habrã®èŠªæãªãèªè
ã®çãããããã«ã¡ã¯ïŒ å瀟ã®ã³ãŒãã¬ãŒãããã°ã¯ãã¡ã
ãã®èšäºãæžããã©ãããé·ãéèããŸããã ã€ã³ã¿ãŒãããã§èŠã€ããããªãæ°ãããã®ã¯äœããããŸããã ããããããã»ã©æ
å ±ãè±å¯ã§ããã«ãããããããã¯ã©ã€ã¢ã³ããããŒãããŒãšä»äºãããŠãããšãåã質åãããè³ã«ããŸãã ãããã£ãŠãCheck Point ãã¯ãããžãŒã®äžçãžã®äœããã®å
¥éæžãäœæãããã®ãœãªã¥ãŒã·ã§ã³ã®ã¢ãŒããã¯ãã£ã®æ¬è³ªãæããã«ããããšã«ããŸããã ãããŠãããããã¹ãŠã¯ XNUMX ã€ã®ãå°ããªãæçš¿ã®æ çµã¿ã®äžã«ãããããã°ç°¡åãªäœè«ã§ãã ãããŠãç§ãã¡ã¯ããŒã±ãã£ã³ã°æŠäºã«å·»ã蟌ãŸããªãããã«åªããŸãã ç§ãã¡ã¯ãã³ããŒã§ã¯ãªããåãªãã·ã¹ãã ã€ã³ãã°ã¬ãŒã¿ãŒã§ã (ãã§ã㯠ãã€ã³ãã倧奜ãã§ãã)ãä»ã®ã¡ãŒã«ãŒ (ãã ã¢ã«ããã·ã¹ã³ããã©ãŒãã£ããããªã©) ãšæ¯èŒããããšãªããèŠç¹ã ãã説æããŸãã ãã®èšäºã¯éåžžã«ããªã¥ãŒã ã®ãããã®ã«ãªããŸããããCheck Point ã«æ
£ãã段éã§ã®è³ªåã®ã»ãšãã©ãçç¥ãããŠããŸãã ãèå³ãããããŸããããããããç«ã®äžãžâŠ
UTM/NGFW
Check Point ã«ã€ããŠäŒè©±ãå§ãããšãã¯ããŸã UTM ãš NGFW ãšã¯äœãããããŠããããã©ã®ããã«ç°ãªãã®ãã«ã€ããŠã®èª¬æããå§ããŸãã æçš¿ã倧ãããªããããªãããã«ãããã¯éåžžã«ç°¡æœã«è¡ããŸã (ããããå°æ¥ããã®åé¡ã«ã€ããŠããå°ã詳ããæ€èšããäºå®ã§ã)
UTM - çµ±åè åšç®¡ç
ã€ãŸããUTM ã®æ¬è³ªã¯ãè€æ°ã®ã»ãã¥ãªã㣠ããŒã«ã XNUMX ã€ã®ãœãªã¥ãŒã·ã§ã³ã«çµ±åããããšã§ãã ãããã®ã ãã¹ãŠã XNUMX ã€ã®ããã¯ã¹ã«ãŸãšãããããã¹ãŠãå«ãããã®ããããŸãã ãè€æ°ã®ææžçããšã¯äœãæå³ããŸããïŒ æãäžè¬çãªãªãã·ã§ã³ã¯ããã¡ã€ã¢ãŠã©ãŒã«ãIPSããããã· (URL ãã£ã«ã¿ãªã³ã°)ãã¹ããªãŒãã³ã° ãŠã€ã«ã¹å¯Ÿçãã¹ãã 察çãVPN ãªã©ã§ãã ããããã¹ãŠã XNUMX ã€ã® UTM ãœãªã¥ãŒã·ã§ã³å ã§çµã¿åãããããããçµ±åãæ§æã管çãç£èŠã®ç¹ã§å®¹æã«ãªããããããããã¯ãŒã¯å šäœã®ã»ãã¥ãªãã£ã«ãã©ã¹ã®å¹æããããããŸãã UTM ãœãªã¥ãŒã·ã§ã³ãæåã«ç»å ŽãããšããUTM ãœãªã¥ãŒã·ã§ã³ã¯äžå°äŒæ¥å°çšãšèããããŠããŸããã UTM ã¯å€§éã®ãã©ãã£ãã¯ãåŠçã§ããŸããã§ããã ããã«ã¯æ¬¡ã® XNUMX ã€ã®çç±ããããŸããã
