Eqhutshwa ukuguqulwa kwedijithali, amanethiwekhi ebhizinisi awaseyona nje "izintambo ezimbalwa ezixhumanisa amakhompyutha." Ngokukhula kwamadivayisi e-IoT, ukufuduka kwezinsizakalo efwini, kanye nokwamukelwa okwandayo komsebenzi okude, ithrafikhi yenethiwekhi iqhumile, njengethrafikhi emgwaqweni omkhulu. Kodwa-ke, lokhu kwanda kwethrafikhi nakho kuletha izinselele: amathuluzi okuphepha awakwazi ukubamba idatha ebalulekile, izinhlelo zokuqapha zigcwele ulwazi olungafuneki, futhi izinsongo ezifihliwe kuthrafikhi ebethelwe azitholakali. Yilapho "umqaphi ongabonakali" obizwa ngokuthi i-Network Packet Broker (NPB) eba wusizo khona. Isebenza njengebhuloho elihlakaniphile phakathi kwethrafikhi yenethiwekhi namathuluzi okuqapha, iphatha ukugeleza kwethrafikhi okuxakile kuyo yonke inethiwekhi ngenkathi inikeza amathuluzi okuqapha ngokunembile idatha ayidingayo, isiza amabhizinisi ukuxazulula izinselele zenethiwekhi "ezingabonakali, ezingafinyeleleki". Namuhla, sizonikeza ukuqonda okuphelele kwale ndima ebalulekile ekusebenzeni kwenethiwekhi nasekugcinweni kwayo.
1. Kungani izinkampani zifuna ama-NPB manje? — "Isidingo Sokubonakala" Samanethiwekhi Ayinkimbinkimbi
Cabanga ngalokhu: Uma inethiwekhi yakho isebenzisa amakhulu amadivayisi e-IoT, amakhulu amaseva amafu, kanye nabasebenzi abafinyelela kuyo bekude bevela kuyo yonke indawo, ungaqinisekisa kanjani ukuthi akukho thrafikhi enonya engena ngokunyenya? Unganquma kanjani ukuthi yiziphi izixhumanisi eziminyene futhi zinciphise ukusebenza kwebhizinisi?
Izindlela zokuqapha zendabuko bezilokhu zinganele isikhathi eside: noma amathuluzi okuqapha angagxila kuphela ezigabeni ezithile zethrafikhi, aswele ama-key node; noma adlulisela yonke ithrafikhi kuthuluzi ngesikhathi esisodwa, okwenza lingakwazi ukugaya ulwazi futhi lehlise ukusebenza kahle kokuhlaziya. Ngaphezu kwalokho, njengoba ithrafikhi engaphezu kuka-70% manje ibethelwe, amathuluzi endabuko awakwazi nhlobo ukubona okuqukethwe kwayo.
Ukuvela kwama-NPB kubhekana nobuhlungu "bokuntuleka kokubonakala kwenethiwekhi." Ahlala phakathi kwezindawo zokungena kwethrafikhi namathuluzi okuqapha, ahlanganisa ithrafikhi ehlakazekile, ahlunge idatha engafuneki, futhi ekugcineni asabalalise ithrafikhi enembile kuma-IDS (Intrusion Detection Systems), ama-SIEM (Security Information Management Platforms), amathuluzi okuhlaziya ukusebenza, nokuningi. Lokhu kuqinisekisa ukuthi amathuluzi okuqapha awadliwa yindlala noma agcwaliswe ngokweqile. Ama-NPB angaphinde aguqule futhi abhale ngemfihlo ithrafikhi, avikele idatha ebucayi futhi anikeze amabhizinisi umbono ocacile wesimo senethiwekhi yawo.
Kungashiwo ukuthi uma nje ibhizinisi linezidingo zokuphepha kwenethiwekhi, ukwenziwa ngcono kokusebenza noma ukuhambisana nemithetho, i-NPB isibe yingxenye eyinhloko engenakugwenywa.
