çµéšã®æµ
ã人ã®é ã®äžã§ã¯ãã»ãã¥ãªãã£ç®¡çè
ã®ä»äºã¯ãåããã«ãŒãšäŒæ¥ãããã¯ãŒã¯ã«çµ¶ãã䟵å
¥ããéªæªãªããã«ãŒã®éã®ãšããµã€ãã£ã³ã°ãªæ±ºéã®ããã«èŠããŸãã ãããŠãç§ãã¡ã®ããŒããŒã¯ãªã¢ã«ã¿ã€ã ã§ãå·§ã¿ãã€è¿
éã«ã³ãã³ããå
¥åããããšã§å€§èãªæ»æãæéããæçµçã«ã¯èŒãããåè
ãšããŠæµ®äžããŸãã
å£ãšãã¹ã±ããéã®ä»£ããã«ããŒããŒããæã£ãçç«é士ã®ãããªãã®ã§ãã
ãããå®éã«ã¯ããã¹ãŠãå¹³å¡ã§ãæ°åãããéå±ã«ããèŠãããããããŸããã
äž»ãªåææ¹æ³ã® XNUMX ã€ã¯ããã¯ãã€ãã³ã ãã°ã®èªã¿åãã§ãã äž»é¡ã«ã€ããŠã®åŸ¹åºçãªç 究:
- 誰ãã©ãããäŸµå ¥ããããšããã®ããã©ã®ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ããããšããã®ãããªãœãŒã¹ã«ã¢ã¯ã»ã¹ããæš©å©ãã©ã®ããã«èšŒæããã®ãã
- ã©ã®ãããªå€±æããšã©ãŒããããŠåã«çãããå¶ç¶ããã£ãã®ãã
- ã·ã¹ãã ã®åŒ·åºŠãã¹ãã£ã³ãããããŒããéžæããããã¹ã¯ãŒãã誰ãã©ã®ããã«ãã¹ããããã
- ãªã©ãªã©âŠ
ããŠãããã§ããã³ã¹ãšã¯äžäœäœã§ãããç¥ã¯ãé転äžã«å± ç ããããŠã¯ãªããŸããããçŠããŠããŸãã
ç§ãã¡ã®å°é家ãã¢ãŒããžã®ææ ãå®å šã«å€±ããªãããã«ã圌ãã®ç掻ã楜ã«ããããŒã«ãçºæãããŠããŸãã ãããã¯ãããããçš®é¡ã®ã¢ãã©ã€ã¶ãŒ (ãã° ããŒãµãŒ)ãé倧ãªã€ãã³ããéç¥ããç£èŠã·ã¹ãã ãªã©ã§ãã
ãã ããåªããããŒã«ã䜿çšããŠãã€ã³ã¿ãŒããã ã²ãŒããŠã§ã€ãªã©ã®åããã€ã¹ã«æåã§ãã蟌ã¿å§ãããšãããã»ã©åçŽã§ã¯ãªããããã»ã©äŸ¿å©ã§ããããŸããããŸãããšãããããŸã£ããç°ãªãåéããã®è¿œå ã®ç¥èãå¿ èŠã«ãªããŸããå°åã ããšãã°ããã®ãããªç£èŠã®ããã®ãœãããŠã§ã¢ãã©ãã«é 眮ããã? ç©çãµãŒããŒãä»®æ³ãã·ã³ãç¹å¥ãªããã€ã¹äžã§ãããã? ããŒã¿ã¯ã©ã®ãããªåœ¢åŒã§ä¿åããå¿ èŠããããŸãã? ããŒã¿ããŒã¹ã䜿çšããå Žåãã©ãã䜿çšããŸãã? ããã¯ã¢ããã¯ã©ã®ããã«å®è¡ããã°ããã§ãã?ãŸããããã¯ã¢ãããå®è¡ããå¿ èŠããããŸãã? 管çæ¹æ³ã¯ïŒ ã©ã®ã€ã³ã¿ãŒãã§ãŒã¹ã䜿çšããã°ããã§ãã? ã·ã¹ãã ãä¿è·ããã«ã¯ã©ãããã°ããã§ãã? ã©ã®æå·åæ¹åŒã䜿çšãããããã®ä»ã«ãããŸããŸãªããšãèããããŸãã
ãªã¹ãããããã¹ãŠã®åé¡ã®è§£æ±ºçãåŒãåããç¹å®ã®çµ±äžã¡ã«ããºã ãããã°ã管çè ã¯ãã®è©³çŽ°ã®æ çµã¿å ã§å³å¯ã«äœæ¥ããããšãã§ããäœæ¥ã¯ã¯ããã«ç°¡åã«ãªããŸãã
ç¹å®ã®ãã¹ãäžã«ååšããªããã®ãã¹ãŠããã¯ã©ãŠãããšããçšèªãšåŒã¶ãšãã確ç«ãããäŒçµ±ã«åŸã£ãŠãZyxel CNM SecuReporter ã¯ã©ãŠã ãµãŒãã¹ã䜿çšãããšãå€ãã®åé¡ã解決ã§ããã ãã§ãªãã䟿å©ãªããŒã«ãæäŸãããŸãã
Zyxel CNM SecuReporter ãšã¯äœã§ãã?
