Ukuhlolwa okujulile kwepakethe (I-DPI)Ingabe ubuchwepheshe obusetshenziswa kunethiwekhi yePacket Brower (NPBS) ukuhlola nokuhlaziya okuqukethwe kwamaphakethe wenethiwekhi ezingeni le-granular. Kubandakanya ukuhlola imali ekhokhelwa imali, izihloko, kanye neminye imininingwane eqondene nephrothokholi ngaphakathi kwamaphakethe ukuze uthole imininingwane eningiliziwe kwithrafikhi yenethiwekhi.
I-DPI idlula ngaphezu kokuhlaziywa kwekhanda okulula futhi ihlinzeka ngokuqonda okujulile kwedatha egeleza ngenethiwekhi. Ivumela ukuhlolwa okujulile kwephrothokholi yesendlalelo sohlelo lokusebenza, njenge-http, i-FTP, i-SMTP, i-VoIP, noma amaphrothokholi wokusakazwa kwevidiyo. Ngokuhlola okuqukethwe kwangempela emaphaketheni, i-DPI ingabona futhi ikhombe izinhlelo ezithile, amaphrothokholi, noma amaphethini wedatha athile.
Ngokungeziwe ekuhlaziyeni kwama-hierarchical kwamakheli omthombo, amakheli okuya endaweni, amachweba womthombo, amachweba okuya endaweni, nezinhlobo ze-pPI futhi anezela ukuhlaziywa kwesendlalelo kohlelo lokusebenza ukukhomba izinhlelo zokusebenza ezahlukahlukene nokuqukethwe kwazo. Lapho ipakethe le-1P, i-TCP noma idatha ye-UDP igeleza ngohlelo lokuphathwa kwe-bandwidth olususelwa kubuchwepheshe be-DPI, uhlelo lokuthola uhlelo lonke lwe-OSITER 7, bese luthola ithrafikhi ngohlelo lokuphatha oluchazwe ngohlelo lonke oluchazwe ngohlelo.
Ngabe usebenza kanjani i-DPI?
Izindawo zemililo zendabuko zivame ukungabi namandla okucubungula ukwenza amasheke aphelele wesikhathi sangempela kumavolumu amakhulu wethrafikhi. Njengoba kuthuthukiswa ubuchwepheshe, i-DPI ingasetshenziselwa ukwenza amasheke ajwayelekile abukekayo ukuhlola izihloko nedatha. Imvamisa, ama-firewall anezinhlelo zokutholwa kokuhlonza zivame ukusebenzisa i-DPI. Emhlabeni lapho imininingwane yedijithali ibaluleke kakhulu, zonke izingcezu zolwazi lwedijithali zilethwa ngaphezulu kwe-Intanethi ngamaphakethe amancane. Lokhu kufaka i-imeyili, imilayezo ethunyelwe ngohlelo lokusebenza, amawebhusayithi avakashelwe, izingxoxo zevidiyo, nokuningi. Ngaphezu kwedatha yangempela, la maphakethe afaka i-metadata ekhomba umthombo wethrafikhi, okuqukethwe, ukuphela, kanye neminye imininingwane ebalulekile. Ngobuchwepheshe bokuhlunga kwephakethe, idatha ingagadwe ngokuqhubekayo futhi ikwazile ukuqinisekisa ukuthi idluliselwa endaweni efanele. Kepha ukuqinisekisa ukuphepha kwenethiwekhi, ukuhlunga kwephakethe lendabuko kukude nokwanele. Ezinye izindlela eziphambili zokuhlolwa okujulile kwepakethe ekuphathweni kwenethiwekhi zibhalwe ngezansi:
Ukuqondanisa Imodi / Isiginesha
Iphakethe ngalinye lihlolwe umdlalo wokulwa nedatha yokuhlaselwa kwenethiwekhi eyaziwayo nge-firewall enohlelo lokuthola ulwazi (ID). Ama-ID afuna amaphethini athile athile anonya futhi akhubaze ithrafikhi lapho kutholakala amaphethini anonya. Ukungathandeki kwenqubomgomo yokuqondanisa iSiginesha ukuthi kusebenza kuphela kumasiginesha avuselelwa kaningi. Ngaphezu kwalokho, lobu buchwepheshe bungavikela kuphela ngezinsongo ezaziwayo noma ukuhlaselwa.
