ãã®éè¡ã¯ãããžã§ã¯ããå€ãã®è«è² æ¥è
ã«å§èšããŠããŸãã ãå€éšãã¯ã³ãŒããæžãããã®çµæãããŸã䟿å©ã§ã¯ãªã圢åŒã§éä¿¡ããŸãã å
·äœçã«ã¯ãããã»ã¹ã¯æ¬¡ã®ããã«ãªããŸããæ©èœãã¹ãã«åæ Œãããããžã§ã¯ããåŒãæž¡ãããéè¡å¢çå
ã§çµ±åãè² è·ãªã©ã®ãã¹ããè¡ââãããŸããã ãã¹ãã倱æããŠããããšããã°ãã°çºèŠãããŸããã ãã®åŸããã¹ãŠãå€éšéçºè
ã«æ»ããŸããã ãæ³åã®ãšãããããã¯ãã°ä¿®æ£ã«é·ãæéããããããšãæå³ããŸããã
åéè¡ã¯ãã³ããããããªãªãŒã¹ãŸã§ãã€ãã©ã€ã³å šäœãèªç€Ÿã®åäžã«çœ®ãããšãå¯èœã§ãããå¿ èŠã§ãããšå€æããã ãã®ããããã¹ãŠãåäžã§ãããéè¡å ã®è£œåãæ åœããããŒã ã®ç®¡çäžã«çœ®ãããŸãã ã€ãŸããå€éšè«è² æ¥è ããªãã£ã¹ã®é£ã®éšå±ã§åã«ä»äºãããŠãããã®ããã§ãã äŒæ¥ã¹ã¿ãã¯äžã ããã¯æ®éã® DevOps ã§ãã
ã»ãã¯ã¯ã©ãããæ¥ãã®ã§ããïŒ ãã®éè¡ã®ã»ãã¥ãªãã£ã¯ãå€éšè«è² æ¥è ããããã¯ãŒã¯ ã»ã°ã¡ã³ãã§ã©ã®ããã«äœæ¥ã§ãããã誰ããã©ã®ãããªã¢ã¯ã»ã¹æš©ãæã£ãŠãããã誰ãã©ã®ããã«ã³ãŒããæäœãããã«ã€ããŠãé«ãèŠæ±ã課ããŠããŸãã ãã ãè«è² æ¥è ãå±å€ã§äœæ¥ããå Žåãéè¡ã®åºæºãã»ãšãã©å®ãããŠããªãããšã IB ããŸã ç¥ããªãã£ãã ãã§ãã ãããŠãæ°æ¥ä»¥å ã«å šå¡ããããã芳å¯ãå§ããå¿ èŠããããŸãã
è«è² æ¥è ã補åã³ãŒãã«å®å šã«ã¢ã¯ã»ã¹ã§ãããšããåçŽãªäºå®ãæããã«ãªã£ãã ãã§ããã§ã«äžçã¯ã²ã£ããè¿ããŸããã
ãã®ç¬éãããDevSecOps ã®ç©èªãå§ãŸããŸãããããã«ã€ããŠã話ããããšæããŸãã
ãã®ç¶æ³ããéè¡ã¯ã©ã®ãããªå®éçãªçµè«ãå°ãåºããã®ã§ãããã?