Kuyini i-NPB? — Ukuhlaziywa Okulula Kusukela Ekwakhiweni Kwezakhiwo Kuya Emakhono Ayinhloko
Abantu abaningi bacabanga ukuthi igama elithi "packet broker" linesivimbelo esikhulu sobuchwepheshe sokungena. Kodwa-ke, isifaniso esitholakala kalula ukusebenzisa "isikhungo sokuhlunga ukulethwa okusheshayo": ithrafikhi yenethiwekhi "amaphasela asheshayo," i-NPB "isikhungo sokuhlunga," kanti ithuluzi lokuqapha "liyindawo yokwamukela." Umsebenzi we-NPB ukuhlanganisa amaphasela ahlakazekile (ukuhlanganiswa), ukususa amaphasela angavumelekile (ukuhlunga), nokuwahlela ngekheli (ukusabalalisa). Ingaphinde ivule futhi ihlole amaphasela akhethekile (ukususa ukubethela) futhi isuse ulwazi oluyimfihlo (ukubhucunga)—yonke inqubo isebenza kahle futhi inembile.
1. Okokuqala, ake sibheke “uhlaka” lwe-NPB: amamojula amathathu ayisisekelo okwakha
Ukuhamba komsebenzi kwe-NPB kuncike ngokuphelele ekubambisaneni kwala mamojula amathathu; akukho neyodwa yawo engalahleka:
○Imodyuli Yokufinyelela Ithrafikhi: Ilingana "ne-express delivery port" futhi isetshenziselwa ngqo ukwamukela ithrafikhi yenethiwekhi kusuka ku-switch mirror port (SPAN) noma i-splitter (TAP). Kungakhathaliseki ukuthi ithrafikhi evela kusixhumanisi esingokoqobo noma kunethiwekhi ebonakalayo, ingaqoqwa ngendlela ehlanganisiwe.
○Injini Yokucubungula:Lona "ubuchopho obuyinhloko besikhungo sokuhlunga" futhi unesibopho "sokucubungula" okubaluleke kakhulu - njengokuhlanganisa ithrafikhi enezixhumanisi eziningi (ukuhlanganiswa), ukuhlunga ithrafikhi kusuka kuhlobo oluthile lwe-IP (ukuhlunga), ukukopisha ithrafikhi efanayo bese uyithumela kumathuluzi ahlukene (ukukopisha), ukususa ukubethela ithrafikhi ebethelwe ye-SSL/TLS (ukususa ukubethela), njll. Yonke "imisebenzi emihle" iqediwe lapha.
○Imodyuli Yokusabalalisa: Kufana "nesithunywa" esasabalalisa ngokunembile ithrafikhi ecutshunguliwe kumathuluzi okuqapha ahambisanayo futhi engenza nokulinganisela umthwalo - isibonelo, uma ithuluzi lokuhlaziya ukusebenza limatasa kakhulu, ingxenye yethrafikhi izosatshalaliswa kuthuluzi lokusekelayo ukuze kugwenywe ukulayisha ngokweqile ithuluzi elilodwa.
2. "Amakhono Aqinile E-NPB": Imisebenzi engu-12 eyinhloko ixazulula izinkinga zenethiwekhi ezingu-90%
I-NPB inemisebenzi eminingi, kodwa ake sigxile kwesetshenziswa kakhulu yizinkampani. Ngayinye ihambisana nephuzu elibalulekile:
○Ukuphindaphindwa Kwethrafikhi / Ukuhlanganiswa + UkuhlungaIsibonelo, uma ibhizinisi linezixhumanisi zenethiwekhi eziyi-10, i-NPB iqala ihlanganise ithrafikhi yezixhumanisi eziyi-10, bese ihlunga "amaphakethe edatha aphindaphindwayo" kanye "nethrafikhi engafanele" (njengethrafikhi evela kubasebenzi ababuka amavidiyo), bese ithumela ithrafikhi ehlobene nebhizinisi kuphela ethuluzini lokuqapha - ithuthukisa ngqo ukusebenza kahle ngo-300%.
