Moni! Takulandirani ku phunziro lachisanu ndi chiwiri la maphunzirowa . pa tidadziwa mbiri yachitetezo monga kusefa pa Webusayiti, Kuwongolera Kugwiritsa Ntchito ndi Kuwunika kwa HTTPS. Mu phunziro ili tipitiliza kuyambitsa kwathu mbiri yachitetezo. Choyamba, tidziwa mbali zongopeka za kagwiritsidwe ntchito ka antivayirasi ndi njira yopewera kulowerera, ndiyeno tiwona momwe mbiri yachitetezoyi imagwirira ntchito.
Tiyeni tiyambe ndi antivayirasi. Choyamba, tiyeni tikambirane matekinoloje omwe FortiGate amagwiritsa ntchito kuti azindikire ma virus:
Kusanthula kwa antivayirasi ndiyo njira yosavuta komanso yachangu kwambiri yodziwira ma virus. Imazindikira ma virus omwe amagwirizana kwathunthu ndi siginecha zomwe zili munkhokwe ya anti-virus.
Grayware Jambulani kapena kusanja pulogalamu yosafunikira - ukadaulo uwu umazindikira mapulogalamu osafunikira omwe amayikidwa popanda wogwiritsa kudziwa kapena kuvomereza. Mwaukadaulo, mapulogalamuwa si ma virus. Nthawi zambiri amabwera ali ndi mapulogalamu ena, koma akaikidwa amasokoneza dongosolo, ndichifukwa chake amagawidwa ngati pulogalamu yaumbanda. Nthawi zambiri mapulogalamu otere amatha kudziwika pogwiritsa ntchito siginecha yosavuta ya grayware kuchokera ku kafukufuku wa FortiGuard.
Kusanthula kwa Heuristic - ukadaulo uwu umatengera kuthekera, kotero kugwiritsa ntchito kwake kumatha kuyambitsa zotsatira zabodza, koma kumatha kuzindikira ma virus a tsiku la zero. Ma virus a Zero Day ndi ma virus atsopano omwe sanaphunzirepo, ndipo palibe ma signature omwe angawazindikire. Kusanthula kwa Heuristic sikumathandizidwa mwachisawawa ndipo kuyenera kuyatsidwa pamzere wolamula.
Ngati mphamvu zonse za antivayirasi zayatsidwa, FortiGate imagwiritsa ntchito motere: scanning antivayirasi, scanning grayware, heuristic scanning.
FortiGate imatha kugwiritsa ntchito nkhokwe zingapo zotsutsana ndi ma virus, kutengera ntchito:
- Normal antivayirasi database (Yachizolowezi) - yomwe ili mumitundu yonse ya FortiGate. Zimaphatikizapo siginecha za ma virus omwe apezeka m'miyezi yaposachedwa. Ili ndiye nkhokwe yaying'ono kwambiri ya antivayirasi, chifukwa chake imayang'ana mwachangu kwambiri ikagwiritsidwa ntchito. Komabe, database iyi siyingazindikire ma virus onse odziwika.
- Zowonjezera - maziko awa amathandizidwa ndi mitundu yambiri ya FortiGate. Itha kugwiritsidwa ntchito kuzindikira ma virus omwe sakugwiranso ntchito. Mapulatifomu ambiri akadali pachiwopsezo cha ma virus awa. Komanso ma virus amenewa angayambitse mavuto mtsogolo.
- Ndipo chomaliza, chotsika kwambiri (Extreme) - chimagwiritsidwa ntchito muzomangamanga pomwe pakufunika chitetezo chokwanira. Ndi chithandizo chake, mutha kudziwa ma virus onse odziwika, kuphatikiza ma virus omwe amapangidwa ndi machitidwe akale, omwe sakufalitsidwa kwambiri pakadali pano. Mtundu woterewu wa siginecha sumathandizidwanso ndi mitundu yonse ya FortiGate.