ãã¹ãŠãééã£ãæ¹æ³ã§è¡ãããŠãããšããäºå®ã«ã€ããŠã¯ãå€ãã®è«äºããããŸããã éçºè ãã¯ãã»ãã¥ãªãã£ã¯éçºã劚害ããã®ã«å¿ããã ãã§ãç£èŠå¡ã®ããã«äœãèããã«çŠæ¢ããããšããŠãããšè¿°ã¹ãã 次ã«ãã»ãã¥ãªãã£å°é家ã¯ããéçºè ãåè·¯ã«è匱æ§ãäœæããããããéçºè ã¯è匱æ§ãäœæããã®ã§ã¯ãªããéçºè èªèº«ã§ããããšãã芳ç¹ã®ã©ã¡ããéžæãããã§è¿·ã£ãŠããŸããã æ°ããªåžå Žã®éèŠãš DevSecOps ãã©ãã€ã ã®åºçŸããªããã°ããã®è«äºã¯é·æéç¶ããŠããã§ãããã ãããã«äœ¿ãããæ å ±ã»ãã¥ãªãã£èŠä»¶ãèæ ®ããããã»ã¹ã®èªååãã®ãã®ãã誰ããæºè¶³ãç¶ããã®ã«åœ¹ç«ã€ãšèª¬æããããšãã§ããŸããã ã«ãŒã«ã¯ããã«ææžåãããã²ãŒã äžã«å€æŽãããªããšããæå³ã§ (æ å ±ã»ãã¥ãªãã£ã¯äºæããäœããçŠæ¢ããŸãã)ãéçºè ã¯äœãèµ·ããããã¹ãŠã«ã€ããŠæ å ±ã»ãã¥ãªãã£ã«åžžã«ç¥ãããŸã (æ å ±ã»ãã¥ãªãã£ã¯çªç¶äœãã«ééããããã§ã¯ãããŸãã)ã ã åããŒã ã¯ãæœè±¡çãªå 貎åã§ã¯ãªããæçµçãªå®å šæ§ã«ã責任ãè² ããŸãã
- å€éšåŸæ¥å¡ã¯ãã§ã«ã³ãŒããšå€ãã®å éšã·ã¹ãã ã«ã¢ã¯ã»ã¹ã§ããããããéçºã¯å®å šã«éè¡ã®ã€ã³ãã©äžã§å®è¡ãããªããã°ãªããªãããšããèŠä»¶ãææžããåé€ããããšã¯ããããå¯èœã§ãããã
- äžæ¹ã§ãäœãèµ·ãã£ãŠãããã«å¯Ÿãã管çã匷åããå¿ èŠããããŸãã
- 劥åæ¡ã¯ãåŸæ¥å¡ãå€éšã®äººã ãšç·å¯ã«é£æºãããéšéãè¶ ããããŒã ã®åµèšã§ããã ãã®å ŽåãããŒã ãéè¡ã®ãµãŒããŒäžã®ããŒã«ã䜿çšããŠããããšã確èªããå¿ èŠããããŸãã æåããæåŸãŸã§ã
ã€ãŸããè«è² æ¥è ã®åå ¥ã¯èš±å¯ãããŸãããè«è² æ¥è ã«ã¯å¥ã®ã»ã°ã¡ã³ããå²ãåœãŠãå¿ èŠããããŸãã å€éšããéè¡ã®ã€ã³ãã©ã«äœããã®ææãæã¡èŸŒãŸãªãããã«ããŸãå¿ èŠä»¥äžã®ãã®ãèŠãªãããã«ããããã§ãã ã€ãŸãã圌ãã®è¡åãèšé²ãããã®ã§ãã æŒãã«å¯Ÿããä¿è·ã®ããã® DLPãããããã¹ãŠãå«ãŸããŠããŸãã
ååãšããŠããã¹ãŠã®éè¡ãé ããæ©ããããã«è³ããŸãã ããã§ç§ãã¡ã¯ã人éé¢ããéãæ©ã¿ããå€éšããæ©èœããç°å¢ã®èŠä»¶ã«ã€ããŠåæããŸããã æ倧éã®ç¯å²ã®ã¢ã¯ã»ã¹å¶åŸ¡ããŒã«ãè匱æ§ãã§ãã¯ããŒã«ãåè·¯ãã¢ã»ã³ããªããã¹ãã®ãŠã€ã«ã¹å¯Ÿçåæãç»å ŽããŸããã ãã㯠DevSecOps ãšåŒã°ããŸãã