- ãã±ããåŠçã UTM ãœãªã¥ãŒã·ã§ã³ã®æåã®ããŒãžã§ã³ã§ã¯ãåãã¢ãžã¥ãŒã«ãã«ãã£ãŠãã±ãããé çªã«åŠçãããŸããã äŸ: æåã«ãã±ããã¯ãã¡ã€ã¢ãŠã©ãŒã«ã«ãã£ãŠåŠçããã次㫠IPS ã«ãã£ãŠåŠçããã次ã«ãŠã€ã«ã¹å¯Ÿçã«ãã£ãŠãã§ãã¯ãããŸãã åœç¶ã®ããšãªããããã®ãããªã¡ã«ããºã ã§ã¯æ·±å»ãªãã©ãã£ãã¯é 延ãçºçããã·ã¹ãã ãªãœãŒã¹ (ããã»ããµãã¡ã¢ãª) ã倧éã«æ¶è²»ãããŸãã
- ããŒããŠã§ã¢ã匱ãã åè¿°ããããã«ãé次ãã±ããåŠçã¯ãªãœãŒã¹ãæ¶è²»ããåœæ (1995 ïœ 2005 幎) ã®ããŒããŠã§ã¢ã¯é«ãã©ãã£ãã¯ã«å¯ŸåŠã§ããŸããã§ããã
ãããé²æ©ã¯æ¢ãŸããªãã ãã以æ¥ãããŒããŠã§ã¢ã®å®¹éãå€§å¹ ã«å¢å ãããã±ããåŠçãå€æŽãã (ãã¹ãŠã®ãã³ããŒããããåããŠããããã§ã¯ãªãããšãèªããªããã°ãªããŸãã)ãäžåºŠã«è€æ°ã®ã¢ãžã¥ãŒã« (MEãIPSãAntiVirus ãªã©) ã§ã»ãŒåæã«åæã§ããããã«ãªããŸããã ææ°ã® UTM ãœãªã¥ãŒã·ã§ã³ã¯ã深局åæã¢ãŒãã§æ°åã®ã¬ããããããã«ã¯æ°çŸã®ã¬ããããããã€ãžã§ã¹ããã§ããããã倧äŒæ¥ã®ã»ã°ã¡ã³ããããŒã¿ã»ã³ã¿ãŒã§ããã䜿çšã§ããããã«ãªããŸãã
以äžã¯ãGartner ã® 2016 幎 XNUMX æã® UTM ãœãªã¥ãŒã·ã§ã³ã«é¢ããæåãªããžã㯠ã¯ã¢ãã©ã³ãã§ãã
ãã®åçã«ã€ããŠã¯åŒ·ãã³ã¡ã³ãããŸãããå³äžé
ã«ãªãŒããŒããããšã ãèšã£ãŠãããŸãã
NGFW - 次äžä»£ãã¡ã€ã¢ãŠã©ãŒã«
ååèªäœã次äžä»£ãã¡ã€ã¢ãŠã©ãŒã«ã§ããããšãç©èªã£ãŠããŸãã ãã®æŠå¿µã¯ UTM ããããã£ãšåŸã«ç»å ŽããŸããã NGFW ã®äž»ãªã¢ã€ãã¢ã¯ãçµã¿èŸŒã¿ IPS ã䜿çšãããã£ãŒã ãã±ãã ã€ã³ã¹ãã¯ã·ã§ã³ (DPI) ãšã¢ããªã±ãŒã·ã§ã³ ã¬ãã«ã§ã®ã¢ã¯ã»ã¹å¶åŸ¡ (ã¢ããªã±ãŒã·ã§ã³ ã³ã³ãããŒã«) ã§ãã ãã®å ŽåãIPS ã¯ãã±ãã ã¹ããªãŒã å ã®ç¹å®ã®ã¢ããªã±ãŒã·ã§ã³ãèå¥ããããã«å¿ èŠãªãã®ã§ãããããã«ããã¢ããªã±ãŒã·ã§ã³ãèš±å¯ãŸãã¯æåŠã§ããŸãã äŸ: Skype ã®åäœãèš±å¯ããŠãããã¡ã€ã«è»¢éã¯çŠæ¢ã§ããŸãã Torrent ã RDP ã®äœ¿çšãçŠæ¢ããããšãã§ããŸãã Web ã¢ããªã±ãŒã·ã§ã³ããµããŒããããŠããŸããVK.com ãžã®ã¢ã¯ã»ã¹ã¯èš±å¯ããŸãããã²ãŒã ãã¡ãã»ãŒãžããããªã®èŠèŽã¯çŠæ¢ã§ããŸãã åºæ¬çã«ãNGFW ã®å質ã¯ãNGFW ã§å®çŸ©ã§ããã¢ããªã±ãŒã·ã§ã³ã®æ°ã«äŸåããŸãã NGFW ã®æŠå¿µã®åºçŸã¯ãããã¢ã«ããæ¥éãªæé·ãéå§ããäžè¬çãªããŒã±ãã£ã³ã°æŠç¥ã ã£ããšå€ãã®äººãä¿¡ããŠããŸãã
