Emkhakheni wokuphepha kwenethiwekhi, uhlelo lokutholwa kwe-Inclusion (IDS) kanye nohlelo lokuvimbela ukungena ngaphakathi (IPS) ludlala indima ebalulekile. Le ndatshana izohlola ngokujulile izincazelo zazo, izindima, umehluko, kanye nezimo zohlelo lokusebenza.
Yini ama-ID (uhlelo lokuthola ulwazi)?
Ukuchazwa kwama-ID
Uhlelo lokutholwa lwe-Instsion luyithuluzi lokuphepha eliqapha futhi lihlaziye ithrafikhi yenethiwekhi ukukhomba imisebenzi noma ukuhlaselwa okungenzeka. Isesha amasiginesha ahambelana namaphethini wokuhlasela owaziwayo ngokuhlola ithrafikhi yenethiwekhi, izingodo zohlelo, kanye neminye imininingwane efanele.
I-IDS isebenza kanjani
Ama-ID asebenza ikakhulu kulezi zindlela ezilandelayo:
Ukutholwa kwesiginesha: Ama-ID asebenzisa isiginesha echazwe ngaphambilini wamaphethini wokuhlasela wokufanisa, okufanayo nezikena zegciwane lokuthola amagciwane. Ama-ID aphakamisa isexwayiso lapho ithrafikhi iqukethe izici ezihambelana nalezi ziginali.
Ukutholwa kwe-anomaly: Ama-ID ama-ID aqapha isisekelo somsebenzi wenethiwekhi ejwayelekile futhi avule izexwayiso lapho ithola amaphethini ahlukile kakhulu ekuziphatheni okujwayelekile. Lokhu kusiza ekuboneni ukuhlaselwa okungaziwa noma kwenoveli.
Ukuhlaziywa kwe-Protocol: Ama-ID ahlaziya ukusetshenziswa kwezivumelwano zenethiwekhi futhi athobe ukuziphatha okungahambisani nezinqubo ezijwayelekile, ngaleyo ndlela zikhombe ukuhlaselwa okungenzeka.
Izinhlobo zama-ID
Kuya ngokuthi bathunyelwa kuphi, ama-ID angahlukaniswa ngezinhlobo ezimbili eziphambili:
I-ID yenethiwekhi (ama-nids): Kuthunyelwe kunethiwekhi ukuqapha yonke ithrafikhi egeleza ngenethiwekhi. Iyabona ukuhlaselwa kwenethiwekhi nokuhamba kwesendlalelo.
I-ID YE-ID YAMAHHALA (Ama-HIDs): Kuthunyelwe kumgcini oyedwa ukubheka umsebenzi wesistimu kulowo msingathi. Kugxilwe kakhulu ekutholeni ukuhlaselwa kwezinga lokusingathwa njengokuziphatha komsebenzisi we-malware nokungajwayelekile.
Yini ama-IPS (uhlelo lokuvimbela ukungena ngaphakathi)?
Ukuchazwa kwe-IPS
Izinhlelo zokuvimbela ukungena ngaphakathi zingamathuluzi okuphepha athatha izindlela ezisebenzayo zokumisa noma ukuvikela ngokumelene nokuhlaselwa okungaba khona ngemuva kokuthola. Uma kuqhathaniswa nama-IDS, ama-IP awona kuphela ithuluzi lokuqapha nokuqwashisa, kepha futhi liyithuluzi elingangenela ngenkuthalo futhi livikele izinsongo ezingaba khona.
Isebenza kanjani ama-IPS
I-IPS ivikela uhlelo ngokuvimba ngentshiseko traffic enobungozi egeleza ngenethiwekhi. Umgomo wayo omkhulu wokusebenza ufaka:
Ukuvimba ithrafikhi yokuhlasela: Lapho ama-IPS ethola ithrafikhi yokuhlaselwa engaba khona, ingathatha izinyathelo ngokushesha ukuvikela lezi zinkukhu zingangeni kunethiwekhi. Lokhu kusiza ukuvikela ukusakazwa okwengeziwe kokuhlaselwa.
Ukusetha kabusha isimo sokuxhumeka: I-IPS ingasetha kabusha isimo sokuxhumeka esihlotshaniswa nokuhlaselwa okungaba khona, ukuphoqa umhlaseli ukusungula kabusha ukuxhumana futhi ngaleyo ndlela kuphazamise ukuhlaselwa.