DevSecOps 以åã¯éè¡ã»ãã¥ãªãã£ãéçºè åŽã§äœãèµ·ããããå¶åŸ¡ã§ããªãã£ããšããŠããæ°ãããã©ãã€ã ã§ã¯ã»ãã¥ãªãã£ã¯ã€ã³ãã©ã¹ãã©ã¯ãã£äžã®éåžžã®ã€ãã³ããšåãæ¹æ³ã§å¶åŸ¡ãããããšãçªç¶æããã«ãªããŸããã ã¢ã»ã³ããªãã©ã€ãã©ãªã®å¶åŸ¡ãªã©ã«é¢ããã¢ã©ãŒãã衚瀺ãããããã«ãªããŸããã
ããšã¯ããŒã ãæ°åã«ç§»è¡ããã ãã ã ããŠãã€ã³ãã©ãäœããŸãããã ãããããããã¯äºçŽ°ãªããšã§ããããã¯ããŠãæããããªãã®ã§ãã å®ã¯ç§ãã¡ãã€ã³ãã©é¢ã§ãæäŒãããããŠããã ããã®ã§ãããåœæã¯éçºããã»ã¹ãå€ããã€ã€ãããŸããã
å€åããããš
ç§ãã¡ã¯ãå€ãã®ããã»ã¹ã厩å£ããå€ãã®ãå€éšããå šå¡ã®ç£ç£äžã§ã®æ°ããåŽåæ¡ä»¶ã«èããããªãå¯èœæ§ãããããšãç解ããŠããããããããå°ããã€å°å ¥ããããšã«ããŸããã
ãŸããç§ãã¡ã¯éšé暪æçãªããŒã ãäœããæ°ããèŠä»¶ãèæ ®ããŠãããžã§ã¯ããçµç¹ããæ¹æ³ãåŠã³ãŸããã çµç¹çãªæå³ã§ãã©ã®ãããªããã»ã¹ãè¡ããã«ã€ããŠè°è«ããŸããã ãã®çµæããã¹ãŠã®è²¬ä»»è ãå«ãçµã¿ç«ãŠãã€ãã©ã€ã³ã®å³ãäœæãããŸããã
- CIïŒ GitãJenkinsãMavenãRoslynãGradleãjUnitãJiraãMF FortifyãCA HarvestãGitlabCIã
- CDïŒ AnsibleãPuppetãTeamCityãGitlab TFSãLiquidbaseã
- ãã¹ãïŒ SonarqubeãSoapUIãjMeterãSelenium: MF FortifyãPerformance CenterãMF UFTãAtaccamaã
- ãã¬ãŒã³ããŒã·ã§ã³ (ã¬ããŒããã³ãã¥ãã±ãŒã·ã§ã³): GrafanaãKibanaãJiraãConfluenceãRocketChatã
- æ¥åå·è¡çµ±æ¬ (ä¿å®ã管ç): AnsibleãZabbixãPrometheusãElastic + LogstashãMF Service ManagerãJiraãConfluenceãMS Projectã
éžæããã¹ã¿ãã¯:
- ãã¬ããž ããŒã¹ - Atlassian Confluence;
- ã¿ã¹ã¯ ãã©ãã«ãŒ - Atlassian Jira;
- ã¢ãŒãã£ãã¡ã¯ã ãªããžã㪠- ãNexusã;
- ç¶ç¶çã€ã³ãã°ã¬ãŒã·ã§ã³ ã·ã¹ãã - ãGitlab CIã;
- é£ç¶åæã·ã¹ãã - ãSonarQubeã;
- ã¢ããªã±ãŒã·ã§ã³ã»ãã¥ãªãã£åæã·ã¹ãã - ãMicro Focus Fortifyã;
- éä¿¡ã·ã¹ãã - ãGitLab Mattermostã;
- æ§æ管çã·ã¹ãã - ãAnsibleã;
- ç£èŠã·ã¹ãã - ãELKãããTICK StackãïŒãInfluxDataãïŒã