○Ukususwa kokubethela kwe-SSL/TLS: Namuhla, ukuhlaselwa okuningi okunonya kufihliwe kuthrafikhi ebethelwe ye-HTTPS. I-NPB ingasusa ukubethela lokhu kufinyelela ngokuphephile, okuvumela amathuluzi afana ne-IDS ne-IPS ukuthi "abone" okuqukethwe okubethelwe futhi abambe izinsongo ezifihliwe njengezixhumanisi zobugebengu bokweba imininingwane ebucayi kanye nekhodi enonya.
○Ukufihla/Ukususa Ukwehliswa Kwemininingwane: Uma ithrafikhi iqukethe ulwazi olubucayi njengezinombolo zekhadi lesikweletu nezinombolo zokuphepha komphakathi, i-NPB izosula ngokuzenzakalelayo lolu lwazi ngaphambi kokuluthumela ethuluzini lokuqapha. Lokhu ngeke kuthinte ukuhlaziywa kwethuluzi, kodwa kuzophinde kuhambisane nezidingo ze-PCI-DSS (ukuthobela imithetho yokukhokha) kanye ne-HIPAA (ukuthobela imithetho yokunakekelwa kwempilo) ukuvimbela ukuvuza kwedatha.
○Ukulinganisela Umthwalo + UkwehlulekaUma ibhizinisi linamathuluzi amathathu e-SIEM, i-NPB izosabalalisa ithrafikhi ngokulinganayo phakathi kwawo ukuze kuvinjelwe noma yiliphi ithuluzi elilodwa ukuthi lingakhungatheki. Uma ithuluzi elilodwa lehluleka, i-NPB izoshintsha ithrafikhi ngokushesha iye kuthuluzi lokusekela ukuqinisekisa ukuqapha okungaphazanyiswa. Lokhu kubaluleke kakhulu ezimbonini ezifana nezezimali kanye nokunakekelwa kwempilo lapho isikhathi sokungasebenzi singamukeleki khona.
○Ukuqedwa Komhubhe: I-VXLAN, i-GRE kanye nezinye "i-Tunnel Protocols" manje sezisetshenziswa kakhulu kumanethiwekhi amafu. Amathuluzi endabuko awakwazi ukuqonda lawa maphrothokholi. I-NPB ingakwazi "ukuhlakaza" lawa mathuna bese ikhipha ithrafikhi yangempela ngaphakathi, okuvumela amathuluzi amadala ukuthi acubungule ithrafikhi ezindaweni zamafu.
Ukuhlanganiswa kwalezi zici kwenza i-NPB ingagcini nje ngokubona ithrafikhi ebethelwe, kodwa futhi "ivikele" idatha ebucayi futhi "izivumelanise" nezimo ezahlukahlukene zenethiwekhi eziyinkimbinkimbi - yingakho ingaba yingxenye eyinhloko.
III. Isetshenziswa kuphi i-NPB? — Izimo ezinhlanu ezibalulekile ezibhekana nezidingo zangempela zebhizinisi
I-NPB ayilona ithuluzi elifanela wonke umuntu; kunalokho, ivumelana nezimo nezimo ezihlukile. Kungakhathaliseki ukuthi isikhungo sedatha, inethiwekhi ye-5G, noma indawo yamafu, ithola izinhlelo zokusebenza ezinembile. Ake sibheke izimo ezimbalwa ezijwayelekile ukuze sibonise leli phuzu:
1. Isikhungo Sedatha: Isihluthulelo Sokuqapha Ithrafikhi Evela EMpumalanga ENtshonalanga
Izikhungo zedatha zendabuko zigxila kuphela kuthrafikhi esuka enyakatho iye eningizimu (ithrafikhi esuka kumaseva iye ezweni langaphandle). Kodwa-ke, ezikhungweni zedatha ezisebenza nge-virtualized, u-80% wethrafikhi usempumalanga-ntshonalanga (ithrafikhi phakathi kwemishini ebonakalayo), amathuluzi endabuko angenakukwazi ukuyibamba. Yilapho ama-NPB ewusizo khona:
Isibonelo, inkampani enkulu ye-inthanethi isebenzisa i-VMware ukwakha isikhungo sedatha esibonakalayo. I-NPB ihlanganiswe ngqo ne-vSphere (ipulatifomu yokuphatha ye-VMware) ukuze ibambe ngokunembile ithrafikhi esempumalanga-ntshonalanga phakathi kwemishini ebonakalayo bese isabalalisa ku-IDS namathuluzi okusebenza. Lokhu akugcini nje ngokuqeda "ukuqapha izindawo ezingaboni," kodwa futhi kwandisa ukusebenza kahle kwamathuluzi ngo-40% ngokuhlunga ithrafikhi, kunciphise ngqo i-mean-time-to-repair yesikhungo sedatha (MTTR) phakathi.
