.
Kutumira Nguva: Sep-04-2023
