Uma idivayisi ye-Intrusion Detection System (IDS) isetshenziswa, imbobo yokubukisa eswishini esikhungweni solwazi seqembu lontanga ayanele (isibonelo, kuvunyelwe imbobo yokubukisa eyodwa kuphela, futhi imbobo yokubukisa isebenzise amanye amadivayisi).
Ngalesi sikhathi, uma singangezi izimbobo eziningi zokulinganisa, singasebenzisa idivayisi yokuphindaphinda, ukuhlanganisa kanye nokudlulisa idatha ukuze sisabalalise inani elifanayo ledatha yokulinganisa kudivayisi yethu.
Iyini i-Network TAP?
Mhlawumbe uqale wezwa igama elithi TAP switch. TAP (Terminal Access Point), eyaziwa nangokuthi i-NPB (Network Packet Broker), noma i-Tap Aggregator?
Umsebenzi oyinhloko we-TAP ukusetha phakathi kwembobo yokubukisa kunethiwekhi yokukhiqiza kanye neqoqo lamadivayisi okuhlaziya. I-TAP iqoqa ithrafikhi ebonisiwe noma ehlukanisiwe kusuka kudivayisi eyodwa noma ngaphezulu yenethiwekhi yokukhiqiza bese isabalalisa ithrafikhi kumadivayisi okuhlaziya idatha eyodwa noma ngaphezulu.
Izimo zokusetshenziswa kwenethiwekhi ye-TAP yenethiwekhi evamile
I-Network Tap inamalebula asobala, afana nalawa:
Ihadiwe Ezimele
I-TAP iyi-hardware ehlukile engathinti umthwalo kumadivayisi enethiwekhi akhona, okungenye yezinzuzo ngaphezu kokulinganisa izibuko.
Shintsha?
Ukuthepha Kwenethiwekhi?
Inethiwekhi Ebonakalayo
Ngemva kokuba i-TAP ixhunywe kunethiwekhi, wonke amanye amadivayisi kunethiwekhi awathinteki. Kubo, i-TAP icacile njengomoya, kanti amadivayisi okuqapha axhunywe ku-TAP acacile kunethiwekhi iyonke.
I-TAP ifana nje ne-Port Mirroring kuswishi. Pho kungani kusetshenziswa i-TAP ehlukile? Ake sibheke eminye yemehluko phakathi kwe-Network TAP kanye ne-Network Port Mirroring ngokulandelana.
Umehluko 1: I-Network TAP kulula ukuyilungiselela kunokulinganisa imbobo
Ukulinganisa imbobo kudinga ukulungiswa kuswishi. Uma ukuqapha kudinga ukulungiswa, iswishi kudinga ukulungiswa kabusha KONKE. Kodwa-ke, i-TAP idinga ukulungiswa kuphela lapho icelile, okungenawo umthelela kumadivayisi enethiwekhi akhona.
Umehluko 2: I-Network TAP ayithinti ukusebenza kwenethiwekhi uma kuqhathaniswa nokulinganisa imbobo
Ukulinganisa imbobo kuswishi kuyawohloza ukusebenza kweswishi futhi kuthinta ikhono lokushintsha. Ikakhulukazi, uma iswishi ixhunywe kunethiwekhi ngokulandelana njengomugqa, ikhono lokudlulisela phambili lenethiwekhi yonke liyathinteka kakhulu. I-TAP iyihadiwe ezimele futhi ayiphazamisi ukusebenza kwedivayisi ngenxa yokulinganisa ithrafikhi. Ngakho-ke, ayinawo umthelela emthwalweni wamadivayisi enethiwekhi akhona, anezinzuzo ezinkulu ngaphezu kokulinganisa imbobo.
Umehluko 3: I-Network TAP inikeza inqubo ephelele yethrafikhi kunokuphindaphinda kwezibuko
Ukulinganisa imbobo akukwazi ukuqinisekisa ukuthi yonke ithrafikhi ingatholakala ngoba imbobo yokushintsha ngokwayo izohlunga amanye amaphakethe amaphutha noma amaphakethe amancane kakhulu. Kodwa-ke, i-TAP iqinisekisa ubuqotho bedatha ngoba "iwukuphindaphindwa" okuphelele kungqimba olubonakalayo.
Umehluko 4: Ukubambezeleka kokudlulisela phambili kwe-TAP kuncane kunokwe-Port Mirroring
Kwezinye izinkinobho ezisezingeni eliphansi, ukulingisa izibuko kungase kungenise ukubambezeleka lapho kukopishwa ithrafikhi kuma-port abonisa izibuko, kanye nalapho kukopishwa ama-port angu-10/100m kuma-port e-Giga Ethernet.
Nakuba lokhu kubhalwe kabanzi, sikholelwa ukuthi ukuhlaziywa okubili kokugcina akunalo ukwesekwa okuqinile kwezobuchwepheshe.
Ngakho-ke, kusiphi isimo esijwayelekile, lapho kudingeka sisebenzise i-TAP ekusabalalisweni kwethrafikhi yenethiwekhi? Kalula nje, uma unezidingo ezilandelayo, khona-ke i-Network TAP iyisinqumo sakho esingcono kakhulu.
Ubuchwepheshe be-TAP yenethiwekhi
Lalela okungenhla, uzizwe sengathi i-shunt yenethiwekhi ye-TAP iyithuluzi elimangalisayo, i-shunt ye-TAP evamile emakethe yamanje isebenzisa ukwakheka okuyisisekelo kwezigaba ezintathu:
I-FPGA
- Ukusebenza okuphezulu
- Kunzima ukuthuthukisa
- Izindleko eziphezulu
I-MIPS
- Iguquguqukayo futhi ilula
- Ubunzima bokuthuthukiswa okumaphakathi
- Abathengisi abajwayelekile i-RMI ne-Cavium bayeke ukuthuthukiswa futhi bahluleka kamuva
I-ASIC
- Ukusebenza okuphezulu
- Ukuthuthukiswa komsebenzi wokwandisa kunzima, ikakhulukazi ngenxa yokulinganiselwa kwe-chip ngokwayo
- Isixhumi esibonakalayo kanye nezincazelo zikhawulelwe yi-chip uqobo, okuholela ekusebenzeni okungekuhle kokunwetshwa
Ngakho-ke, i-Network TAP enobuningi obukhulu kanye nesivinini esikhulu ebonakala emakethe inendawo enkulu yokuthuthukisa ukuguquguquka kokusetshenziswa okungokoqobo. Ama-shunter enethiwekhi ye-TAP asetshenziselwa ukuguqulwa kwephrothokholi, ukuqoqwa kwedatha, ukuthungatha idatha, ukulinganisa idatha, kanye nokuhlunga ithrafikhi. Izinhlobo ezivamile ze-port zifaka phakathi i-100G, 40G, 10G, 2.5G POS, GE, njll. Ngenxa yokuhoxiswa kancane kancane kwemikhiqizo ye-SDH, ama-shunter enethiwekhi ye-TAP amanje asetshenziswa kakhulu endaweni yenethiwekhi ye-Ethernet yonke.
Isikhathi sokuthunyelwe: Meyi-25-2022