圌ãã¯è«è² æ¥è ã瀟å ã«åŒãå ¥ããæºåãã§ããŠããããŒã ãäœãå§ããŸããã ããã€ãã®éèŠãªç¹ãããããšã«æ°ã¥ããŸããã
- å°ãªããšãã³ãŒããéä¿¡ãããšãã¯ããã¹ãŠãçµ±äžããå¿ èŠããããŸãã ãªããªããç¬èªã®ç¹åŸŽãæã€ããŸããŸãªéçºããã»ã¹ãšåããããå€ãã®è«è² æ¥è ãååšããããã§ãã å šå¡ãã»ãŒ XNUMX ã€ã«åãããå¿ èŠããããŸãããããªãã·ã§ã³ããããŸããã
- è«è² æ¥è ãå€ããã€ã³ãã©ã®æåäœæã¯åããŠããªãã æ°ããã¿ã¹ã¯ã¯éåžžã«è¿ éã«éå§ãããå¿ èŠããããŸããã€ãŸããéçºè ããã€ãã©ã€ã³ã管çããããã®äžé£ã®ãœãªã¥ãŒã·ã§ã³ãçšæã§ããããã«ãã€ã³ã¹ã¿ã³ã¹ã¯ã»ãŒç¬æã«ãããã€ãããå¿ èŠããããŸãã
æåã®äžæ©ãèžã¿åºãã«ã¯ãäœãè¡ãããŠããããç解ããå¿ èŠããããŸããã ãããŠãããã«å°éããæ¹æ³ã決å®ããå¿ èŠããããŸããã ç§ãã¡ã¯ãã€ã³ãã©ã¹ãã©ã¯ãã£ãš CI/CD èªååã®äž¡æ¹ã§ã¿ãŒã²ãã ãœãªã¥ãŒã·ã§ã³ã®ã¢ãŒããã¯ãã£ã®æç»ãæ¯æŽããããšããå§ããŸããã 次ã«ããã®ã³ã³ãã¢ã®çµã¿ç«ãŠãéå§ããŸããã ç§ãã¡ã¯ãå šå¡ã«ãšã£ãŠåããåãã³ã³ãã€ãŒã皌åãã XNUMX ã€ã®ã€ã³ãã©ã¹ãã©ã¯ãã£ãå¿ èŠãšããŠããŸããã ç§ãã¡ã¯èšç®ã«åºã¥ããŠãªãã·ã§ã³ãæäŸããéè¡ã¯ãããèããŠãäœãã©ã®ãããªè³éã§å»ºèšãããã決å®ããŸããã
次ã¯åè·¯ã®äœæïœãœãããŠã§ã¢ã®ã€ã³ã¹ããŒã«ãèšå®ã§ãã ã€ã³ãã©ã¹ãã©ã¯ãã£ã®å°å ¥ãšç®¡çã®ããã®ã¹ã¯ãªããã®éçºã 次ã«ã³ã³ãã¢ãµããŒããžã®ç§»è¡ã§ãã
ç§ãã¡ã¯ãã€ãããã§ãã¹ãŠããã¹ãããããšã«ããŸããã èå³æ·±ãããšã«ãè©Šéšéçšäžã«ãç¹å®ã®ã¹ã¿ãã¯ãåããŠéè¡ã«åºçŸããŸããã ãšããããè¿ éãªç«ã¡äžãã®ããã®ãã€ãããã®ç¯å²ãšããŠããœãªã¥ãŒã·ã§ã³ã® XNUMX ã€ãæäŸããåœå ãã³ããŒãæäŸãããŸããã èŠåå¡ã¯åœŒãæ瞊ããŠããããšãç¥ããå¿ããããªãå°è±¡ãæ®ããŸããã ç§ãã¡ãåãæ¿ãã決ãããšãã幞ããªããšã«ãã€ã³ãã©ã¹ãã©ã¯ãã£å±€ã¯ä»¥åãããã§ã«ååšããŠãã Nutanix ãœãªã¥ãŒã·ã§ã³ã«çœ®ãæããããŸããã ãŸãã以åã¯VDIçšã§ããããã€ã³ãã©ãµãŒãã¹çšã«åå©çšããŸããã å°éã®å Žåã¯çµæžã«é©åããŸããã§ãããã倧éã®å Žåã¯éçºãšãã¹ãã«æé©ãªç°å¢ã«ãªããŸããã