2016 幎 XNUMX æã® Gartner ã® NGFW ããžã㯠ã¯ã¢ãã©ã³ã:
UTM vs NGFW
éåžžã«ãããã質åã§ãããã©ã¡ããè¯ãã§ãã? ããã«ã¯åäžã®çãã¯ãããŸããããããåŸãŸããã ç¹ã«ãææ°ã® UTM ãœãªã¥ãŒã·ã§ã³ã®ã»ãŒãã¹ãŠã« NGFW æ©èœãå«ãŸããŠãããã»ãšãã©ã® NGFW ã«ã¯ UTM åºæã®æ©èœ (ãŠã€ã«ã¹å¯ŸçãVPNãã¢ã³ãããããªã©) ãå«ãŸããŠãããšããäºå®ãèæ ®ãããšãªãããã§ãã ãã€ãã®ããã«ããæªéã¯çŽ°éšã«å®¿ããã®ã§ããŸãå ·äœçã«äœãå¿ èŠãã決ããäºç®ã決ããå¿ èŠããããŸãã ãããã®æ±ºå®ã«åºã¥ããŠãããã€ãã®ãªãã·ã§ã³ãéžæã§ããŸãã ãããŠãããŒã±ãã£ã³ã°è³æãä¿¡ããã®ã§ã¯ãªãããã¹ãŠãæ確ã«ãã¹ãããå¿ èŠããããŸãã
次ã«ãããã€ãã®èšäºã®æ çµã¿ã®äžã§ãCheck Point ã«ã€ããŠãã©ã®ããã«è©Šããã®ãããããŠååãšããŠäœãè©Šããã®ã (ã»ãŒãã¹ãŠã®æ©èœ) ã説æããŠãããŸãã
XNUMX ã€ã®ãã§ã㯠ãã€ã³ã ãšã³ãã£ãã£
Check Point ã䜿çšããå Žåããã®è£œåã® XNUMX ã€ã®ã³ã³ããŒãã³ãã«å¿ ãééããŸãã
- ã»ãã¥ãªãã£ã²ãŒããŠã§ã€ (SG) - ã»ãã¥ãªã㣠ã²ãŒããŠã§ã€èªäœãéåžžã¯ãããã¯ãŒã¯å¢çã«é 眮ããããã¡ã€ã¢ãŠã©ãŒã«ãã¹ããªãŒãã³ã° ã¢ã³ããŠã€ã«ã¹ãã¢ã³ãããããIPS ãªã©ã®æ©èœãå®è¡ããŸãã
- ã»ãã¥ãªãã£ç®¡çãµãŒã㌠(SMS) - ã²ãŒããŠã§ã€ç®¡çãµãŒããŒã ã²ãŒããŠã§ã€ (SG) äžã®ã»ãšãã©ãã¹ãŠã®èšå®ã¯ããã®ãµãŒããŒã䜿çšããŠå®è¡ãããŸãã SMS ã¯ãã° ãµãŒããŒãšããŠãæ©èœããçµã¿èŸŒã¿ã®ã€ãã³ãåæããã³çžé¢ã·ã¹ãã ã§ããã¹ããŒã ã€ãã³ã (Check Point ã® SIEM ã«äŒŒãŠããŸã) ã§åŠçããããšãã§ããŸãããããã«ã€ããŠã¯åŸã»ã©èª¬æããŸãã SMS ã¯è€æ°ã®ã²ãŒããŠã§ã€ãéäžç®¡çããããã«äœ¿çšãããŸã (ã²ãŒããŠã§ã€ã®æ°ã¯ SMS ã¢ãã«ãŸãã¯ã©ã€ã»ã³ã¹ã«ãã£ãŠç°ãªããŸã)ããã ããã²ãŒããŠã§ã€ã XNUMX ã€ãããªãå Žåã§ããSMS ã䜿çšããå¿ èŠããããŸãã ããã§æ³šç®ãã¹ãã¯ãCheck