ZyWALLã©ã€ã³ã®Zyxelæ©åšããã³ãã®è£œåã®ããŒã¿åéãçµ±èšåæïŒçžé¢ïŒãã¬ããŒãæ©èœãåããã€ã³ããªãžã§ã³ãåæãµãŒãã¹ã§ãã ãããã¯ãŒã¯ç®¡çè
ã¯ããããã¯ãŒã¯äžã®ããŸããŸãªã¢ã¯ãã£ããã£ãäžå
çã«ç¢ºèªã§ããŸãã
ããšãã°ãæ»æè
ã¯æ¬¡ã®ãããªæ»æã¡ã«ããºã ã䜿çšããŠã»ãã¥ãªã㣠ã·ã¹ãã ãžã®äŸµå
¥ãè©Šã¿ãå¯èœæ§ããããŸãã ã¹ãã«ã¹ãã¿ãŒã²ãããçµã£ã О æ°žç¶æ§ã SecuReporter ã¯äžå¯©ãªåäœãæ€åºããããã管çè
㯠ZyWALL ãæ§æããããšã§å¿
èŠãªä¿è·æªçœ®ãè¬ããããšãã§ããŸãã
ãã¡ããããªã¢ã«ã¿ã€ã ã§èŠåãçºããç¶ç¶çãªããŒã¿åæãªãã«ã¯ãã»ãã¥ãªãã£ã確ä¿ããããšã¯èããããŸããã ãããã§ãçŸããã°ã©ããæãããšãã§ããŸããã管çè ãäœãèµ·ãã£ãŠããã®ããèªèããŠããªããã°âŠãããSecuReporter ã§ã¯ãããªããšã¯çµ¶å¯Ÿã«ããåŸãŸããã
SecuReporter ã®äœ¿çšã«é¢ããããã€ãã®è³ªå
åæè«
å®éãäœãèµ·ãã£ãŠããããåæããããšããæ å ±ã»ãã¥ãªãã£æ§ç¯ã®äžæ žã§ãã ã»ãã¥ãªãã£å°é家ã¯ã€ãã³ããåæããããšã§ãæ»æãæéå ã«é²æ¢ãŸãã¯åæ¢ã§ããã ãã§ãªãã蚌æ ãåéããããã«åæ§ç¯ã®ããã®è©³çŽ°ãªæ å ±ãååŸããããšãã§ããŸãã
ãã¯ã©ãŠãã¢ãŒããã¯ãã£ãã¯äœãæäŸããã®ã§ããããïŒ
ãã®ãµãŒãã¹ã¯ãSoftware as a Service (SaaS) ã¢ãã«ã«åºã¥ããŠæ§ç¯ãããŠããããªã¢ãŒã ãµãŒããŒãåæ£ããŒã¿ ã¹ãã¬ãŒãž ã·ã¹ãã ãªã©ã®æ©èœãå©çšããŠç°¡åã«æ¡åŒµã§ããŸãã ã¯ã©ãŠã ã¢ãã«ã䜿çšãããšãããŒããŠã§ã¢ãšãœãããŠã§ã¢ã®åŸ®åŠãªéããæœè±¡åããä¿è·ãµãŒãã¹ã®äœæãšæ¹åã«å
šåã泚ãããšãã§ããŸãã
ããã«ããããŠãŒã¶ãŒã¯ãã¹ãã¬ãŒãžãåæãã¢ã¯ã»ã¹ã®æäŸã®ããã®æ©åšã®è³Œå
¥ã³ã¹ãã倧å¹
ã«åæžã§ããããã¯ã¢ãããã¢ããããŒããé害äºé²ãªã©ã®ã¡ã³ããã³ã¹ã®åé¡ã«å¯ŸåŠããå¿
èŠããªããªããŸãã SecuReporter ããµããŒãããããã€ã¹ãšé©åãªã©ã€ã»ã³ã¹ãããã°ååã§ãã