Ngaphezu kwalokho, i-NPB ingaqapha umthwalo weseva futhi iqinisekise ukuthi idatha yokukhokha ihambisana ne-PCI-DSS, ibe "imfuneko ebalulekile yokusebenza nokugcinwa" kwezikhungo zedatha.
2. Imvelo ye-SDN/NFV: Izindima Eziguquguqukayo Zokuzivumelanisa Nenethiwekhi Echazwe Yisofthiwe
Izinkampani eziningi manje zisebenzisa i-SDN (Software Defined Networking) noma i-NFV (Network Function Virtualization). Amanethiwekhi awaseyona ihadiwe engaguquki, kodwa amasevisi esofthiwe aguquguqukayo. Lokhu kudinga ama-NPB ukuthi abe nezimo eziguquguqukayo:
Isibonelo, inyuvesi isebenzisa i-SDN ukusebenzisa i-"Bring Your Own Device (BYOD)" ukuze abafundi nothisha bakwazi ukuxhuma kunethiwekhi yekhampasi besebenzisa amafoni namakhompyutha abo. I-NPB ihlanganiswe nesilawuli se-SDN (njenge-OpenDaylight) ukuqinisekisa ukuhlukaniswa kwethrafikhi phakathi kwezindawo zokufundisa nezamahhovisi ngenkathi isabalalisa ngokunembile ithrafikhi kusuka endaweni ngayinye iye kumathuluzi okuqapha. Le ndlela ayithinti ukusetshenziswa kwabafundi nothisha, futhi ivumela ukutholakala ngesikhathi kokuxhumana okungajwayelekile, njengokufinyelela kumakheli e-IP ayingozi angaphandle kwekhampasi.
Kunjalo nasezindaweni ze-NFV. I-NPB ingaqapha ithrafikhi yama-firewall abonakalayo (ama-vFW) kanye nama-virtual load balancers (ama-vLB) ukuqinisekisa ukusebenza okuzinzile kwalawa "madivayisi esofthiwe", aguquguqukayo kakhulu kunokuqapha kwehadiwe yendabuko.
3. Amanethiwekhi e-5G: Ukuphatha Ama-Traffic Sliced kanye nama-Edge Node
Izici eziyinhloko ze-5G "isivinini esikhulu, ukubambezeleka okuphansi, kanye nokuxhumana okukhulu", kodwa lokhu kuletha nezinselele ezintsha ekuqapheni: isibonelo, ubuchwepheshe be-5G "bokusika inethiwekhi" bungahlukanisa inethiwekhi efanayo ebonakalayo ibe amanethiwekhi amaningi anengqondo (isibonelo, isiqephu esiphansi sokubambezeleka kokushayela okuzenzakalelayo kanye nesiqephu esikhulu sokuxhumana se-IoT), futhi ithrafikhi esicezwini ngasinye kumele iqashwe ngokuzimela.
Omunye umqhubi usebenzise i-NPB ukuxazulula le nkinga: wasebenzisa ukuqapha okuzimele kwe-NPB kwengxenye ngayinye ye-5G, okungakwazi ukubuka nje ukubambezeleka kanye nomphumela wengxenye ngayinye ngesikhathi sangempela, kodwa futhi nokuvimba ithrafikhi engajwayelekile (njengokufinyelela okungagunyaziwe phakathi kwezingcezu) ngesikhathi esifanele, ukuqinisekisa izidingo zokubambezeleka okuphansi kwamabhizinisi abalulekile njengokushayela okuzenzakalelayo.