Point ããã®ãããªéäžç®¡çã·ã¹ãã ãæåã«äœ¿çšããäŒæ¥ã® XNUMX ã€ã§ãããGartner ã®ã¬ããŒãã«ãããšããã®ã·ã¹ãã ã¯é·å¹Žé£ç¶ããŠããŽãŒã«ã ã¹ã¿ã³ããŒãããšããŠèªããããŠããŸããã ãããã·ã¹ã³ãéåžžã®ç®¡çã·ã¹ãã ãæã£ãŠãããããã§ãã¯ã»ãã€ã³ãã¯æ±ºããŠçŸããªãã£ãã§ãããããšãããžã§ãŒã¯ãããããŸãã
- ã¹ããŒãã³ã³ãœãŒã« â 管çãµãŒã㌠(SMS) ã«æ¥ç¶ããããã®ã¯ã©ã€ã¢ã³ã ã³ã³ãœãŒã«ã éåžžã¯ç®¡çè
ã®ã³ã³ãã¥ãŒã¿ã«ã€ã³ã¹ããŒã«ãããŸãã ãã®ã³ã³ãœãŒã«ãéããŠããã¹ãŠã®å€æŽã¯ç®¡çãµãŒããŒäžã§è¡ããããã®åŸãèšå®ãã»ãã¥ãªã㣠ã²ãŒããŠã§ã€ã«é©çšã§ããŸã (ããªã·ãŒã®ã€ã³ã¹ããŒã«)ã
ãã§ãã¯ã»ãã€ã³ãã®ãªãã¬ãŒãã£ã³ã°ã»ã·ã¹ãã
Check Point ãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã«ã€ããŠèšãã°ãIPSOãSPLATãGAIA ã® XNUMX ã€ãäžåºŠã«æãåºãããšãã§ããŸãã
- ã€ã㜠Nokia ãææããŠãã Ipsilon Networks ã®ãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã§ãã 2009 幎ã«ãã§ã㯠ãã€ã³ãããã®ããžãã¹ãè²·åããŸããã ããéçºãããŠããŸããã
- ã¹ãã©ãã - RedHat ã«ãŒãã«ã«åºã¥ãã Check Point ã®ç¬èªéçºã ããéçºãããŠããŸããã
- ã¬ã€ã¢ - IPSO ãš SPLAT ã®å䜵ã®çµæãšããŠç»å Žãã Check Point ã®çŸåšã®ãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã§ãæé«ã®ãã®ããã¹ãŠçµã¿èŸŒãã§ããŸãã 2012幎ã«ç»å Žãã粟åçã«éçºãç¶ããŠããŸãã
Gaia ã«ã€ããŠèšãã°ãçŸæç¹ã§æãäžè¬çãªããŒãžã§ã³ã¯ R77.30 ã§ãããšèšããªããã°ãªããŸããã æ¯èŒçæè¿ãR80 ããŒãžã§ã³ãç»å ŽããŸãããããã㯠(æ©èœãšå¶åŸ¡ã®äž¡æ¹ã®ç¹ã§) 以åã®ãã®ãšã¯å€§ããç°ãªããŸãã ãããã®éãã«ã€ããŠã¯ãå¥ã®èšäºã§åãäžããäºå®ã§ãã ãã 77.10 ã€ã®éèŠãªç¹ã¯ãçŸæç¹ã§ã¯ããŒãžã§ã³ R77.30 ã®ã¿ã FSTEC 蚌ææžãæã£ãŠãããããŒãžã§ã³ RXNUMX ãèªå®ãããŠãããšããããšã§ãã
ãªãã·ã§ã³ (Check Point ã¢ãã©ã€ã¢ã³ã¹ãä»®æ³ãã·ã³ãOpenServer)
å€ãã® Check Point ãã³ããŒãããã€ãã®è£œåãªãã·ã§ã³ãæäŸããŠãããããããã§é©ãã¹ãããšã¯äœããããŸããã