ã¹ã¿ãã¯ã®æ®ãã®éšåã¯ãå€ããå°ãªãã誰ããããç¥ã£ãŠãããã®ã§ãã Ansible ã®èªååããŒã«ã䜿çšãããã»ãã¥ãªãã£å°é家ãããããšç·å¯ã«é£æºããŸããã Atlassin ã¹ã¿ãã¯ã¯ããããžã§ã¯ãã®åã«éè¡ã«ãã£ãŠäœ¿çšãããŠããŸããã ãã©ãŒãã£ããã ã»ãã¥ãªã㣠ããŒã« - ã»ãã¥ãªãã£æ åœè èªèº«ã«ãã£ãŠææ¡ãããŸããã ãã¹ããã¬ãŒã ã¯éè¡ã«ãã£ãŠäœæããã質åã¯ãããŸããã§ããã ãªããžã㪠ã·ã¹ãã ã«ã¯çåãçããã®ã§ãæ £ããå¿ èŠããããŸããã
è«è² æ¥è ã«ã¯æ°ããã¹ã¿ãã¯ãäžããããŸããã 圌ãã¯ãGitlabCI çšã«æžãçŽããããJira ãéè¡ã»ã°ã¡ã³ãã«ç§»è¡ãããããæéãäžããŠãããŸããã
äžæ©äžæ©
1ã¹ãããã ãŸããåœå ãã³ããŒã®ãœãªã¥ãŒã·ã§ã³ã䜿çšãã補åãæ°ããäœæãã DSO ãããã¯ãŒã¯ ã»ã°ã¡ã³ãã«æ¥ç¶ããŸããã ãã®ãã©ãããã©ãŒã ã¯ãçŽæãæ¡åŒµæ§ã®æè»æ§ãå®å šèªååã®å¯èœæ§ãçç±ã«éžæãããŸããã å®æœãããã¹ã:
- ä»®æ³åãã©ãããã©ãŒã ã€ã³ãã©ã¹ãã©ã¯ã㣠(ãããã¯ãŒã¯ããã£ã¹ã¯ ãµãã·ã¹ãã ãã³ã³ãã¥ãŒãã£ã³ã° ãªãœãŒã¹ ãµãã·ã¹ãã ) ã®æè»ãã€å®å šã«èªååããã管çã®å¯èœæ§ã
- ä»®æ³ãã·ã³ã®ã©ã€ããµã€ã¯ã«ç®¡ç (ãã³ãã¬ãŒããã¹ãããã·ã§ãããããã¯ã¢ãã) ã®èªååã
ãã©ãããã©ãŒã ã®ã€ã³ã¹ããŒã«ãšåºæ¬æ§æã®åŸãããã¯ç¬¬ XNUMX 段éã®ãµãã·ã¹ãã (DSO ããŒã«ãå°å£²ã·ã¹ãã éçºæŠèŠ) ã®é 眮ãã€ã³ããšããŠäœ¿çšãããŸããã ä»®æ³ãã·ã³ã®äœæãåé€ãå€æŽãããã¯ã¢ãããªã©ãå¿ èŠãªãã€ãã©ã€ã³ã®ã»ãããäœæãããŸããã ãããã®ãã€ãã©ã€ã³ã¯ãå±éããã»ã¹ã®æåã®æ®µéãšããŠäœ¿çšãããŸããã
ãã®çµæãæäŸãããæ©åšã¯éè¡ã®ããã©ãŒãã³ã¹ãšèé害æ§ã®èŠä»¶ãæºãããŠããŸããã éè¡ã® DIT ã¯ãNutanix ãœãããŠã§ã¢ ããã±ãŒãžã«åºã¥ããŠè€åäœãäœæããããšã決å®ããŸããã
段é2ã ç§ãã¡ã¯å®çŸ©ãããã¹ã¿ãã¯ãååŸãããã¹ãŠããã€ãããããã¿ãŒã²ããåè·¯ã«ã§ããã ãæ©ã転éãããããã«ããã¹ãŠã®ãµãã·ã¹ãã ã®èªåã€ã³ã¹ããŒã«ãšæ§æåŸã®ã¹ã¯ãªãããäœæããŸããã ãã¹ãŠã®ã·ã¹ãã ã¯ãã©ãŒã«ã ãã¬ã©ã³ãæ§æã§å±éãã (ãã®æ©èœã¯ãã³ããŒã®ã©ã€ã»ã³ã¹ ããªã·ãŒã«ãã£ãŠå¶éãããŸãã)ãã¡ããªã¯ã¹ãšã€ãã³ãåéãµãã·ã¹ãã ã«æ¥ç¶ãããŸããã IB ã¯èŠä»¶ãžã®æºæ ãåæãããŽãŒãµã€ã³ãåºããŸããã