Iphrothokholi Ngaphandle
Njengoba i-protocol exprettyTETETIET ayivumelanga yonke idatha engahambelani nedatha yesiginesha, inqubo yephrothokholi esetshenziswa yi-IDS Firewall ayinawo amaphutha endalo wephethini / Indlela yokulinganisa. Esikhundleni salokho, yamukela inqubomgomo eyenziwe ngokuzenzakalelayo. Ngencazelo ye-Protocol, ama-Firewall anquma ukuthi ithrafikhi kufanele ivunyelwe futhi ivikele inethiwekhi kusuka ezinsongelweni ezingaziwa.
Uhlelo Lokuvimbela Ukuvimbela (IPS)
Ama-IPS Solutions angavimba ukuhanjiswa kwamaphakethe ayingozi ngokususelwa kokuqukethwe kwawo, ngaleyo ndlela amise ukuhlaselwa okusolwa ngesikhathi sangempela. Lokhu kusho ukuthi uma iphakethe limelela ingozi eyaziwayo yezokuphepha, i-IPS izovimba ithrafikhi yenethiwekhi ngokuya ngesethi echaziwe yemithetho. Okubi okuhlangenwe nakho kwe-IPS kuyisidingo sokuvuselela njalo nge-database yosongelayo ye-cyber ngemininingwane mayelana nezinsongo ezintsha, kanye nokuthi kungenzeka yini amacebo amanga. Kepha le ngozi ingancishiswa ngokwakha izinqubomgomo zokulondolozwa kanye nemikhawulo yangokwezifiso, isungula ukusebenza okuyisisekelo okufanele kwezinto zenethiwekhi, futhi ngezikhathi ezithile kuhlolisise izexwayiso futhi kubikezelwe imicimbi ukuthuthukisa ukuqapha nokuqwashisa.
1- I-DPI (Ukuhlolwa okujulile kwepakethe) kunethiwekhi Broker
I- "Deep" i-Level kanye nokuqhathanisa okujwayelekile kokuhlaziywa kwephakethe, "Ukuhlolwa okujwayelekile kwephakethe" Ukuhlaziywa okulandelayo kwe-IP Packet 4 ungqimba, kanye ne-Porce Port, nokuthola izicelo ezahlukahlukene zokulawula, ukubona imisebenzi ehlukahlukene:
1) Ukuhlaziywa kohlelo lokusebenza - Ukuhlaziywa kwe-Network Traffic Combition, Ukuhlaziywa Kokusebenza, kanye nokuhlaziywa kokugeleza
2) Ukuhlaziywa komsebenzisi - Ukuhlukaniswa kweqembu lomsebenzisi, ukuhlaziya kokuziphatha, ukuhlaziywa kwe-terminal, ukuhlaziywa kwendlela, njll.
3) Ukuhlaziywa Kwezinto Zenethiwekhi - Ukuhlaziywa Ngokusekelwe Ezimfanekisweni Zesifunda (Idolobha, Isifunda, Street, njll.) Futhi umthwalo wesiteshi sesiteshi
4) Ukulawulwa Kwethrafikhi - I-P2P Speed Limiting, QOS Assurance, Isiqinisekiso se-bandwidth, ukusebenza kwezinsizakusebenza kwenethiwekhi, njll.
5) Ukuqinisekiswa Kwezokuphepha - Ukuhlaselwa kwe-DDOS, isivunguvungu sokusakaza idatha, ukuvimbela ukuhlaselwa kwegciwane elinobungozi, njll.
Ukuhlukaniswa okujwayelekile kwezicelo zenethiwekhi
Namuhla kunezinhlelo zokusebenza ezingenakubalwa kwi-Intanethi, kepha izinhlelo zokusebenza ezivamile zewebhu zingaba nzima.
Ngokwazi kwami, inkampani engcono kakhulu yokuqashelwa yohlelo lokusebenza yiHuawei, efuna ukubona izinhlelo zokusebenza ezingama-4,000. Ukuhlaziywa kwe-Protocol kuyinto module eyisisekelo yezinkampani eziningi ze-firewall (Huawei, ZTE, njll.), Futhi futhi kuyimodyuli ebaluleke kakhulu, ukusekela ukugcwaliseka kwamanye amamojula asebenzayo, ukuhlonza okunembile kohlelo lokusebenza, nokuthuthuka kakhulu kwemikhiqizo. Kumodeli yokuhlonza i-malware kususelwa kwizici zethrafikhi yenethiwekhi, njengoba ngenza manje, ukuhlonza okunembile futhi okuphelele kwephrothokholi kubaluleke kakhulu. Ngaphandle kwethrafikhi yenethiwekhi yezicelo ezijwayelekile ezivela kwithrafikhi yokuthumela ngaphandle kwenkampani, ithrafikhi esele izonila ngengxenye encane, okungcono ukuhlaziywa kwe-malware ne-alamu.