- ã¢ãã©ã€ã¢ã³ã¹ - ããŒããŠã§ã¢ããã³ãœãããŠã§ã¢ããã€ã¹ãã€ãŸãèªåã ãã®ãéã®å¡ãã æ§èœãæ©èœããã¶ã€ã³ã®ç°ãªãã¢ãã«ãå€æ°ãããŸã (ç£æ¥çšãããã¯ãŒã¯çšã®ãªãã·ã§ã³ããããŸã)ã
- ä»®æ³ãã·ã³ - Gaia OS ãæèŒãã Check Point ä»®æ³ãã·ã³ã ãã€ããŒãã€ã¶ãŒ ESXiãHyper-VãKVM ããµããŒããããŠããŸãã ããã»ããµãŒã³ã¢ã®æ°ã«å¿ããŠã©ã€ã»ã³ã¹ãä»äžãããŸãã
- ãªãŒãã³ãµãŒã㌠- Gaia ãã¡ã€ã³ ãªãã¬ãŒãã£ã³ã° ã·ã¹ãã (ãããããã㢠ã¡ã¿ã«ã) ãšããŠãµãŒããŒã«çŽæ¥ã€ã³ã¹ããŒã«ããŸãã ç¹å®ã®ããŒããŠã§ã¢ã®ã¿ããµããŒããããŠããŸãã ãã®ããŒããŠã§ã¢ã«ã¯åŸãå¿ èŠãããæšå¥šäºé ããããŸããåŸããªããšããã©ã€ããŒãªã©ã«åé¡ãçºçããå¯èœæ§ããããŸãã ãµããŒãã¯ã客æ§ãžã®ãµãŒãã¹ãæåŠããå ŽåããããŸãã
å®è£ ãªãã·ã§ã³ (åæ£ãŸãã¯ã¹ã¿ã³ãã¢ãã³)
ããå°ã詳ãã説æãããšãã²ãŒããŠã§ã€ (SG) ãšç®¡çãµãŒã㌠(SMS) ãäœã§ãããã«ã€ããŠã¯ãã§ã«èª¬æããŸããã 次ã«ããã®å®è£ ã®ãªãã·ã§ã³ã«ã€ããŠèª¬æããŸãã äž»ã«æ¬¡ã® XNUMX ã€ã®æ¹æ³ããããŸãã
- ã¹ã¿ã³ãã¢ãã³ (SG+SMS) - ã²ãŒããŠã§ã€ãšç®¡çãµãŒããŒã®äž¡æ¹ãåãããã€ã¹ (ãŸãã¯ä»®æ³ãã·ã³) å
ã«ã€ã³ã¹ããŒã«ãããŠããå Žåã®ãªãã·ã§ã³ã
ãã®ãªãã·ã§ã³ã¯ããŠãŒã¶ãŒ ãã©ãã£ãã¯ã®è² è·ã軜ãã²ãŒããŠã§ã€ã XNUMX ã€ãããªãå Žåã«é©ããŠããŸãã ãã®ãªãã·ã§ã³ã¯æãçµæžçã§ããããã§ãã 管çãµãŒã㌠(SMS) ãè³Œå ¥ããå¿ èŠã¯ãããŸããã ãã ããã²ãŒããŠã§ã€ã®è² è·ãé«ãå Žåãå¶åŸ¡ã·ã¹ãã ãé ããªãå¯èœæ§ããããŸãã ãããã£ãŠãã¹ã¿ã³ãã¢ãã³ ãœãªã¥ãŒã·ã§ã³ãéžæããåã«ããã®ãªãã·ã§ã³ã«ã€ããŠçžè«ãããããã¹ãããããšããå§ãããŸãã - åæ£ â 管çãµãŒããŒã¯ã²ãŒããŠã§ã€ãšã¯å¥ã«ã€ã³ã¹ããŒã«ãããŸãã
å©äŸ¿æ§ãšããã©ãŒãã³ã¹ã®ç¹ã§æè¯ã®ãªãã·ã§ã³ã§ãã ããã¯ãäžå€®ã²ãŒããŠã§ã€ãšãã©ã³ãã²ãŒããŠã§ã€ãªã©ãè€æ°ã®ã²ãŒããŠã§ã€ãåæã«ç®¡çããå¿ èŠãããå Žåã«äœ¿çšãããŸãã ãã®å Žåã管çãµãŒã㌠(SMS) ãè³Œå ¥ããå¿ èŠããããŸãã管çãµãŒã㌠(SMS) ã¯ãã¢ãã©ã€ã¢ã³ã¹ (éç) ãŸãã¯ä»®æ³ãã·ã³ã®åœ¢åŒã«ããããšãã§ããŸãã