éèŠïŒ ã¯ã©ãŠãããŒã¹ã®ã¢ãŒããã¯ãã£ã«ãããã»ãã¥ãªãã£ç®¡çè ã¯ãã€ã§ãã©ãã§ããããã¯ãŒã¯ã®å¥å šæ§ãããã¢ã¯ãã£ãã«ç£èŠã§ããŸãã ããã«ãããäŒæãç æ°äŒæãªã©ã®åé¡ã解決ãããŸãã æ©åšãžã®ã¢ã¯ã»ã¹ (ããšãã°ãSecuReporter Web ã€ã³ã¿ãŒãã§ã€ã¹ã«ã¢ã¯ã»ã¹ããã©ãããããã®çé£) ã«ãã£ãŠãããã®ææè ãã»ãã¥ãªã㣠ã«ãŒã«ã«éåããŠããªãããã¹ã¯ãŒããããŒã«ã«ã«ä¿åããŠããªããªã©ã®æ¡ä»¶ãããã°ãäœãåŸãããŸããã
ã¯ã©ãŠã管çãªãã·ã§ã³ã¯ãåãéœåžã«ããåäžäŒæ¥ãšæ¯åºãæã€çµç¹ã®äž¡æ¹ã«é©ããŠããŸãã ãã®ãããªå Žæã®ç¬ç«æ§ã¯ãããŸããŸãªæ¥çã§å¿ èŠãšãããŠããŸããããšãã°ãããžãã¹ãè€æ°ã®éœåžã«åæ£ããŠãããµãŒãã¹ ãããã€ããŒããœãããŠã§ã¢éçºè ãªã©ã§ãã
ç§ãã¡ã¯åæã®å¯èœæ§ã«ã€ããŠãã話ããŸãããããã¯äœãæå³ããã®ã§ãããã?
ãããã¯ããŸããŸãªåæããŒã«ã§ãããããšãã°ãã€ãã³ãã®é »åºŠã®æŠèŠãç¹å®ã®ã€ãã³ãã®äž»ãª (å®éã®è¢«å®³è ãšçããã) 被害è ããã 100 ã®ãªã¹ããç¹å®ã®æ»æ察象ã瀺ããã°ãªã©ã§ãã 管çè ãé ããåŸåãç¹å®ãããŠãŒã¶ãŒãŸãã¯ãµãŒãã¹ã®äžå¯©ãªåäœãç¹å®ããã®ã«åœ¹ç«ã€ãã®ã
å ±åã«ã€ããŠã¯ã©ãã§ããïŒ
SecuReporter ã䜿çšãããšãã¬ããŒã ãã©ãŒã ãã«ã¹ã¿ãã€ãºããçµæã PDF 圢åŒã§åãåãããšãã§ããŸãã ãã¡ãããå¿ èŠã«å¿ããŠãããŽãã¬ããŒãã®ã¿ã€ãã«ãåèæç®ãæšå¥šäºé ãã¬ããŒãã«åã蟌ãããšãã§ããŸãã ãªã¯ãšã¹ãæã«ã¬ããŒããäœæããããXNUMX æ¥ã« XNUMX åãXNUMX é±éã« XNUMX åãXNUMX ãæã« XNUMX åãªã©ã®ã¹ã±ãžã¥ãŒã«ã«åºã¥ããŠã¬ããŒããäœæãããããããšãã§ããŸãã
ãããã¯ãŒã¯ ã€ã³ãã©ã¹ãã©ã¯ãã£å ã®ãã©ãã£ãã¯ã®è©³çŽ°ãèæ ®ããŠãèŠåã®çºè¡ãæ§æã§ããŸãã
å éšé¢ä¿è ãåãªãæ ãè ã«ããå±éºãæžããããšã¯å¯èœã§ãããã?
