Emkhakheni wokuphepha kwenethiwekhi, i-Intrusion Detection System (IDS) kanye ne-Intrusion Prevention System (IPS) zidlala indima ebalulekile. Lesi sihloko sizohlola ngokujulile izincazelo zazo, izindima, umehluko, kanye nezimo zohlelo lokusebenza.
Iyini i-IDS (Uhlelo Lokuthola Ukungena)?
Incazelo ye-IDS
Uhlelo Lokuthola Ukungena Komphakathi luyithuluzi lokuphepha eliqapha futhi lihlaziye ithrafikhi yenethiwekhi ukuze libone imisebenzi noma ukuhlaselwa okunonya okungenzeka. Lusesha iziginesha ezihambisana namaphethini okuhlasela aziwayo ngokuhlola ithrafikhi yenethiwekhi, amalogi esistimu, nolunye ulwazi olufanele.
Indlela i-IDS esebenza ngayo
I-IDS isebenza kakhulu ngezindlela ezilandelayo:
Ukutholwa Kwesiginesha: I-IDS isebenzisa isiginesha esichazwe kusengaphambili samaphethini okuhlasela ukuze kufaniswe, okufana nezikena zamagciwane ukuze kutholakale amagciwane. I-IDS iphakamisa isexwayiso lapho ithrafikhi inezici ezihambisana nalezi ziginesha.
Ukutholwa Kwe-Anomaly: I-IDS iqapha isisekelo somsebenzi wenethiwekhi ojwayelekile futhi iphakamisa izexwayiso lapho ithola amaphethini ahluke kakhulu ekuziphatheni okuvamile. Lokhu kusiza ukuhlonza ukuhlaselwa okungaziwa noma okusha.
Ukuhlaziywa Kwephrothokholi: I-IDS ihlaziya ukusetshenziswa kwamaphrothokholi enethiwekhi futhi ithole ukuziphatha okungahambisani namaphrothokholi ajwayelekile, ngaleyo ndlela ithole ukuhlaselwa okungenzeka.
Izinhlobo ze-IDS
Kuye ngokuthi zisetshenziswa kuphi, i-IDS ingahlukaniswa ngezinhlobo ezimbili eziyinhloko:
Ama-IDS Enethiwekhi (i-NIDS): Kufakwe kunethiwekhi ukuqapha yonke ithrafikhi egeleza kunethiwekhi. Ingakwazi ukubona kokubili ukuhlaselwa kwenethiwekhi kanye nokwezendlalelo zokuthutha.
I-Host IDS (HIDS): Kusetshenziswa kumphathi oyedwa ukuze kuqashwe umsebenzi wesistimu kulowo mphathi. Kugxile kakhulu ekutholeni ukuhlaselwa kwezinga lomsingathi njenge-malware kanye nokuziphatha okungavamile komsebenzisi.
Iyini i-IPS (Uhlelo Lokuvimbela Ukungena)?
Incazelo ye-IPS
Izinhlelo Zokuvimbela Ukungena Ngaphakathi zingamathuluzi okuphepha athatha izinyathelo zokuzivikela ukuze ayeke noma avikele ekuhlaselweni okungenzeka ngemva kokukuthola. Uma kuqhathaniswa ne-IDS, i-IPS ayilona nje ithuluzi lokuqapha nokuxwayisa, kodwa futhi iyithuluzi elingangenelela ngenkuthalo futhi livimbele izinsongo ezingaba khona.
Indlela i-IPS esebenza ngayo
I-IPS ivikela uhlelo ngokuvimbela ngenkuthalo ithrafikhi enonya egeleza kunethiwekhi. Isimiso sayo esiyinhloko sokusebenza sihlanganisa:
Ukuvimba Ithrafikhi Yokuhlasela: Uma i-IPS ithola ithrafikhi yokuhlasela engaba khona, ingathatha izinyathelo ezisheshayo zokuvimbela le thrafikhi ukuthi ingangeni kunethiwekhi. Lokhu kusiza ukuvimbela ukusabalala okuqhubekayo kokuhlasela.
Ukusetha Kabusha Isimo Sokuxhumeka: I-IPS ingasetha kabusha isimo sokuxhumeka esihlotshaniswa nokuhlasela okungenzeka, okuphoqa umhlaseli ukuthi aphinde amise uxhumano ngaleyo ndlela aphazamise ukuhlaselwa.
