Isingeniso
Ukuqoqwa Nokuhlaziywa Kwethrafikhi Yenethiwekhi kuyindlela ephumelela kakhulu yokuthola izinkomba zokuziphatha komsebenzisi wenethiwekhi nemingcele. Ngokuthuthukiswa okuqhubekayo komsebenzi nokugcinwa kwesikhungo sedatha Q, ukuqoqwa kwethrafikhi yenethiwekhi nokuhlaziywa sekuyingxenye ebalulekile yengqalasizinda yesikhungo sedatha. Kusukela ekusetshenzisweni kwamanje kwemboni, ukuqoqwa kwethrafikhi yenethiwekhi kubonakala kakhulu ngemishini yenethiwekhi esekela isibuko sethrafikhi ye-bypass. Ukuqoqwa kwethrafikhi kudinga ukusungula ukumbozwa okuphelele, inethiwekhi yokuqoqwa kwethrafikhi enengqondo nesebenzayo, ukuqoqwa kwethrafikhi okunjalo kungasiza ekuthuthukiseni inethiwekhi nokusebenza kwezinkomba zebhizinisi futhi kunciphise amathuba okuhluleka.
Inethiwekhi yokuqoqwa kwethrafikhi ingathathwa njengenethiwekhi ezimele eyakhiwe ngamadivaysi okuqoqa ithrafikhi futhi isetshenziswe ngokuhambisana nenethiwekhi yokukhiqiza. Iqoqa ithrafikhi yesithombe yedivayisi ngayinye yenethiwekhi futhi ihlanganise ithrafikhi yesithombe ngokuya ngamaleveli esifunda nawokwakha. Isebenzisa i-alamu yokushintshaniswa kokuhlunga kwethrafikhi emshinini wokutholwa kwethrafikhi ukuze ibone isivinini somugqa ogcwele wedatha yezendlalelo ezi-2-4 zokuhlunga okunemibandela, isusa amaphakethe ayimpinda, ukunqamula amaphakethe nokunye ukusebenza okuthuthukile, bese ithumela idatha kuthrafikhi ngayinye. uhlelo lokuhlaziya. Inethiwekhi yokuqoqwa kwethrafikhi ingathumela ngokunembile idatha ethile kudivayisi ngayinye ngokwezidingo zedatha yesistimu ngayinye, futhi ixazulule inkinga yokuthi idatha yesibuko yesibuko ayikwazi ukuhlungwa futhi ithunyelwe, edla ukusebenza kokucubungula kokushintshwa kwenethiwekhi. Ngaso leso sikhathi, injini yokuhlunga nokushintshisana kwethrafikhi yenethiwekhi yokuqoqwa kwethrafikhi ibona ukuhlungwa nokudluliselwa kwedatha ngokubambezeleka okuphansi nesivinini esikhulu, iqinisekisa ikhwalithi yedatha eqoqwe inethiwekhi yokuqoqwa kwethrafikhi, futhi inikeza isisekelo esihle sedatha imishini elandelayo yokuhlaziywa kwethrafikhi.
Ukuze kuncishiswe umthelela kusixhumanisi sokuqala, ikhophi yethrafikhi yoqobo ivamise ukutholwa ngokuhlukanisa i-beam, i-SPAN noma i-TAP.
I-Passive Network Tap(Optical Splitter)
Indlela yokusebenzisa ukuhlukanisa ukukhanya ukuze uthole ikhophi yethrafikhi idinga usizo lwedivayisi yokuhlukanisa ukukhanya. I-splitter yokukhanya iyidivayisi ye-passive optical engasabalalisa kabusha amandla esignali yokubona ngokuhambisana nengxenye edingekayo. Isihlukanisi singahlukanisa ukukhanya kusuka ku-1 kuye ku-2,1 kuya ku-4 kanye no-1 kuya kumashaneli amaningi. Ukuze kuncishiswe umthelela kusixhumanisi sangempela, isikhungo sedatha ngokuvamile sithatha isilinganiso sokuhlukaniswa kwe-optical esingu-80:20, 70:30, lapho ingxenye engu-70,80 yesignali ye-optical ibuyiselwa emuva kusixhumanisi sokuqala. Njengamanje, ama-optical splitters asetshenziswa kakhulu ekuhlaziyweni kokusebenza kwenethiwekhi (NPM/APM), uhlelo lokuhlola, ukuhlaziywa kokuziphatha komsebenzisi, ukutholwa kokungena kwenethiwekhi nezinye izimo.
