7. Fortinet Pib Pib v6.0. Antivirus thiab IPS

Nyob zoo! Zoo siab txais tos rau zaj lus qhia thib xya ntawm chav kawm Fortinet Pib PibCov. Nyob rau zaj lus qhia kawg peb tau paub txog cov kev ruaj ntseg xws li Web Filtering, Application Control thiab HTTPS tshuaj xyuas. Hauv zaj lus qhia no peb yuav txuas ntxiv peb cov lus qhia txog kev ruaj ntseg profiles. Ua ntej, peb yuav tau paub txog qhov kev xav ntawm kev ua haujlwm ntawm kev tiv thaiv kab mob thiab kev tiv thaiv kev nkag mus, thiab tom qab ntawd peb yuav saib seb cov kev ruaj ntseg profiles ua haujlwm li cas hauv kev xyaum.

Cia peb pib nrog lub antivirus. Ua ntej, cia peb tham txog cov thev naus laus zis uas FortiGate siv los kuaj cov kab mob:
Antivirus scanning yog txoj kev yooj yim tshaj plaws thiab ceev tshaj plaws ntawm kev kuaj cov kab mob. Nws tshawb pom cov kab mob uas ua tiav tag nrho cov npe kos npe muaj nyob rau hauv cov ntaub ntawv tiv thaiv kab mob.

Greyware Scan lossis tsis xav tau kev tshuaj ntsuam xyuas - cov cuab yeej no tshawb pom cov kev pabcuam tsis xav tau uas tau teeb tsa yam tsis muaj tus neeg siv paub lossis kev pom zoo. Technically, cov kev pab cuam no tsis yog kab mob. Lawv feem ntau tuaj bundled nrog lwm cov kev pab cuam, tab sis thaum ntsia lawv tsis zoo rau lub system, uas yog vim li cas lawv raug cais raws li malware. Feem ntau cov kev pab cuam no tuaj yeem kuaj pom siv cov kos npe greyware yooj yim los ntawm FortiGuard kev tshawb fawb hauv paus.

Heuristic scanning - cov cuab yeej no yog raws li qhov tshwm sim, yog li nws siv tuaj yeem ua rau muaj qhov tsis zoo, tab sis nws kuj tuaj yeem ntes cov kab mob xoom hnub. Cov kab mob xoom hnub yog cov kab mob tshiab uas tseem tsis tau kawm, thiab tsis muaj kev kos npe uas tuaj yeem ntes tau. Heuristic scanning tsis tau qhib los ntawm lub neej ntawd thiab yuav tsum tau qhib rau ntawm kab hais kom ua.

Yog tias txhua lub peev xwm tiv thaiv kab mob tau qhib, FortiGate siv lawv raws li hauv qab no: antivirus scanning, greyware scanning, heuristic scanning.

FortiGate tuaj yeem siv ntau cov ntaub ntawv tiv thaiv kab mob, nyob ntawm cov haujlwm:

• Cov ntaub ntawv pov thawj antivirus ib txwm (ib txwm) - muaj nyob hauv txhua tus qauv FortiGate. Nws suav nrog kev kos npe rau cov kab mob uas tau pom nyob rau hauv lub hlis tsis ntev los no. Qhov no yog qhov tsawg tshaj plaws antivirus database, yog li nws scans qhov ceev tshaj plaws thaum siv. Txawm li cas los xij, cov ntaub ntawv no tsis tuaj yeem ntes txhua tus kab mob paub.
• Txuas ntxiv - lub hauv paus no tau txais kev txhawb nqa los ntawm FortiGate feem ntau cov qauv. Nws tuaj yeem siv los txheeb xyuas cov kab mob uas tsis ua haujlwm ntxiv lawm. Ntau lub platform tseem muaj kev cuam tshuam rau cov kab mob no. Tsis tas li ntawd, cov kab mob no tuaj yeem ua teeb meem rau yav tom ntej.
• Thiab qhov kawg, lub hauv paus huab (Extreme) - yog siv nyob rau hauv infrastructures uas yuav tsum tau ib tug siab ntawm kev ruaj ntseg. Nrog nws cov kev pab, koj tuaj yeem tshawb xyuas tag nrho cov kab mob paub, suav nrog cov kab mob txhawm rau txhawm rau ua haujlwm tsis tu ncua, uas tsis tau nthuav dav tam sim no. Hom kev kos npe database no kuj tsis txhawb nqa los ntawm txhua tus qauv FortiGate.