Ukushintsha Imithetho Yomlilo: I-IPS ingashintsha imithetho ye-firewall ngokuzenzakalelayo ukuze ivimbele noma ivumele izinhlobo ezithile zethrafikhi ukuthi zivumelane nezimo zosongo zesikhathi sangempela.
Izinhlobo ze-IPS
Njenge-IDS, i-IPS ingahlukaniswa ngezinhlobo ezimbili eziyinhloko:
I-IPS Yenethiwekhi (NIPS): Kusetshenziswa kunethiwekhi ukuqapha nokuvikela ekuhlaselweni kuyo yonke inethiwekhi. Kungavikela ekuhlaselweni kwezingqimba zenethiwekhi kanye nezingqimba zokuthutha.
I-IPS yokusingatha (ama-HIPS): Kusetshenziswa kumphathi oyedwa ukuze kuhlinzekwe ngokuzivikela okunembe kakhudlwana, okusetshenziselwa kakhulu ukuvikela ukuhlaselwa kwezinga lomsingathi njenge-malware kanye nokuxhaphaza.
Uyini umehluko phakathi koHlelo Lokuthola Ukungena (i-IDS) kanye noHlelo Lokuvimbela Ukungena (i-IPS)?
Izindlela Ezihlukene Zokusebenza
I-IDS iyisistimu yokuqapha engenzi lutho, esetshenziswa kakhulu ukuthola kanye nokuxwayisa. Ngokuphambene nalokho, i-IPS iyasebenza futhi iyakwazi ukuthatha izinyathelo zokuzivikela ekuhlaselweni okungenzeka.
Ukuqhathaniswa Kwengozi Nomphumela
Ngenxa yemvelo yokungenzi lutho ye-IDS, ingase iphuthe noma ibe nemiphumela emibi engamanga, kuyilapho ukuzivikela okusebenzayo kwe-IPS kungaholela ekushayweni okunobungane. Kunesidingo sokulinganisela ubungozi kanye nokusebenza kahle lapho kusetshenziswa zombili izinhlelo.
Umehluko Wokusetshenziswa Nokucushwa
I-IDS ivame ukuguquguquka futhi ingafakwa ezindaweni ezahlukene kunethiwekhi. Ngokuphambene nalokho, ukufakwa kanye nokucushwa kwe-IPS kudinga ukuhlela ngokucophelela ukuze kugwenywe ukuphazamiseka kwethrafikhi evamile.
Ukusetshenziswa Okuhlanganisiwe kwe-IDS ne-IPS
I-IDS ne-IPS ziyahambisana, ngokuqapha i-IDS nokuhlinzeka ngezexwayiso kanye ne-IPS ethatha izinyathelo zokuzivikela uma kudingeka. Ukuhlanganiswa kwazo kungakha umugqa wokuvikela wenethiwekhi obanzi kakhulu.
Kubalulekile ukuvuselela njalo imithetho, izisayini, kanye nobuhlakani bezinsongo ze-IDS kanye ne-IPS. Izinsongo ze-inthanethi zishintsha njalo, futhi izibuyekezo ezifika ngesikhathi zingathuthukisa ikhono lohlelo lokubona izinsongo ezintsha.
Kubalulekile ukwenza imithetho ye-IDS ne-IPS ivumelane nendawo ethile yenethiwekhi kanye nezidingo zenhlangano. Ngokwenza imithetho ibe ngeyakho, ukunemba kohlelo kungathuthukiswa futhi imiphumela engamanga kanye nokulimala okunobungane kungancishiswa.
I-IDS kanye ne-IPS kudingeka bakwazi ukuphendula ezinsongweni ezingaba khona ngesikhathi sangempela. Impendulo esheshayo nenembile isiza ukuvimbela abahlaseli ekudaleni umonakalo omkhulu kunethiwekhi.
Ukuqapha okuqhubekayo kwethrafikhi yenethiwekhi nokuqonda amaphethini ajwayelekile ethrafikhi kungasiza ekuthuthukiseni ikhono lokubona okungavamile kwe-IDS nokunciphisa amathuba okuba nemiphumela engalungile.
Thola kwesokudlaUmthengisi Wephakethe Lenethiwekhiukusebenzisana ne-IDS yakho (Uhlelo Lokuthola Ukungena)
Thola kwesokudlaIswishi Sokuthepha Esihamba Ngomugqaukusebenzisana ne-IPS yakho (Uhlelo Lokuvimbela Ukungena)
Isikhathi sokuthunyelwe: Septhemba-26-2024