Palinso nkhokwe ya siginecha yaying'ono yopangidwa kuti ifufuze mwachangu. Tikambirana pambuyo pake.
Mutha kusintha ma database odana ndi ma virus pogwiritsa ntchito njira zosiyanasiyana.
Njira yoyamba ndi Push Update, yomwe imalola kuti nkhokwe zisinthidwe mwamsanga nkhokwe ya kafukufuku ya FortiGuard ikatulutsa zosintha. Izi ndizothandiza pazomangamanga zomwe zimafunikira chitetezo chokwanira, popeza FortiGate ilandila zosintha mwachangu zikangopezeka.
Njira yachiwiri ndiyo kukhazikitsa ndandanda. Mwanjira iyi mutha kuyang'ana zosintha ola lililonse, tsiku kapena sabata. Ndiko kuti, apa nthawi yake yakhazikitsidwa mwakufuna kwanu.
Njirazi zitha kugwiritsidwa ntchito limodzi.
Koma muyenera kukumbukira kuti kuti zosintha zikhazikitsidwe, muyenera kuloleza mbiri ya antivayirasi kuti ikhale ndi mfundo imodzi ya firewall. Apo ayi, zosintha sizingapangidwe.
Mutha kutsitsanso zosintha kuchokera patsamba lothandizira la Fortinet ndikuziyika pamanja ku FortiGate.
Tiyeni tiyang'ane pa sikani modes. Pali atatu okha mwa iwo - Full Mode mu Flow Based mode, Quick Mode mu Flow Based mode, ndi Full Mode mu proxy mode. Tiyeni tiyambe ndi Full Mode mu Flow mode.
Tinene kuti wosuta akufuna kutsitsa fayilo. Amatumiza pempho. Seva imayamba kumutumizira mapaketi omwe amapanga fayilo. Wogwiritsa ntchito nthawi yomweyo amalandira mapaketi awa. Koma musanapereke mapaketi awa kwa wogwiritsa ntchito, FortiGate amawasunga. FortiGate italandira paketi yomaliza, imayamba kusanthula fayilo. Panthawiyi, paketi yomaliza imayikidwa pamzere ndipo simaperekedwa kwa wogwiritsa ntchito. Ngati fayilo ilibe ma virus, paketi yaposachedwa imatumizidwa kwa wogwiritsa ntchito. Ngati kachilombo kapezeka, FortiGate imaphwanya kulumikizana ndi wogwiritsa ntchito.
Njira yachiwiri yojambulira yomwe ikupezeka mu Flow Based ndi Quick Mode. Imagwiritsa ntchito nkhokwe ya siginecha ya compact, yomwe imakhala ndi siginecha zochepa kuposa database yokhazikika. Ilinso ndi malire poyerekeza ndi Full Mode:
- Sizingatumize mafayilo ku sandbox
- Sizingagwiritse ntchito kufufuza kwa heuristic
- Komanso sichingagwiritse ntchito ma phukusi okhudzana ndi pulogalamu yaumbanda yam'manja
- Mitundu ina yolowera siyigwirizana ndi njirayi.
Njira yofulumira imayang'ananso kuchuluka kwa ma virus, nyongolotsi, ma trojans ndi pulogalamu yaumbanda, koma popanda kusungitsa. Izi zimapereka magwiridwe antchito abwino, koma nthawi yomweyo mwayi wozindikira kachilomboka umachepetsedwa.
Mu Proxy mode, njira yokhayo yojambulira yomwe ilipo ndi Full Mode. Ndi sikani yotere, FortiGate imayamba kusungira fayilo yonse yokha (pokhapokha, ngati, kukula kwa fayilo kovomerezeka kwadutsa). Wofuna chithandizo adikire kuti sikaniyo ithe. Ngati kachilombo kapezeka pakusanthula, wogwiritsa ntchitoyo adziwitsidwa nthawi yomweyo. Chifukwa FortiGate imayamba kusungira fayilo yonse ndikuyisanthula, izi zitha kutenga nthawi yayitali. Chifukwa cha izi, ndizotheka kuti kasitomala athetse kulumikizana asanalandire fayilo chifukwa chachedwa.