ç¹å¥ãª User Partially Quotient ããŒã«ã䜿çšãããšã管çè ã¯è¿œå ã®åŽåããããã«ãããŸããŸãªãããã¯ãŒã¯ ãã°ãã€ãã³ãéã®äŸåé¢ä¿ãèæ ®ããªãããå±éºãªãŠãŒã¶ãŒãè¿ éã«ç¹å®ã§ããŸãã
ã€ãŸããçããããšæããããŠãŒã¶ãŒã«é¢é£ãããã¹ãŠã®ã€ãã³ããšãã©ãã£ãã¯ã®è©³çŽ°ãªåæãå®è¡ãããŸãã
ä»ã« SecuReporter ã«ç¹æã®ç¹ã¯äœã§ãã?
ãšã³ããŠãŒã¶ãŒïŒã»ãã¥ãªãã£ç®¡çè ïŒåãã®ç°¡åãªã»ããã¢ããã
ã¯ã©ãŠãã§ã® SecuReporter ã®ã¢ã¯ãã£ãåã¯ãç°¡åãªã»ããã¢ããæé ãéããŠè¡ãããŸãã ãã®åŸã管çè ã¯ããã«ãã¹ãŠã®ããŒã¿ãåæãã¬ããŒã ããŒã«ã«ã¢ã¯ã»ã¹ã§ããããã«ãªããŸãã
åäžã®ã¯ã©ãŠã ãã©ãããã©ãŒã äžã®ãã«ãããã³ã - ã¯ã©ã€ã¢ã³ãããšã«åæãã«ã¹ã¿ãã€ãºã§ããŸãã ç¹°ãè¿ãã«ãªããŸããã顧客ããŒã¹ãå¢å ããŠããã¯ã©ãŠã ã¢ãŒããã¯ãã£ã«ãããå¹çãç ç²ã«ããããšãªãå¶åŸ¡ã·ã¹ãã ãç°¡åã«é©å¿ãããããšãã§ããŸãã
ããŒã¿ä¿è·æ³
éèŠïŒ Zyxel ã¯ãGDPR ã OECD ãã©ã€ãã·ãŒååãªã©ãå人ããŒã¿ã®ä¿è·ã«é¢ããåœéæ³ãçŸå°æ³ããã®ä»ã®èŠå¶ã«éåžžã«ææã§ãã 27.07.2006 幎 152 æ XNUMX æ¥ä»ãã®é£éŠæ³ãå人ããŒã¿ã«ã€ããŠãNo. XNUMX-FZ ã«ãã£ãŠãµããŒããããŠããŸãã
ã³ã³ãã©ã€ã¢ã³ã¹ã確ä¿ããããã«ãSecuReporter ã«ã¯ XNUMX ã€ã®ãã©ã€ãã·ãŒä¿è·ãªãã·ã§ã³ãçµã¿èŸŒãŸããŠããŸãã
- éå¿åããŒã¿ - å人ããŒã¿ã¯ãã¢ãã©ã€ã¶ãŒãã¬ããŒããããã³ããŠã³ããŒãå¯èœãªã¢ãŒã«ã€ã ãã°ã§å®å šã«ç¹å®ãããŸãã
- éšåçã«å¿å - å人ããŒã¿ã¯ã¢ãŒã«ã€ã ãã°å ã®äººå·¥çãªèå¥åã«çœ®ãæããããŸãã
- å®å šã«å¿å - å人ããŒã¿ã¯ãã¢ãã©ã€ã¶ãŒãã¬ããŒããããã³ããŠã³ããŒãå¯èœãªã¢ãŒã«ã€ã ãã°ã§å®å šã«å¿ååãããŸãã
ããã€ã¹ã§ SecuReporter ãæå¹ã«ããã«ã¯ã©ãããã°ããã§ãã?