段é3ã ãã¹ãŠã®ãµãã·ã¹ãã ãšãã®èšå®ãæ°ãã PAC ã«ç§»è¡ããŸãã ã€ã³ãã©ã¹ãã©ã¯ãã£èªååã¹ã¯ãªãããæžãçŽãããDSO ãµãã·ã¹ãã ã®ç§»è¡ãå®å šèªåã¢ãŒãã§å®äºããŸããã IPéçºã®èŒªéã¯ãéçºããŒã ã®ãã€ãã©ã€ã³ã«ãã£ãŠåçŸãããŸããã
4ã¹ãããã ã¢ããªã±ãŒã·ã§ã³ãœãããŠã§ã¢ã®ã€ã³ã¹ããŒã«ãèªååããŸãã ãããã®ã¿ã¹ã¯ã¯ãæ°ããããŒã ã®ããŒã ãªãŒããŒã«ãã£ãŠèšå®ãããŸããã
5ã¹ãããã æŸåã
ãªã¢ãŒãã¢ã¯ã»ã¹
éçºããŒã ã¯åè·¯ã®æäœã«æ倧éã®æè»æ§ãæ±ããå人ã®ã©ãããããããã®ãªã¢ãŒã ã¢ã¯ã»ã¹ã®èŠä»¶ã¯ãããžã§ã¯ãã®æåã®æ®µéã§æèµ·ãããŸããã ãã®éè¡ã¯ãã§ã«ãªã¢ãŒã ã¢ã¯ã»ã¹ãåããŠããŸããããéçºè ã«ã¯é©ããŠããŸããã§ããã å®éããã®ã¹ããŒã ã§ã¯ãä¿è·ããã VDI ãžã®ãŠãŒã¶ãŒã®æ¥ç¶ã䜿çšãããŠããŸããã ããã¯ãè·å Žã§éµäŸ¿ç©ãšäºåçšããã±ãŒãžã®ã¿ãå¿ èŠãªäººã ã«é©ããŠããŸããã éçºè ã¯ã倧éã®ãªãœãŒã¹ãåãããé«ããã©ãŒãã³ã¹ã®ãã㌠ã¯ã©ã€ã¢ã³ããå¿ èŠãšããŸãã ãããŠãã¡ãããVStudio (ããšãã°) ãä»ã® SDK ã䜿çšãããŠãŒã¶ãŒã®ãŠãŒã¶ãŒ ã»ãã·ã§ã³ã倱ãããããšã¯èš±å®¹ã§ããªããããéçã§ããå¿ èŠããããŸãã ãã¹ãŠã®éçºããŒã åãã«å€æ°ã®ã·ãã¯ãªéç VDI ãç·šæãããšãæ¢åã® VDI ãœãªã¥ãŒã·ã§ã³ã®ã³ã¹ããå€§å¹ ã«å¢å ããŸããã
ç§ãã¡ã¯ãéçºéšéã®ãªãœãŒã¹ãžã®çŽæ¥ãªã¢ãŒã ã¢ã¯ã»ã¹ã«åãçµãããšã«ããŸããã JiraãWikiãGitlabãNexusããã«ããã³ããšãã¹ããã³ããä»®æ³ã€ã³ãã©ã¹ãã©ã¯ãã£ã èŠåå¡ã¯ã以äžã®æ¡ä»¶ãæºããå Žåã«ã®ã¿ã¢ã¯ã»ã¹ãæäŸã§ããããã«èŠæ±ããŸããã
- éè¡ã§ãã§ã«å©çšå¯èœãªãã¯ãããžãŒã䜿çšããŸãã
- ã€ã³ãã©ã¹ãã©ã¯ãã£ã§ã¯ãæ¬çšŒåã¢ã«ãŠã³ã ãªããžã§ã¯ãã®ã¬ã³ãŒããä¿åããæ¢åã®ãã¡ã€ã³ ã³ã³ãããŒã©ãŒã䜿çšããªãã§ãã ããã
- ã¢ã¯ã»ã¹ã¯ãç¹å®ã®ããŒã ãå¿ èŠãšãããªãœãŒã¹ã®ã¿ã«å¶éããå¿ èŠããããŸã (ãã補åããŒã ãå¥ã®ããŒã ã®ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ã§ããªãããã«ãããã)ã
- ã·ã¹ãã å ã® RBAC ãæ倧éã«å¶åŸ¡ããŸãã
ãã®çµæããã®ã»ã°ã¡ã³ãã«å¯ŸããŠå¥ã®ãã¡ã€ã³ãäœæãããŸããã ãã®ãã¡ã€ã³ã«ã¯ããŠãŒã¶ãŒèªèšŒæ å ±ãšã€ã³ãã©ã¹ãã©ã¯ãã£ã®äž¡æ¹ã®ãã¹ãŠã®éçºã»ã°ã¡ã³ã ãªãœãŒã¹ãå容ãããŠããŸããã ãã®ãã¡ã€ã³ã®ã¬ã³ãŒãã®ã©ã€ããµã€ã¯ã«ã¯ãéè¡å ã«ååšãã IdM ã䜿çšããŠç®¡çãããŸãã