Ngaphezu kwalokho, ama-node e-5G edge computing asakazeke ezweni lonke, futhi i-NPB ingahlinzeka "ngenguqulo elula" esetshenziswa kuma-node e-edge ukuqapha ithrafikhi esakazekile nokugwema ukubambezeleka okubangelwa ukudluliswa kwedatha emuva naphambili.
4. Imvelo Yamafu/I-Hybrid IT: Ukuqeda Izithiyo Zokuqapha Amafu Kahulumeni Nangasese
Iningi lamabhizinisi manje lisebenzisa ukwakheka kwamafu okuhlanganisiwe—eminye imisebenzi ihlala ku-Alibaba Cloud noma ku-Tencent Cloud (amafu omphakathi), eminye kumafu ayo azimele, kanti eminye kumaseva endawo. Kulesi simo, ithrafikhi isakazeka ezindaweni eziningi, okwenza ukuqapha kuphazamiseke kalula.
I-China Minsheng Bank isebenzisa i-NPB ukuxazulula le nkinga: ibhizinisi layo lisebenzisa ama-Kubernetes ukuze lisetshenziswe kuma-container. I-NPB ingabamba ngqo ithrafikhi phakathi kwama-container (ama-Pod) futhi ihlobanise ithrafikhi phakathi kwama-cloud server nama-private cloud ukuze yakhe "ukuqapha kusukela ekuqaleni kuze kube sekupheleni" - kungakhathaliseki ukuthi ibhizinisi lisefwini lomphakathi noma efwini eliyimfihlo, inqobo nje uma kunenkinga yokusebenza, ithimba lokusebenza nokulungisa lingasebenzisa idatha yethrafikhi ye-NPB ukuthola ngokushesha ukuthi kuyinkinga yini ngama-call aphakathi kwama-container noma ukuminyana kwama-cloud link, okuthuthukisa ukusebenza kahle kokuxilonga ngo-60%.
Kumafu omphakathi aqasha abantu abaningi, i-NPB ingaqinisekisa futhi ukuhlukaniswa kwethrafikhi phakathi kwamabhizinisi ahlukene, ivimbele ukuvuza kwedatha, futhi ihlangabezane nezimfuneko zokuthobela imithetho yemboni yezezimali.
Ekuphetheni: i-NPB akuyona "inketho" kodwa "iyimfuneko"
Ngemva kokubukeza lezi zimo, uzothola ukuthi i-NPB ayiseyona ubuchwepheshe obukhethekile kodwa iyithuluzi elijwayelekile lamabhizinisi lokubhekana namanethiwekhi ayinkimbinkimbi. Kusukela ezikhungweni zedatha kuya ku-5G, kusukela emafwini azimele kuya ku-IT ehlanganisiwe, i-NPB ingadlala indima noma kuphi lapho kunesidingo sokubonakala kwenethiwekhi.
Njengoba ukwanda kwe-AI kanye ne-edge computing kukhula, ithrafikhi yenethiwekhi izoba yinkimbinkimbi kakhulu, futhi amakhono e-NPB azothuthukiswa kakhulu (isibonelo, ukusebenzisa i-AI ukuhlonza ngokuzenzakalelayo ithrafikhi engajwayelekile nokuvumela ukuzivumelanisa okulula kakhulu nama-edge node). Kumabhizinisi, ukuqonda nokusebenzisa ama-NPB kusenesikhathi kuzobasiza ukuthi bathathe isinyathelo senethiwekhi futhi bagweme ukuphambuka ekuguqulweni kwabo kwedijithali.
Wake wahlangabezana nezinselele zokuqapha inethiwekhi embonini yakho? Isibonelo, awukwazi ukubona ithrafikhi ebethelwe, noma ukuqapha kwamafu okuxubile kuphazanyiswa? Zizwe ukhululekile ukwabelana ngemicabango yakho esigabeni sokuphawula futhi ake sihlole izixazululo ndawonye.
Isikhathi sokuthunyelwe: Septhemba-23-2025