Izinzuzo:
1. Ukuthembeka okuphezulu, idivayisi ye-optical yekwentiwa;
2. Ayithathi imbobo yokushintsha, imishini ezimele, okulandelayo kungaba ukunwetshwa okuhle;
3. Asikho isidingo sokushintsha ukucushwa kweswishi, akunamthelela kwezinye izinto zokusebenza;
4. Iqoqo lethrafikhi eligcwele, akukho ukuhlunga kwephakethe lokushintsha, okuhlanganisa amaphakethe amaphutha, njll.
Ububi:
1. Isidingo sokusika inethiwekhi esilula, ipulaki ye-fiber plug ye-backbone bese udayela kusihlukanisi se-optical, sizonciphisa amandla okubona kwezinye izixhumanisi zomgogodla.
I-SPAN(Port Mirror)
I-SPAN isici esifika neswishi ngokwayo, ngakho sidinga ukulungiselelwa kuswishi. Nokho, lo msebenzi uzophazamisa ukusebenza kweswishi futhi ubangele ukulahleka kwephakethe lapho idatha ilayishwa ngokweqile.
Izinzuzo:
1. Akudingekile ukwengeza okokusebenza okwengeziwe, lungiselela iswishi ukuze ukhuphule imbobo yokuphuma kwesithombe ehambisanayo
Ububi:
1. Thatha imbobo yokushintsha
2. Amaswishi adinga ukulungiswa, okubandakanya ukusebenzelana okuhlangene nabakhiqizi bezinkampani zangaphandle, okwandisa ingozi engaba khona yokwehluleka kwenethiwekhi.
3. Ukuphindaphinda kwethrafikhi yesibuko kunomthelela echwebeni nasekushintsheni ukusebenza.
I-Active Network TAP (TAP Aggregator)
I-Network TAP iyidivayisi yenethiwekhi yangaphandle enika amandla isibuko sembobo futhi idale ikhophi yethrafikhi ukuze isetshenziswe amadivaysi ahlukahlukene okuqapha. Lawa madivaysi ethulwa endaweni esendleleni yenethiwekhi edinga ukubhekwa, futhi ikopisha amaphakethe we-IP wedatha futhi iwathumele ethuluzini lokuqapha inethiwekhi. Ukukhethwa kwendawo yokufinyelela yedivayisi ye-Network TAP kuncike ekugxilweni kwethrafikhi yenethiwekhi -izizathu zokuqoqwa kwedatha, ukuqapha okujwayelekile kokuhlaziywa nokubambezeleka, ukutholwa kokungenela, njll. Amadivayisi enethiwekhi ye-TAP angaqoqa futhi afanise ukusakazwa kwedatha ngenani le-1G kuze kufike ku- 100G.
Lawa madivayisi afinyelela ithrafikhi ngaphandle kwedivayisi ye-TAP yenethiwekhi elungisa ukugeleza kwephakethe nganoma iyiphi indlela, kungakhathaliseki izinga lethrafikhi yedatha. Lokhu kusho ukuthi ithrafikhi yenethiwekhi ayikho ngaphansi kokuqashwa nokubukiswa kwembobo, okubalulekile ekugcineni ubuqotho bedatha uma uyihambisa kumathuluzi okuphepha nawokuhlaziya.
Iqinisekisa ukuthi amadivaysi enethiwekhi ye-peripheral aqapha amakhophi ethrafikhi ukuze amadivayisi enethiwekhi ye-TAP asebenze njengezibukeli. Ngokuphakela ikhophi yedatha yakho kunoma imaphi/wonke amadivayisi axhunyiwe, uthola ukubonakala okugcwele endaweni yenethiwekhi. Esimeni lapho idivayisi yenethiwekhi ye-TAP noma idivayisi yokuqapha yehluleka, uyazi ukuthi ithrafikhi ngeke ithinteke, uqinisekisa ukuthi isistimu yokusebenza ihlala iphephile futhi itholakala.