çŽæ¥ãªã¢ãŒã ã¢ã¯ã»ã¹ã¯éè¡ã®æ¢åã®æ©åšã«åºã¥ããŠçµç¹ãããŸããã ã¢ã¯ã»ã¹å¶åŸ¡ã¯ãã³ã³ããã¹ãã«é¢ããã«ãŒã«ã察å¿ãã AD ã°ã«ãŒãã«åå²ãããŸãã (XNUMX ã€ã®è£œåã°ã«ãŒã = XNUMX ã€ã®ã«ãŒã« ã°ã«ãŒã)ã
VM ãã³ãã¬ãŒãã®ç®¡ç
ç°å¢ãæºåããé床ã¯ãã€ãã©ã€ã³å šäœã®å®è¡æéã«çŽæ¥åœ±é¿ãããããã¢ã»ã³ããªããã³ãã¹ã ã«ãŒãã®äœæé床ã¯ãéçºéšéã®è²¬ä»»è ã«ãã£ãŠèšå®ããã䞻㪠KPI ã® XNUMX ã€ã§ãã åºæ¬ VM ã€ã¡ãŒãžãæºåããããã® XNUMX ã€ã®ãªãã·ã§ã³ãæ€èšãããŸããã XNUMX ã€ç®ã¯ãæå°ç»åãµã€ãºããã¹ãŠã®ã·ã¹ãã 補åã®ããã©ã«ããèšå®ã«é¢ããéè¡ã®ããªã·ãŒãžã®æ倧éã®æºæ ã§ãã XNUMX ã€ç®ã¯åºæ¬ã€ã¡ãŒãžã§ããããã«ã¯åŒ·å㪠POPPO ãã€ã³ã¹ããŒã«ãããŠããããã®ã€ã³ã¹ããŒã«æéã¯ãã€ãã©ã€ã³ã®å®è¡é床ã«å€§ãã圱é¿ããå¯èœæ§ããããŸãã
éçºäžã«ã¯ãã€ã¡ãŒãžãææ°ã®ç¶æ ã«ä¿ã€ (ããããªã©)ãSIEM ãšã®çµ±åãéè¡æšæºã«åŸã£ãã»ãã¥ãªãã£èšå®ãªã©ãã€ã³ãã©ã¹ãã©ã¯ãã£ãšã»ãã¥ãªãã£ã®èŠä»¶ãèæ ®ãããŸããã
ãã®çµæãã€ã¡ãŒãžãææ°ã®ç¶æ ã«ä¿ã€ã³ã¹ããæå°éã«æããããã«ãæå°éã®ã€ã¡ãŒãžã䜿çšããããšã決å®ãããŸããã POPPO ã®æ°ããããŒãžã§ã³çšã«åã€ã¡ãŒãžã«ããããé©çšããããããããŒã¹ OS ãæŽæ°ããæ¹ãã¯ããã«ç°¡åã§ãã
çµæã«åºã¥ããŠãæå°éå¿ èŠãªãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã®ã»ããã®ãªã¹ããäœæããããã®æŽæ°ã¯éçšããŒã ã«ãã£ãŠå®è¡ããããã€ãã©ã€ã³ã®ã¹ã¯ãªããããœãããŠã§ã¢ã®æŽæ°ãšãå¿ èŠã«å¿ããŠããŒãžã§ã³ã®å€æŽããã¹ãŠæ åœããŸããã€ã³ã¹ããŒã«ãããŠãããœãããŠã§ã¢ã®å¿ èŠãªã¿ã°ããã€ãã©ã€ã³ã«è»¢éããã ãã§ãã ã¯ããããã«ã¯ Devops 補åããŒã ãããè€éãªå±éã·ããªãªãçšæããå¿ èŠããããŸãããããŒã¹ ã€ã¡ãŒãžã®ãµããŒãã«å¿ èŠãªéçšæéãå€§å¹ ã«ççž®ãããŸããããããªããšãç¶æããããã« XNUMX ãè¶ ããããŒã¹ VM ã€ã¡ãŒãžãå¿ èŠã«ãªãå¯èœæ§ããããŸãã
ã€ã³ã¿ãŒãããã¢ã¯ã»ã¹
