Barka da zuwa Darasi na 7, inda za mu fara aiki tare da manufofin tsaro. A yau za mu shigar da manufofin a kan hanyarmu a karon farko, watau. A ƙarshe za mu yi "install Policy". Bayan wannan, zirga-zirgar ababen hawa za su iya wucewa ta ƙofa!
Gabaɗaya, manufofi, daga mahangar Check Point, ra'ayi ne mai fa'ida. Ana iya raba Manufofin Tsaro zuwa iri uku:
- Access Control. Wannan ya haɗa da ruwan wukake kamar: Firewall, Sarrafa aikace-aikace, Tacewar URL, Sanin abun ciki, Samun Waya, VPN. Wadancan. duk abin da ya shafi ba da izini ko ƙuntata zirga-zirga.
- Rigakafin Barazana. Ana amfani da ruwan wukake a nan: IPS, Anti-Virus, Anti-Bot, Barazana Kwaikwayo, Haɓakar Barazana. Wadancan. ayyukan da ke duba abun ciki na zirga-zirga ko abun ciki wanda ya riga ya wuce ta Ikon Samun shiga.
- Tsaro na Desktop. Waɗannan su ne manufofin sarrafa wakilai na Ƙarshen (watau kare wuraren aiki). A ka'ida, ba za mu taɓa wannan batu a cikin karatun ba.
A cikin wannan darasi za mu fara magana ne game da manufofin Gudanarwa.
Ƙirƙirar Ikon Samun shiga
Ikon shiga ita ce manufa ta farko da dole ne a shigar da ita akan ƙofa. Idan ba tare da wannan manufar ba, wasu (Rigakafin Barazana, Tsaro na Desktop) kawai ba za a shigar da su ba. Kamar yadda aka ambata a baya, manufofin Ikon Samun shiga sun haɗa da ruwan wukake da yawa lokaci guda:
- Firewall;
- Aikace-aikace & URL Tace;
- Fahimtar Abun ciki;
- Shiga Waya;
- NAT
Da farko, za mu kalli daya kawai - Firewall.
Matakai huɗu don saita Firewall
Don shigar da manufar akan ƙofa, DOLE ne mu cika matakai masu zuwa:
- Ƙayyade mu'amalar ƙofa zuwa dacewa yankin tsaro (kasance na ciki, waje, DMZ, da sauransu)
- tune Anti-Spoofing;
- Ƙirƙiri abubuwan cibiyar sadarwa (Networks, Runduna, Sabar da dai sauransu) Wannan yana da mahimmanci! Kamar yadda na fada a baya, Check Point yana aiki da abubuwa kawai. Ba za ku iya kawai saka adireshin IP a cikin jerin shiga ba;
- ƙirƙiri Lissafin shiga-s (akalla daya).
Idan ba tare da waɗannan saitunan ba, ba za a shigar da manufofin kawai ba!
Darasi na Bidiyo
Kamar yadda aka saba, muna haɗa koyawa ta bidiyo inda za mu aiwatar da ainihin tsarin saitin don Samun-Control da ƙirƙirar jerin hanyoyin shiga da aka ba da shawarar.
Ku kasance tare da mu domin jin karin bayani
source: www.habr.com