ZyWall ããã€ã¹ã®äŸãèŠãŠã¿ãŸããã (ãã®å Žå㯠ZyWall 1100 ã§ã)ã èšå®ã»ã¯ã·ã§ã³ã«ç§»åããŸãïŒXNUMXã€ã®æ¯è»ã®åœ¢ã®ã¢ã€ã³ã³ãä»ããŠããå³åŽã®ã¿ãïŒã 次ã«ãCloud CNM ã»ã¯ã·ã§ã³ãéãããã®äžã® SecuReporter ãµãã»ã¯ã·ã§ã³ãéžæããŸãã
ãµãŒãã¹ã®äœ¿çšãèš±å¯ããã«ã¯ãEnable SecuReporter èŠçŽ ãã¢ã¯ãã£ãã«ããå¿ èŠããããŸãã ããã«ããã©ãã£ã㯠ãã°ãåéããŠåæããã«ã¯ã[ãã©ãã£ã㯠ãã°ãå«ãã] ãªãã·ã§ã³ã䜿çšãã䟡å€ããããŸãã
å³ 1. SecuReporter ã®æå¹åã
XNUMX çªç®ã®ã¹ãããã¯ãçµ±èšåéãèš±å¯ããããšã§ãã ããã¯ããç£èŠãã»ã¯ã·ã§ã³ (ã¢ãã¿ãŒã®åœ¢ã®ã¢ã€ã³ã³ãä»ããŠããå³åŽã®ã¿ã) ã§è¡ãããŸãã
次ã«ãUTM çµ±èšã»ã¯ã·ã§ã³ã® App Patrol ãµãã»ã¯ã·ã§ã³ã«ç§»åããŸãã ããã§ã¯ã[çµ±èšã®åé] ãªãã·ã§ã³ãæå¹ã«ããå¿ èŠããããŸãã
å³ 2. çµ±èšåéã®æå¹åã
ããã§ãSecuReporter Web ã€ã³ã¿ãŒãã§ã€ã¹ã«æ¥ç¶ããã¯ã©ãŠã ãµãŒãã¹ã䜿çšã§ããããã«ãªããŸãã
éèŠïŒ SecuReporter ã«ã¯ãPDF 圢åŒã®åªããããã¥ã¡ã³ãããããŸãã ããããŠã³ããŒãã§ããŸã
SecuReporter Web ã€ã³ã¿ãŒãã§ã€ã¹ã®èª¬æ
SecuReporter ãã»ãã¥ãªãã£ç®¡çè
ã«æäŸãããã¹ãŠã®æ©èœã®è©³çŽ°ãããã§èª¬æããããšã¯ã§ããŸãããXNUMX ã€ã®èšäºã«éåžžã«å€ãã®æ©èœãå«ãŸããŠããŸãã
ãããã£ãŠã管çè ãç®ã«ãããµãŒãã¹ãšã管çè ãåžžã«äœ¿çšããŠãããµãŒãã¹ã®ç°¡åãªèª¬æã«éå®ããŸãã ããã§ãSecuReporter Web ã³ã³ãœãŒã«ãäœã§æ§æãããŠããããç解ããŠãã ããã
å°å³
ãã®ã»ã¯ã·ã§ã³ã«ã¯ãç»é²ãããŠããæ©åšã衚瀺ãããéœåžãããã€ã¹åãIP ã¢ãã¬ã¹ã瀺ãããŸãã ããã€ã¹ã®é»æºããªã³ã«ãªã£ãŠãããã©ãããããã³èŠåã¹ããŒã¿ã¹ãã©ã®ãããªãã®ã§ãããã«é¢ããæ å ±ã衚瀺ãããŸãã è åšãããã§ã¯ãæ»æè ã䜿çšãããã±ããã®éä¿¡å ãšæ»æã®é »åºŠã確èªã§ããŸãã
ããã·ã¥ããŒã
æå®ãããæéã®äž»ãªã¢ã¯ã·ã§ã³ã«é¢ããç°¡åãªæ å ±ãšç°¡æœãªåææŠèŠã æé㯠7 æ¥ãã 1 æéãŸã§æå®ã§ããŸãã
å³ 3. [ããã·ã¥ããŒã] ã»ã¯ã·ã§ã³ã®å€èŠ³ã®äŸã
ã¢ãã©ã€ã¶