Chithunzi chomwe chili pansipa chikuwonetsa tebulo lofananiza lamitundu yojambulira - zikuthandizani kudziwa mtundu wajambulira womwe uli woyenera ntchito zanu. Kukhazikitsa ndikuyang'ana magwiridwe antchito a antivayirasi akukambidwa muzochita mu kanema kumapeto kwa nkhaniyi.
Tiyeni tipite ku gawo lachiwiri la phunziroli - njira yopewera kulowerera. Koma kuti muyambe kuphunzira IPS, muyenera kumvetsetsa kusiyana pakati pa zochitika ndi zolakwika, komanso kumvetsetsa njira zomwe FortiGate amagwiritsa ntchito pofuna kuteteza.
Zochita zaposachedwa ndizomwe zimadziwika ndi mawonekedwe apadera omwe amatha kuzindikirika pogwiritsa ntchito siginecha ya IPS, WAF, kapena antivayirasi.
Zosokoneza ndi zachilendo pamanetiweki, monga kuchuluka kwa magalimoto pamsewu kapena kupitilira kuchuluka kwa ma CPU omwe amadya nthawi zonse. Zolakwika ziyenera kuyang'aniridwa chifukwa zitha kukhala zizindikilo za kuwukira kwatsopano, kosazindikirika. Zolakwika nthawi zambiri zimazindikirika pogwiritsa ntchito kusanthula kwamakhalidwe - zomwe zimatchedwa masiginecha otengera mlingo ndi mfundo za DoS.
Zotsatira zake, IPS pa FortiGate imagwiritsa ntchito maziko osayina kuti azindikire ziwonetsero zodziwika, ndi ma signature a Rate-Based ndi mfundo za DoS kuti azindikire zolakwika zosiyanasiyana.
Mwachikhazikitso, siginecha yoyamba ya IPS imaphatikizidwa ndi mtundu uliwonse wa makina opangira a FortiGate. Ndi zosintha, FortiGate ilandila siginecha zatsopano. Mwanjira iyi, IPS imakhalabe yogwira ntchito motsutsana ndi zatsopano zatsopano. FortiGuard imasintha ma signature a IPS pafupipafupi.
Mfundo yofunika yomwe ikugwira ntchito ku IPS ndi antivayirasi ndikuti ngati ziphaso zanu zatha, mutha kugwiritsabe ntchito siginecha zaposachedwa. Koma simungathe kupeza zatsopano popanda zilolezo. Chifukwa chake, kusowa kwa zilolezo ndikosayenera - ngati ziwonetsero zatsopano zikuwonekera, simungathe kudziteteza ndi siginecha yakale.
Ma database a signature a IPS amagawidwa kukhala okhazikika komanso owonjezera. Dongosolo lankhokwe lanthawi zonse limakhala ndi siginecha yazachiwembu zomwe zimachitika kawirikawiri kapena zomwe sizimayambitsa zabodza. Zomwe zidakonzedweratu za ambiri mwa ma signature awa ndi block.
Nawonso yotalikirapo imakhala ndi siginecha zina zowukira zomwe zimakhudza kwambiri magwiridwe antchito adongosolo, kapena zomwe sizingaletsedwe chifukwa cha mawonekedwe awo apadera. Chifukwa cha kukula kwa databaseyi, sichipezeka pamitundu ya FortiGate yokhala ndi disk yaying'ono kapena RAM. Koma m'malo otetezeka kwambiri, mungafunike kugwiritsa ntchito maziko okulirapo.
Kukhazikitsa ndikuyang'ana magwiridwe antchito a IPS akukambidwanso mu kanema pansipa.
Mu phunziro lotsatira tiwona ntchito ndi ogwiritsa ntchito. Kuti musaphonye, ββtsatirani zosintha pamayendedwe otsatirawa:
Source: www.habr.com