Ukuze kuhlaziywe ithrafikhi yenethiwekhi, kuyadingeka ukuthumela iphakethe lenethiwekhi ku-NTOP/NPROBE noma ku-Out-of-band Network Security and Monitoring Tools. Kunezixazululo ezimbili zale nkinga:
Ukulingisa Ngembobo(eyaziwa nangokuthi i-SPAN)
Ukuthepha Kwenethiwekhi(eyaziwa nangokuthi i-Replication Tap, i-Aggregation Tap, i-Active Tap, i-Copper Tap, i-Ethernet Tap, njll.)
Ngaphambi kokuchaza umehluko phakathi kwezixazululo ezimbili (i-Port Mirror kanye ne-Network Tap), kubalulekile ukuqonda ukuthi i-Ethernet isebenza kanjani. Ku-100Mbit nangaphezulu, ama-host avame ukukhuluma nge-duplex ephelele, okusho ukuthi i-host eyodwa ingathumela (i-Tx) futhi ithole (i-Rx) ngasikhathi sinye. Lokhu kusho ukuthi kukhebula le-100 Mbit elixhunywe ku-host eyodwa, inani eliphelele lethrafikhi yenethiwekhi i-host eyodwa engathumela/iyamukela (i-Tx/Rx)) lingu-2 × 100 Mbit = 200 Mbit.
I-Port mirroring iwukukopisha kwephakethe okusebenzayo, okusho ukuthi idivayisi yenethiwekhi inesibopho sangempela sokukopisha iphakethe ku-port enesibuko.
Lokhu kusho ukuthi idivayisi kumele yenze lo msebenzi ngokusebenzisa imithombo ethile (njenge-CPU), futhi zombili izikhombisi-ndlela zethrafikhi zizophindaphindwa echwebeni elifanayo. Njengoba kushiwo ngaphambili, kusixhumanisi esigcwele se-duplex, lokhu kusho ukuthi
A -> B kanye no-B -> A
Isamba sika-A ngeke sidlule isivinini senethiwekhi ngaphambi kokuba kwenzeke ukulahleka kwephakethe. Lokhu kungenxa yokuthi akukho ndawo yokukopisha amaphakethe ngokoqobo. Kuvela ukuthi ukulinganisa amachweba kuyindlela enhle njengoba kungenziwa ngamaswishi amaningi (kodwa hhayi wonke), ngoba iningi lamaswishi anobuthakathaka bokulahlekelwa yiphakethe, uma uqapha isixhumanisi esinomthwalo ongaphezu kuka-50%, noma ulinganisa amachweba echwebeni elisheshayo (isb. linganisa amachweba angu-100 Mbit echwebeni elingu-1 Gbit). Ingasaphathwa eyokuthi ukulinganisa amachweba kungadinga ukushintshana kwezinsiza zokushintshana, okungase kulayishe idivayisi futhi kubangele ukusebenza kokushintshana kwehle. Qaphela ukuthi ungaxhuma ichweba eli-1 echwebeni elilodwa, noma i-VLAN eli-1 echwebeni elilodwa, kodwa ngokuvamile awukwazi ukukopisha amachweba amaningi ku-1. (Ngakho-ke njengoba isibuko sephakethe) singekho.
I-Network TAP (Indawo Yokufinyelela Yesiphetho)iyidivayisi yehadiwe engasebenzi ngokuphelele, engakwazi ukubamba ithrafikhi kunethiwekhi ngokungasebenzisi i-inthanethi. Ivame ukusetshenziswa ukuqapha ithrafikhi phakathi kwamaphuzu amabili kunethiwekhi. Uma inethiwekhi ephakathi kwala maphuzu amabili iqukethe ikhebula elingokoqobo, i-TAP yenethiwekhi ingaba yindlela engcono kakhulu yokubamba ithrafikhi.
I-TAP yenethiwekhi inamachweba okungenani amathathu: ichweba elingu-A, ichweba elingu-B, kanye nechweba lokuqapha. Ukuze ubeke ukuthepha phakathi kwamaphuzu angu-A no-B, ikhebula lenethiwekhi eliphakathi kwephuzu elingu-A nephuzu elingu-B lithathelwa indawo ngamakhebula amabili, elinye liya echwebeni elingu-A le-TAP, elinye liya echwebeni elingu-B le-TAP. I-TAP idlula yonke ithrafikhi phakathi kwamaphuzu amabili enethiwekhi, ngakho-ke asaxhumene. I-TAP iphinde ikopishe ithrafikhi echwebeni layo lokuqapha, ngaleyo ndlela ivumela idivayisi yokuhlaziya ukuthi ilalele.
Ama-TAP enethiwekhi avame ukusetshenziswa ngamadivayisi okuqapha nokuqoqa njenge-APS. Ama-TAP angasetshenziswa nasezinhlelweni zokuphepha ngoba awaphazamisi, awatholakali kunethiwekhi, angabhekana namanethiwekhi agcwele ama-duplex nalawo angahlanganyelwanga, futhi ngokuvamile azodlula kuthrafikhi ngisho noma impompi iyeka ukusebenza noma ilahlekelwa ugesi.
Njengoba amachweba e-Network Taps engamukeli kodwa edlulisa kuphela, iswishi ayinalo ulwazi lokuthi ubani ohlezi ngemuva kwamachweba. Umphumela uba ukuthi isakaza amaphakethe kuwo wonke amachweba. Ngakho-ke, uma uxhuma idivayisi yakho yokuqapha kuswishi, idivayisi enjalo izothola wonke amaphakethe. Qaphela ukuthi le ndlela iyasebenza uma idivayisi yokuqapha ingathumeli noma yiliphi iphakethe kuswishi; ngaphandle kwalokho, iswishi izocabanga ukuthi amaphakethe acindezelwe awawona aleyo divayisi. Ukuze ufeze lokho, ungasebenzisa ikhebula lenethiwekhi ongaxhumanga kuyo izintambo ze-TX, noma usebenzise isikhombimsebenzisi senethiwekhi esingena-IP (ne-DHCP-less) esingadlulisi amaphakethe nhlobo. Ekugcineni qaphela ukuthi uma ufuna ukusebenzisa i-tap ukuze ungalahlekelwa amaphakethe, ungahlanganisi izikhombisi-ndlela noma usebenzise i-switch lapho izikhombisi-ndlela ezicindezelwe zihamba kancane (isb. 100 Mbit) kune-merge port (isb. 1 Gbit).
Ngakho-ke, Ungabamba Kanjani Ithrafikhi Yenethiwekhi? I-Network Taps vs Switch Ports Mirror
1- Ukucushwa okulula: I-Network Tap > I-Port Mirror
2- Ithonya Lokusebenza Kwenethiwekhi: Ukuthepha Kwenethiwekhi < Isibuko Sembobo
3- Ukuthwebula, Ukuphindaphinda, Ukuhlanganisa, Ikhono Lokudlulisa: Ukuthepha Kwenethiwekhi > Isibuko Sembobo
4- Ukubambezeleka Kokudlulisela Ithrafikhi: Ukuthepha Kwenethiwekhi < Isibuko Sembobo
5- Amandla Okulungisa Ithrafikhi: I-Network Tap > I-Port Mirror
Isikhathi sokuthunyelwe: Mashi-30-2022