Kuj tseem muaj cov ntaub ntawv kos npe cog lus tsim los rau kev tshawb xyuas ceev. Peb mam li tham txog nws me ntsis tom qab.

Koj tuaj yeem hloov kho anti-virus databases siv ntau txoj kev.

Thawj txoj hauv kev yog Push Update, uas tso cai rau cov ntaub ntawv hloov kho sai li sai tau thaum FortiGuard cov ntaub ntawv tshawb fawb tso tawm qhov hloov tshiab. Qhov no muaj txiaj ntsig zoo rau kev tsim kho vaj tse uas yuav tsum tau muaj kev ruaj ntseg siab, txij li FortiGate yuav tau txais kev hloov kho sai sai thaum lawv muaj.

Qhov thib ob txoj kev yog teem lub sij hawm. Txoj kev no koj tuaj yeem tshawb xyuas qhov hloov tshiab txhua teev, hnub lossis ib lim tiam. Ntawd yog, ntawm no yog lub sijhawm teem sijhawm ntawm koj qhov kev txiav txim siab.
Cov txheej txheem no tuaj yeem siv ua ke.

Tab sis koj yuav tsum nco ntsoov tias txhawm rau ua kom hloov kho tshiab, koj yuav tsum ua kom lub antivirus profile tsawg kawg yog ib txoj cai firewall. Txwv tsis pub, kev hloov tshiab yuav tsis raug ua.

Koj tuaj yeem rub tawm cov hloov tshiab los ntawm Fortinet qhov chaw txhawb nqa thiab tom qab ntawd manually upload lawv rau FortiGate.

Wb saib cov hom scanning. Muaj tsuas yog peb ntawm lawv - Full hom nyob rau hauv Flow Based hom, Quick hom nyob rau hauv Flow Based hom, thiab puv hom nyob rau hauv proxy hom. Cia peb pib nrog Full Mode hauv Flow mode.

Cia peb hais tias tus neeg siv xav rub tawm cov ntaub ntawv. Nws xa ib daim ntawv thov. Tus neeg rau zaub mov pib xa nws cov pob ntawv uas tsim cov ntaub ntawv. Tus neeg siv tam sim ntawd tau txais cov pob no. Tab sis ua ntej xa cov pob ntawv no rau tus neeg siv, FortiGate caches lawv. Tom qab FortiGate tau txais cov pob ntawv kawg, nws pib luam cov ntaub ntawv. Lub sijhawm no, cov pob ntawv kawg yog queued thiab tsis xa mus rau tus neeg siv. Yog tias cov ntaub ntawv tsis muaj cov kab mob, cov pob ntawv tshiab raug xa mus rau tus neeg siv. Yog tias kuaj pom tus kab mob, FortiGate rhuav tshem kev sib txuas nrog tus neeg siv.

Qhov thib ob scanning hom muaj nyob rau hauv Flow Based yog Quick hom. Nws siv cov ntaub ntawv kos npe sib cog lus, uas muaj cov kos npe tsawg dua li cov ntaub ntawv ib txwm muaj. Nws kuj muaj qee qhov kev txwv piv rau Full Mode:

• Nws tsis tuaj yeem xa cov ntaub ntawv mus rau sandbox
• Nws tsis tuaj yeem siv kev tshuaj xyuas heuristic
• Tsis tas li ntawd nws tsis tuaj yeem siv pob khoom cuam tshuam nrog mobile malware
• Qee tus qauv nkag qib tsis txhawb hom no.

Hom ceev kuj tseem kuaj xyuas cov kab mob, kab mob, trojans thiab malware, tab sis tsis muaj buffering. Qhov no muab kev ua tau zoo dua, tab sis tib lub sij hawm qhov yuav pom tus kab mob no txo ​​qis.

Hauv Proxy hom, tib hom scanning muaj yog Full Mode. Nrog xws li kev luam theej duab, FortiGate thawj zaug khaws tag nrho cov ntaub ntawv ntawm nws tus kheej (tshwj tsis yog, tau kawg, cov ntaub ntawv tso cai loj rau kev luam tawm yog tshaj). Tus neeg siv yuav tsum tau tos kom lub scan kom tiav. Yog tias kuaj pom tus kab mob no thaum kuaj xyuas, tus neeg siv yuav raug ceeb toom tam sim ntawd. Vim FortiGate thawj zaug txuag tag nrho cov ntaub ntawv thiab tom qab ntawd luam nws, qhov no tuaj yeem siv sijhawm ntev heev. Vim li no, nws yog ib qho ua tau rau tus neeg siv khoom kom xaus qhov kev sib txuas ua ntej tau txais cov ntaub ntawv vim ncua sij hawm ntev.