äžã§è¿°ã¹ãããã«ãCheck Point ã«ã¯ç¬èªã® SIEM ã·ã¹ãã ã§ãã Smart Event ããããŸãã åæ£ã€ã³ã¹ããŒã«ã®å Žåã«ã®ã¿äœ¿çšã§ããŸãã
åäœã¢ãŒã (ããªããžãã«ãŒããã)
Security Gateway (SG) ã¯ã次㮠XNUMX ã€ã®åºæ¬ã¢ãŒãã§åäœã§ããŸãã
- ã«ãŒãã£ã³ã°æžã¿ - æãäžè¬çãªãªãã·ã§ã³ã ãã®å Žåãã²ãŒããŠã§ã€ã¯ L3 ããã€ã¹ãšããŠäœ¿çšãããã²ãŒããŠã§ã€èªäœãä»ããŠãã©ãã£ãã¯ãã«ãŒãã£ã³ã°ããŸãã Check Point ã¯ãä¿è·ããããããã¯ãŒã¯ã®ããã©ã«ã ã²ãŒããŠã§ã€ã§ãã
- ããªããž - éæã¢ãŒãã ãã®å Žåãã²ãŒããŠã§ã€ã¯éåžžã®ãããªããžããšããŠã€ã³ã¹ããŒã«ããã第 XNUMX å±€ (OSI) ã§ãã©ãã£ãã¯ãééãããŸãã ãã®ãªãã·ã§ã³ã¯éåžžãæ¢åã®ã€ã³ãã©ã¹ãã©ã¯ãã£ãå€æŽããå¯èœæ§ããªã (ãŸãã¯å€æŽããããªã) å Žåã«äœ¿çšãããŸãã å®éã«ã¯ããããã¯ãŒã¯ ããããžãå€æŽããå¿ èŠã¯ãªããIP ã¢ãã¬ã¹ã®å€æŽã«ã€ããŠèããå¿ èŠããããŸããã
ããªããž ã¢ãŒãã«ã¯ããã€ãã®æ©èœå¶éãããããšã«æ³šæããŠãã ããããã®ãããã€ã³ãã°ã¬ãŒã¿ãŒãšããŠããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã«ããã¡ããå¯èœã§ããã°ã«ãŒããã ã¢ãŒãã䜿çšããããšããå§ãããŸãã
ãœãããŠã§ã¢ ãã¬ãŒã (Check Point ãœãããŠã§ã¢ ãã¬ãŒã)
ã客æ§ããã®è³ªåãæãå€ããã§ã㯠ãã€ã³ãã®æãéèŠãªãããã¯ã«ã»ãŒå°éããŸããã ããœãããŠã§ã¢ãã¬ãŒãããšã¯äœã§ãã? ãã¬ãŒãã¯ãç¹å®ã®ãã§ã㯠ãã€ã³ãæ©èœãæããŸãã
ãããã®æ©èœã¯ãããŒãºã«å¿ããŠãªã³ãŸãã¯ãªãã«ããããšãã§ããŸãã åæã«ãã²ãŒããŠã§ã€ (ãããã¯ãŒã¯ ã»ãã¥ãªãã£) äžã§ã®ã¿ã¢ã¯ãã£ãåããããã¬ãŒããšã管çãµãŒã㌠(管ç) äžã§ã®ã¿ã¢ã¯ãã£ãåããããã¬ãŒãããããŸãã 以äžã®å³ã¯ãäž¡æ¹ã®å Žåã®äŸã瀺ããŠããŸãã
1) ãããã¯ãŒã¯ã»ãã¥ãªãã£çš (ã²ãŒããŠã§ã€æ©èœ)
ç°¡åã«èª¬æãããšã ããããã®ãã¬ãŒãã«ã€ããŠã¯å¥ã®èšäºãæžã䟡å€ããããŸãã
- ãã¡ã€ã¢ãŠã©ãŒã« - ãã¡ã€ã¢ãŠã©ãŒã«æ©èœã
- IPSec VPN - ãã©ã€ããŒãä»®æ³ãããã¯ãŒã¯ã®æ§ç¯ã
- ã¢ãã€ã« ã¢ã¯ã»ã¹ - ã¢ãã€ã« ããã€ã¹ããã®ãªã¢ãŒã ã¢ã¯ã»ã¹ã