éè¡ã»ãã¥ãªãã£ã«é¢ãããã XNUMX ã€ã®é害ã¯ãéçºç°å¢ããã€ã³ã¿ãŒããã ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ã§ããã ããã«ããã®ã¢ã¯ã»ã¹ã¯ XNUMX ã€ã®ã«ããŽãªã«åé¡ã§ããŸãã
- ã€ã³ãã©ã¹ãã©ã¯ãã£ãžã®ã¢ã¯ã»ã¹ã
- éçºè ã¢ã¯ã»ã¹ã
ã€ã³ãã©ã¹ãã©ã¯ãã£ãžã®ã¢ã¯ã»ã¹ã¯ãNexus ã䜿çšããŠå€éšãªããžããªããããã·ããããšã«ãã£ãŠçµç¹ãããŸããã ã€ãŸããä»®æ³ãã·ã³ããã®çŽæ¥ã¢ã¯ã»ã¹ã¯æäŸãããŸããã§ããã ããã«ãããéçºéšéããå€éšãžã®ã¢ã¯ã»ã¹ãæäŸããããšãæåºãšããŠå察ããæ å ±ã»ãã¥ãªãã£ãšã®åŠ¥åç¹ã«éããããšãå¯èœã«ãªããŸããã
éçºè ã¯æçœãªçç± (ã¹ã¿ãã¯ãªãŒããŒãããŒ) ããã€ã³ã¿ãŒããããžã®ã¢ã¯ã»ã¹ãå¿ èŠãšããŠããŸããã äžã§è¿°ã¹ãããã«ããã¹ãŠã®ã³ãã³ãã¯åè·¯ã«ãªã¢ãŒã ã¢ã¯ã»ã¹ã§ããŸããããIDE ã®éè¡ã®éçºè ã®äœæ¥å Žãã Ctrl+V ãå®è¡ã§ããªãå Žåãå¿ ããã䟿å©ãšã¯éããŸããã
IS ãšã¯ãæåã®ãã¹ã段éã§ã¯ããã¯ã€ããªã¹ãã«åºã¥ããŠéè¡ãããã·ãéããŠã¢ã¯ã»ã¹ãæäŸããããšããåæã«éããŸããã ãããžã§ã¯ããå®äºãããšãã¢ã¯ã»ã¹ã¯ãã©ãã¯ãªã¹ãã«ç§»ãããŸãã ãããžã§ã¯ãã®éå§æã«ã¢ã¯ã»ã¹ãå¿ èŠãªäž»èŠãªãªãœãŒã¹ãšãªããžããªã瀺ã巚倧ãªã¢ã¯ã»ã¹ ããŒãã«ãçšæãããŸããã ãããã®ã¢ã¯ã»ã¹ã®èª¿æŽã«ã¯ããªãã®æéããããããã®ãããã©ãã¯ãªã¹ããžã®å¯èœãªéãè¿ éãªç§»è¡ã䞻匵ããããšãå¯èœã«ãªããŸããã
çµæ
ãã®ãããžã§ã¯ã㯠XNUMX 幎匱åã«çµäºããŸããã å¥åŠãªããšã«ããã¹ãŠã®è«è² æ¥è ãæééãã«æ°ããã¹ã¿ãã¯ã«åãæ¿ããæ°ããèªååã®ããã«éè·ãã人ã¯äžäººãããŸããã§ããã IB ã¯è¯å®çãªãã£ãŒãããã¯ãæ¥ãã§å ±æããããšã¯ãããŸããããæå¥ãèšããªããããIB ã¯æ°ã«å ¥ã£ãŠãããšçµè«ä»ããããšãã§ããŸãã æ å ±ã»ãã¥ãªãã£ãåã³å¶åŸ¡ãããŠãããšæããããããã«ãªããéçºããã»ã¹ã«ã¯å¹²æžããªããããçŽäºã¯æ²éåããŸããã ããŒã ã«ã¯ããå€ãã®è²¬ä»»ãäžããããæ å ±ã»ãã¥ãªãã£ã«å¯Ÿããå šäœçãªå§¿å¢ãè¯ããªããŸããã éè¡ã¯ãDevSecOps ãžã®ç§»è¡ãã»ãŒäžå¯é¿ã§ããããšãç解ããŠãããç§ã®æèŠã§ã¯ãæãç©ããã§æ£ããæ¹æ³ã§ãããå®è¡ããŸããã
ã¢ã¬ã¯ãµã³ããŒã»ã·ã¥ãŒãã³ãã·ã¹ãã ã¢ãŒããã¯ãã
åºæïŒ habr.com