Daim duab hauv qab no qhia txog cov lus sib piv rau hom scanning - nws yuav pab koj txiav txim siab seb hom kev luam twg haum rau koj cov dej num. Kev teeb tsa thiab tshuaj xyuas qhov ua haujlwm ntawm cov tshuaj tiv thaiv kab mob yog tham hauv kev xyaum hauv video tom kawg ntawm kab lus.

Cia peb mus rau ntu thib ob ntawm zaj lus qhia - kev tiv thaiv kev nkag mus. Tab sis txhawm rau pib kawm IPS, koj yuav tsum nkag siab qhov sib txawv ntawm kev siv dag zog thiab kev tsis txaus ntseeg, thiab tseem nkag siab tias FortiGate siv cov txheej txheem dab tsi los tiv thaiv lawv.

Kev siv dag zog yog paub kev tawm tsam nrog cov qauv tshwj xeeb uas tuaj yeem kuaj pom siv IPS, WAF, lossis kos npe tiv thaiv kab mob.

Anomalies yog tus cwj pwm txawv txawv ntawm lub network, xws li cov tsheb thauj mus los tsis zoo lossis siab dua li ib txwm siv CPU.Anomalies yuav tsum tau saib xyuas vim tias lawv yuav yog cov cim qhia txog kev tawm tsam tshiab. Kev tsis txaus ntseeg feem ntau raug kuaj pom siv kev ntsuas tus cwj pwm - hu ua tus nqi kos npe thiab DoS cov cai.

Raws li qhov tshwm sim, IPS ntawm FortiGate siv lub hauv paus kos npe txhawm rau txhawm rau paub txog kev tawm tsam, thiab Rate-Based kos npe thiab DoS cov cai txhawm rau txheeb xyuas ntau yam tsis zoo.

Los ntawm lub neej ntawd, thawj txheej ntawm IPS kos npe suav nrog txhua lub version ntawm FortiGate operating system. Nrog kev hloov tshiab, FortiGate tau txais kev kos npe tshiab. Txoj kev no, IPS tseem muaj txiaj ntsig zoo rau kev siv tshiab. FortiGuard hloov kho IPS kos npe ntau zaus.

Ib qho tseem ceeb uas siv tau rau ob qho tib si IPS thiab antivirus yog tias yog tias koj daim ntawv tso cai tau tas sij hawm, koj tseem tuaj yeem siv cov kos npe tshiab tau txais. Tab sis koj yuav tsis tuaj yeem tau txais cov tshiab yam tsis muaj ntawv tso cai. Yog li ntawd, qhov tsis muaj ntawv tso cai yog qhov tsis xav tau - yog tias kev tawm tsam tshiab tshwm sim, koj yuav tsis tuaj yeem tiv thaiv koj tus kheej nrog cov npe qub.

IPS kos npe databases muab faib ua ntu zus thiab txuas ntxiv. Cov ntaub ntawv ib txwm muaj cov npe kos npe rau kev tawm tsam uas tsis tshua muaj lossis tsis ua rau muaj qhov tsis zoo. Qhov kev txiav txim preconfigured rau feem ntau ntawm cov kos npe no yog thaiv.

Cov ntaub ntawv txuas ntxiv muaj cov npe tawm tsam ntxiv uas muaj kev cuam tshuam loj rau kev ua haujlwm ntawm lub cev, lossis qhov tsis tuaj yeem raug thaiv vim lawv qhov tshwj xeeb. Vim qhov loj ntawm cov ntaub ntawv no, nws tsis muaj nyob rau ntawm FortiGate qauv nrog me me disk lossis RAM. Tab sis rau qhov chaw nyab xeeb heev, koj yuav tsum tau siv lub hauv paus txuas ntxiv.

Kev teeb tsa thiab tshuaj xyuas kev ua haujlwm ntawm IPS kuj tau tham hauv video hauv qab no.

Hauv zaj lus qhia tom ntej peb yuav saib kev ua haujlwm nrog cov neeg siv. Txhawm rau kom tsis txhob nco nws, ua raws cov kev hloov tshiab ntawm cov channel hauv qab no:

• youtube
• Vkontakte zej zog
• Yandex Zen
• Peb lub vev xaib
• Telegram channel

Tau qhov twg los: www.hab.com