- IPS - äŸµå ¥é²æ¢ã·ã¹ãã ã
- ã¢ã³ãããã - ãããããã ãããã¯ãŒã¯ã«å¯Ÿããä¿è·ã
- AntiVirus - ã¹ããªãŒãã³ã° ã¢ã³ããŠã€ã«ã¹ã
- ã¹ãã 察çãšé»åã¡ãŒã«ã®ã»ãã¥ãªã㣠- äŒæ¥ã¡ãŒã«ã®ä¿è·ã
- ID èªè - Active Directory ãµãŒãã¹ãšã®çµ±åã
- ã¢ãã¿ãªã³ã° - ã»ãŒãã¹ãŠã®ã²ãŒããŠã§ã€ãã©ã¡ãŒã¿ (è² è·ã垯åå¹ ãVPN ã¹ããŒã¿ã¹ãªã©) ãã¢ãã¿ãªã³ã°ããŸãã
- ã¢ããªã±ãŒã·ã§ã³ ã³ã³ãããŒã« - ã¢ããªã±ãŒã·ã§ã³ ã¬ãã«ã®ãã¡ã€ã¢ãŠã©ãŒã« (NGFW æ©èœ)ã
- URL ãã£ã«ã¿ãªã³ã° - Web ã»ãã¥ãªã㣠(+ ãããã·æ©èœ)ã
- ããŒã¿æ倱é²æ¢ - æ å ±æŒæŽ©é²æ¢ (DLP)ã
- è åšãšãã¥ã¬ãŒã·ã§ã³ - ãµã³ãããã¯ã¹ ãã¯ãããžãŒ (SandBox)ã
- è åšã®æœåº - ãã¡ã€ã«ã¯ãªãŒãã³ã°ãã¯ãããžãŒã
- QoS - ãã©ãã£ãã¯ã®åªå é äœä»ãã
ã»ãã®æ°åã®èšäºã§ãè åšãšãã¥ã¬ãŒã·ã§ã³ ãã¬ãŒããšè åšæœåºãã¬ãŒãã«ã€ããŠè©³ãã説æããŸãããã£ãšèå³æ·±ãå 容ã«ãªããšæããŸãã
2) 管çè åã (管çãµãŒããŒæ©èœ)
- ãããã¯ãŒã¯ ããªã·ãŒç®¡ç - éäžããªã·ãŒç®¡çã
- ãšã³ããã€ã³ã ããªã·ãŒç®¡ç - Check Point ãšãŒãžã§ã³ãã®éäžç®¡ç (ã¯ããCheck Point ã¯ãããã¯ãŒã¯ä¿è·ã ãã§ãªããã¯ãŒã¯ã¹ããŒã·ã§ã³ (PC) ãã¹ããŒããã©ã³ãä¿è·ããããã®ãœãªã¥ãŒã·ã§ã³ãæäŸããŠããŸã)ã
- ãã°ãšã¹ããŒã¿ã¹ - ãã°ã®äžå çãªåéãšåŠçã
- 管çããŒã¿ã« - ãã©ãŠã¶ããã®ã»ãã¥ãªãã£ç®¡çã
- ã¯ãŒã¯ãã㌠- ããªã·ãŒå€æŽã®å¶åŸ¡ãå€æŽã®ç£æ»ãªã©ã
- ãŠãŒã¶ãŒ ãã£ã¬ã¯ã㪠- LDAP ãšã®çµ±åã
- ããããžã§ãã³ã° - ã²ãŒããŠã§ã€ç®¡çã®èªååã
- Smart Reporter - ã¬ããŒã ã·ã¹ãã ã
- ã¹ããŒã ã€ãã³ã - ã€ãã³ãã®åæãšçžé¢ä»ã (SIEM)ã
- ã³ã³ãã©ã€ã¢ã³ã¹ - èšå®ã®èªåãã§ãã¯ãšæšå¥šäºé ã®çºè¡ã
èšäºãèªåŒµãããŠèªè ãæ··ä¹±ããªãããã«ãããã§ã¯ã©ã€ã»ã³ã¹ã®åé¡ã«ã€ããŠã¯è©³ããæ€èšããŸããã ããããå¥ã®æçš¿ã§åãäžããããšã«ãªãã§ãããã