ååèªäœããããç©èªã£ãŠããŸãã ããã¯ãéžæããæéã®äžå¯©ãªãã©ãã£ãã¯ã蚺æããè åšã®åºçŸåŸåãç¹å®ããäžå¯©ãªãã±ããã«é¢ããæ å ±ãåéããååã®ããŒã«ã®ã³ã³ãœãŒã«ã§ãã Analyzer ã¯ãæãäžè¬çãªæªæã®ããã³ãŒãã远跡ã§ããã»ããã»ãã¥ãªãã£åé¡ã«é¢ããè¿œå æ å ±ãæäŸããŸãã
å³ 4. Analyzer ã»ã¯ã·ã§ã³ã®å€èŠ³ã®äŸã
å ±å
ãã®ã»ã¯ã·ã§ã³ã§ã¯ããŠãŒã¶ãŒã¯ã°ã©ãã£ã«ã« ã€ã³ã¿ãŒãã§ã€ã¹ã䜿çšããŠã«ã¹ã¿ã ã¬ããŒãã«ã¢ã¯ã»ã¹ã§ããŸãã å¿ èŠãªæ å ±ãåéããããã«ããŸãã¯ã¹ã±ãžã¥ãŒã«ã«åºã¥ããŠäŸ¿å©ãªãã¬ãŒã³ããŒã·ã§ã³ã«ãŸãšããããšãã§ããŸãã
ã¢ã©ãŒã
ããã§èŠåã·ã¹ãã ãèšå®ããŸãã ãããå€ãšããŸããŸãªé倧床ã¬ãã«ãæ§æã§ãããããç°åžžãæœåšçãªæ»æãç°¡åã«ç¹å®ã§ããŸãã
èšå®
ãŸããå®éã®ãšãããèšå®ã¯èšå®ã§ãã
ããã«ãSecuReporter ã¯å人ããŒã¿ãåŠçãããšãã«ããŸããŸãªä¿è·ããªã·ãŒããµããŒãã§ããããšã泚ç®ã«å€ããŸãã
ãŸãšã
ã»ãã¥ãªãã£é¢é£ã®çµ±èšãåæããããã®ããŒã«ã«ãªæ¹æ³ã¯ãååãšããŠãéåžžã«ããŸãæ©èœããŠããããšã蚌æãããŠããŸãã
ããããè åšã®ç¯å²ãšæ·±å»åºŠã¯æ¥ã å¢å€§ããŠããŸãã 以åã¯èª°ããæºè¶³ããŠããä¿è·ã¬ãã«ã¯ããã°ãããããšããªã匱ããªããŸãã
ãªã¹ããããŠããåé¡ã«å ããŠãããŒã«ã« ããŒã«ã䜿çšããã«ã¯ãæ©èœãç¶æããããã«äžå®ã®åªå (æ©åšã®ã¡ã³ããã³ã¹ãããã¯ã¢ãããªã©) ãå¿ èŠã§ãã é éå°ãšããåé¡ããããŸããã»ãã¥ãªãã£ç®¡çè ã 24 æé幎äžç¡äŒã§ãªãã£ã¹ã«åžžé§ãããããšãåžžã«å¯èœã§ãããšã¯éããŸããã ãããã£ãŠãäœããã®æ¹æ³ã§å€éšããããŒã«ã« ã·ã¹ãã ãžã®å®å šãªã¢ã¯ã»ã¹ãæ§æãããããèªåã§ç¶æããå¿ èŠããããŸãã
ã¯ã©ãŠã ãµãŒãã¹ã䜿çšãããšããã®ãããªåé¡ãåé¿ã§ããç¹ã«å¿ èŠãªã¬ãã«ã®ã»ãã¥ãªãã£ãç¶æããäŸµå ¥ããŠãŒã¶ãŒã«ããã«ãŒã«éåããã®ä¿è·ã«éç¹ã眮ãããšãã§ããŸãã
SecuReporter ã¯ããã®ãããªãµãŒãã¹ã®å®è£ ãæåããäŸã«ãããŸããã
ã¢ã¯ã·ã§ã³
æ¬æ¥ãããSecureporter ããµããŒããããã¡ã€ã¢ãŠã©ãŒã«ã®è³Œå ¥è ã察象ã«ãZyxel ãšãŽãŒã«ã ããŒãã㌠X-Com ãšã®éã§å ±åããã¢ãŒã·ã§ã³ãè¡ãããŸãã
䟿å©ãªãªã³ã¯é
ã1]
ã2]
ã3]
åºæïŒ habr.com