Ngesikhathi esifanayo, iba yimpokophelo ephelele yamadivayisi enethiwekhi ye-TAP. Ukufinyelela kumaphakethe kunganikezwa njalo ngaphandle kokuphazamisa ithrafikhi kunethiwekhi, futhi lezi zixazululo zokubonakala zingabhekana nezimo ezithuthuke kakhulu. Izidingo zokuqapha zamathuluzi kusukela kuma-firewall esizukulwane esilandelayo kuya ekuvikelweni kokuvuza kwedatha, ukuqapha ukusebenza kohlelo lokusebenza, i-SIEM, i-digital forensics, i-IPS, i-IDS nokuningi, phoqelela amadivayisi we-TAP wenethiwekhi ukuthi aguquke.
Ngokungeziwe ekunikezeni ikhophi ephelele yethrafikhi nokugcina ukutholakala, amadivayisi we-TAP angahlinzeka ngokulandelayo.
1. Hlunga Amaphakethe ukuze Ukhulise Ukusebenza Kokuqapha Kwenethiwekhi
Ngenxa yokuthi idivayisi ye-Network TAP ingakha ikhophi engu-100% yephakethe ngesikhathi esithile akusho ukuthi lonke ithuluzi lokuqapha nezokuphepha lidinga ukubona yonke into. Ukusakazwa kwethrafikhi kuwo wonke amathuluzi okuqapha inethiwekhi nokuphepha ngesikhathi sangempela kuzoholela kuphela ekuhleleni ngokweqile, ngaleyo ndlela kulimaza ukusebenza kwamathuluzi nenethiwekhi kunqubo.
Ukubeka idivayisi elungile ye-Network TAP kungasiza ukuhlunga amaphakethe lapho ehanjiswa kuthuluzi lokuqapha, ukusabalalisa idatha elungile kuthuluzi elilungile. Izibonelo zamathuluzi anjalo zifaka amasistimu okuthola ukungena kwe-Intrusion (IDS), Ukuvimbela ukulahleka kwedatha (DLP), ulwazi lokuphepha nokuphathwa kwemicimbi (SIEM), ukuhlaziywa kwe-forensic, nokunye okuningi.
2. Izixhumanisi Ezihlanganisiwe Zokunethiwekha Okuphumelelayo
Njengoba izidingo Zokuqapha Nezokuphepha Kwenethiwekhi zikhula, onjiniyela benethiwekhi kufanele bathole izindlela zokusebenzisa ibhajethi ekhona ye-IT ukuze bafeze imisebenzi eminingi. Kodwa ngesinye isikhathi, awukwazi ukuqhubeka wengeza amadivayisi amasha kusitaki futhi wandise ubunkimbinkimbi benethiwekhi yakho. Kubalulekile ukwandisa ukusetshenziswa kwamathuluzi okuqapha nokuphepha.
Amadivayisi enethiwekhi ye-TAP angasiza ngokuhlanganisa ithrafikhi yenethiwekhi eminingi, ukuya empumalanga nentshonalanga, ukuletha amaphakethe kumadivayisi axhunyiwe ngembobo eyodwa. Ukuthumela amathuluzi okubonakala ngale ndlela kuzonciphisa inani lamathuluzi okuqapha adingekayo. Njengoba i-East-West data traffic iqhubeka nokukhula ezikhungweni zedatha naphakathi kwezikhungo zedatha, imfuneko yamadivayisi we-TAP yenethiwekhi ibalulekile ukuze kugcinwe ukubonakala kwakho konke ukugeleza kwe-dimensional kuwo wonke amavolumu amakhulu wedatha.
I-athikili ehlobene ongase uyithande, sicela uvakashele lapha:Ungathwebula kanjani ithrafikhi yenethiwekhi? I-Network Tap vs Port Mirror
Isikhathi sokuthumela: Oct-24-2024