Ukuguqula imithetho ye-firewall: I-IPS ingaguqula ngamandla imithetho ye-firewall ukuvimba noma ukuvumela izinhlobo ezithile zethrafikhi ukujwayela izimo zosongekile zesikhathi sangempela.
Izinhlobo ze-IPS
Ifana ne-ID, ama-IPS angahlukaniswa ngezinhlobo ezimbili eziphambili:
I-IPS IPS (Nips): Kuthunyelwe kunethiwekhi ukuqapha nokuvikela ekuhlaselweni kuyo yonke inethiwekhi. Kungavikela ngokumelene nesendlalelo senethiwekhi nokuhlaselwa kwesendlalelo kwezokuhamba.
I-Host IPS (okhalweni): Kuthunyelwe kumgcini owodwa ukuhlinzeka ngezivikelo eziqondile, ikakhulukazi ezisetshenziselwa ukuhlaselwa kwezinga elinjenge-malware nokuxhaphaza.
Uyini umehluko phakathi kohlelo lokutholwa kwe-Inclusion (ID) nohlelo lokuvimbela ukungena ngaphakathi (IPS)?
Izindlela ezahlukahlukene zokusebenza
Ama-IDS uhlelo lokuqapha nje, olusetshenziselwa ikakhulukazi ukutholwa ne-alamu. Ngokuphambene, ama-IP asebenzayo futhi akwazi ukuthatha izinyathelo zokuvikela ekuhlaselweni okungaba khona.
Ukuqhathanisa ubungozi nokuba ngumsebenzi
Ngenxa yesimo se-ID nje, kungahle kuphuthelwe noma okungamanga, ngenkathi ukuvikela okusebenzayo kwama-IPS kungaholela emlilweni onobungane. Kunesidingo sokulinganisa ubungozi kanye nokusebenza ngempumelelo lapho usebenzisa zombili izinhlelo.
Ukuhanjiswa kanye nokwehluka kokucushwa
Ama-ID avame ukuvumelana nezimo futhi angathunyelwa ezindaweni ezahlukahlukene kunethiwekhi. Ngokuphambene, ukuthunyelwa kanye nokucushwa kwama-IPS kudinga ukuhlela ngokucophelela ukugwema ukuphazanyiswa ngethrafikhi ejwayelekile.
Ukusetshenziswa okuhlanganisiwe kwama-ID nama-IPS
Ama-ID nama-IP ahambisana, ngokuqapha omazisi kanye nokunikeza izexwayiso kanye nama-IP athatha izindlela zokuzivikela ezisebenzayo lapho kunesidingo. Inhlanganisela yazo ingakha umugqa wokuvikela wenethiwekhi ophelele.
Kubalulekile ukuze uvuselele njalo imithetho, amasiginesha, nobuhlakani obusongo be-ID nama-IP. Izinsongo ze-cyber zihlala zivela, futhi izibuyekezo ezifika ngesikhathi zingathuthukisa amandla ohlelo ukukhomba izinsongo ezintsha.
Kubalulekile ukuvumelanisa imithetho yama-ID nama-IPs kwimvelo ethile yenethiwekhi kanye nezidingo zenhlangano. Ngokwenza ngokwezifiso imithetho, ukunemba kohlelo kungathuthukiswa futhi kulimaze amanga futhi ukulimala okunobungane kungancishiswa.
Ama-ID nama-IPS adinga ukwazi ukuphendula ekusongelweni okungenzeka ngesikhathi sangempela. Impendulo esheshayo nenembile isiza ukunqanda abahlaseli ukuthi badale umonakalo omkhulu kunethiwekhi.
Ukuqashwa okuqhubekayo kwethrafikhi yenethiwekhi nokuqonda amaphethini ajwayelekile omgwaqo kungasiza ukuthuthukisa amandla okuthola ama-anomaly ama-ID futhi wehlise amathuba okuba positives angamanga.
Thola kwesokudlaBroker ye-Network PacketUkusebenza ngama-ID yakho (uhlelo lokuthola amandla)
Thola kwesokudlaI-Inline Bypass Tap Shintshaukusebenza nge-IPS yakho (uhlelo lokuvimbela ukungena)
Isikhathi Sokuposa: Sep-26-2024