Ngokusekelwe kokuhlangenwe nakho kwami, izinhlelo zokusebenza ezisetshenziswa kakhulu ezisetshenziswayo zihlukaniswa ngokuya ngemisebenzi yazo:
I-PS: Ngokokuqonda komuntu siqu sokwehlukaniswa kohlelo lokusebenza, unazo iziphakamiso ezinhle wamukelekile ukushiya isiphakamiso semiyalezo
1). I-mail
2). Ividiyo
3). Imidlalogu Imidlalo
4). Isigaba se-Office OA
5). Ukuvuselelwa kwesoftware
6). Kwezezimali (ibhange, alipay)
7). Amasheya
8). Ukuxhumana Kwezenhlalo (I-IM Software)
9). Ukuphequlula kweWebhu (mhlawumbe kukhonjwe kangcono ngama-URL)
10). Landa amathuluzi (I-Web Disk, P2P Download, BT Okuhlobene)
Ngemuva kwalokho, indlela yokuhlola i-DPI (i-Deep Packet) isebenza kanjani kwi-NPB:
1). Capet Capture: I-NPB ithumba ithrafikhi yenethiwekhi kusuka kwimithombo ehlukahlukene, njengokushintshwa, ama-router, noma ompompi. Ithola amaphakethe ageleza ngenethiwekhi.
2). Packet Parsing: Amaphakethe athunjiwe ahlukaniswa yi-NPB ukukhipha izingqimba ezahlukahlukene ze-protocol nedatha ehlobene. Le nqubo yokuphamba isiza ukubona izakhi ezihlukile ngaphakathi kwamaphakethe, njengezihloko ze-Ethernet, izihloko ze-IP, izihloko zokuhamba zeTransport (isib.
3). Ukuhlaziywa kwe-Payload: Nge-DPI, i-NPB idlulela ngaphesheya kokuhlolwa kwezinhloko futhi igxile ekutholeni okukhokhelwayo, kufaka phakathi idatha yangempela ngaphakathi kwamaphakethe. Ihlola okuqukethwe okukhokhelwayo ngokujulile, kungakhathalekile ukuthi uhlelo lokusebenza noma i-protocol esetshenzisiwe, ukukhipha imininingwane efanele.
4). Ukukhonjwa kwephrothokholi: I-DPI inika amandla i-NPB ukukhomba amaphrothokholi athile nezinhlelo zokusebenza ezisetshenziswa ngaphakathi kwethrafikhi yenethiwekhi. Iyabona futhi ihlukanise amaphrothokholi afana ne-http, i-FTP, i-SMTP, i-DNS, i-VoIP, noma amaphrothokholi wokusakazwa kwevidiyo.
5). Ukuhlolwa kokuqukethwe: I-DPI ivumela i-NPB ukuthi ihlole okuqukethwe kwamaphakethe wamaphethini athile, amasiginesha, noma amagama angukhiye. Lokhu kwenza ukutholwa kwezinsongo zenethiwekhi, njenge-malware, amagciwane, imizamo yokungenela, noma imisebenzi esolisayo. I-DPI nayo ingasetshenziselwa ukuhlunga okuqukethwe, ukuphoqa izinqubomgomo zenethiwekhi, noma ukukhomba ukwephulwa kwemininingwane yedatha.
6). Ukukhishwa kweMetadata: Ngesikhathi se-DPI, i-NPB ikhipha i-metadata efanelekile emaphaketheni. Lokhu kungafaka imininingwane efana nemithombo namakheli e-IP lapho uya khona, izinombolo zamachweba, imininingwane yeseshini, idatha yokuthenga, noma ezinye izimfanelo ezifanele.
7). Ukuhamba ngomgwaqo noma ukuhlunga: Kususelwa ekuhlaziyweni kwe-DPI, i-NPB ingahambisa amaphakethe athile ezinsizeni eziqokiwe ukuze zisebenze, njengezinto zokuphepha, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlaziya, noma amapulatifomu wokuhlola, noma amapulatifomu wokuhlaziya. Ingasebenza futhi ifaka imithetho yokuhlunga ukuze ulahle noma ukuqondisa kabusha amaphakethe ngokususelwa kokuqukethwe noma amaphethini akhonjwe.
Isikhathi sePosi: Jun-25-2023