ãã¬ãŒã ã¢ãŒããã¯ãã£ã«ãããæ¬åœã«å¿ èŠãªæ©èœã®ã¿ã䜿çšã§ããããããœãªã¥ãŒã·ã§ã³ã®äºç®ãšããã€ã¹ã®å šäœçãªããã©ãŒãã³ã¹ã«åœ±é¿ããŸãã ã¢ã¯ãã£ãã«ãããã¬ãŒãã®æ°ãå¢ããã»ã©ããæé€ãã§ãããã©ãã£ãã¯ãå°ãªããªãã®ã¯è«ççã§ãã ãã®ããã次ã®ããã©ãŒãã³ã¹è¡šã Check Point ã®åã¢ãã«ã«æ·»ä»ãããŠããŸã (ããšãã°ã5400 ã¢ãã«ã®ç¹æ§ãåãäžããŠããŸã)ã
ã芧ã®ãšãããããã«ã¯åæãã©ãã£ãã¯ãšå®éã®æ··åãã©ãã£ãã¯ã® XNUMX ã€ã®ã«ããŽãªã®ãã¹ãããããŸãã äžè¬çã«èšãã°ããã§ãã¯ã»ãã€ã³ãã¯åã«åæãã¹ãã®å
¬éã匷å¶ãããŠããã ãã ããã§ãã äžéšã®ãã³ããŒã¯ãå®éã®ãã©ãã£ãã¯ã§ã®ãœãªã¥ãŒã·ã§ã³ã®ããã©ãŒãã³ã¹ã調æ»ããã«ããã®ãããªãã¹ãããã³ãããŒã¯ãšããŠäœ¿çšããŠããŸã (ãŸãã¯ãæºè¶³ã§ããªãããããã®ãããªããŒã¿ãæå³çã«é ããŠããŸã)ã
åã¿ã€ãã®ãã¹ãã§ãããã€ãã®ãªãã·ã§ã³ãããããšãããããŸãã
- ãã¡ã€ã¢ãŠã©ãŒã«ã®ã¿ããã¹ãããŸãã
- ãã¡ã€ã¢ãŠã©ãŒã« + IPS ãã¹ãã
- ãã¡ã€ã¢ãŠã©ãŒã«+IPS+NGFWïŒã¢ããªã±ãŒã·ã§ã³å¶åŸ¡ïŒãã¹ãã
- ãã¡ã€ã¢ãŠã©ãŒã«+ã¢ããªã±ãŒã·ã§ã³å¶åŸ¡+URLãã£ã«ã¿ãªã³ã°+IPS+ã¢ã³ããŠã€ã«ã¹+ã¢ã³ãããã+SandBlastãã¹ãïŒãµã³ãããã¯ã¹ïŒ
ãœãªã¥ãŒã·ã§ã³ãéžæããå Žåã¯ããããã®ãã©ã¡ãŒã¿ã泚ææ·±ãæ€èšããããåãåãããŠãã ããã
Check Point ãã¯ãããžãŒã®çŽ¹ä»èšäºã¯ããã§çµããã ãšæããŸãã 次ã«ãCheck Point ããã¹ãããæ¹æ³ãšãææ°ã®æ å ±ã»ãã¥ãªãã£ã®è åš (ãŠã€ã«ã¹ããã£ãã·ã³ã°ãã©ã³ãµã ãŠã§ã¢ããŒããã€) ã«å¯ŸåŠããæ¹æ³ãèŠãŠãããŸãã
PS éèŠãªç¹ã§ãã å€åœïŒã€ã¹ã©ãšã«ïŒèµ·æºã§ããã«ããããããããã®ãœãªã¥ãŒã·ã§ã³ã¯ãã·ã¢é£éŠã®ç£ç£åœå±ã«ãã£ãŠèªå®ãããŠãããåœå®¶æ©é¢ã§ã®ååšãèªåçã«åæ³åãããŸãïŒã³ã¡ã³ã
ç»é²ãŠãŒã¶ãŒã®ã¿ãã¢ã³ã±ãŒãã«åå ã§ããŸãã
ã©ã®ãã㪠UTM/NGFW ããŒã«ã䜿çšããŠããŸãã?
-
ãã§ãã¯ãã€ã³ã
-
ã·ã¹ã³ãã¡ââã€ã¢ãã¯ãŒ
-
ãã©ãŒãã£ããã
-
ããã¢ã«ã
-
ãœãã©ã¹
-
ãã« SonicWALL
-
Huawei瀟
-
ãŠã©ããã¬ãŒã
-
ãžã¥ãããŒ
-
UserGate
-
亀éç£èŠå¡
-
ã«ãã³ã³
-
ã€ãã³
-
ãªãŒãã³ãœãŒã¹ ãœãªã¥ãŒã·ã§ã³
-
ãã®ä»
134 人ã®ãŠãŒã¶ãŒãæ祚ããŸããã 78åã®ãŠãŒã¶ãŒãæ£æš©ããã
åºæïŒ habr.com