Takulandirani ku phunziro lachiwiri la maphunzirowa . Lero tikambirana za limagwirira utsogoleri madambwe pa , tidzakambirananso za ndondomeko yokonza zipika - kumvetsetsa mfundo zogwiritsira ntchito njirazi ndizofunikira pazikhazikiko zoyamba. . Ndipo pambuyo pake tidzakambirana za masanjidwe omwe tidzagwiritse ntchito pamaphunzirowa, komanso kupanga kasinthidwe koyambirira . Gawo lachidziwitso, komanso kujambula kwathunthu kwa phunziro la kanema, zili pansi pa odulidwa.
Choyamba, tiyeni tikambirane za madera oyang'anira kachiwiri. Pali zinthu zingapo zomwe muyenera kudziwa za iwo musanayambe kuwagwiritsa ntchito:
- Kutha kupanga madera olamulira kumayatsidwa ndikuyimitsidwa pakati.
- Domain yosiyana yoyang'anira ikufunika kuti mulembetse zida zilizonse kupatula FortiGate. Ndiye kuti, ngati mukufuna kulembetsa zida zingapo za FortiMail pazida, mufunika dera loyang'anira kuti mutero. Koma izi sizikutsutsa mfundo yakuti kuti zikhale zosavuta kupanga zida za FortiGate, mukhoza kupanga madera osiyanasiyana olamulira.
- Kuchuluka kwa madera oyang'anira omwe amathandizidwa kumadalira mtundu wa FortiAnalyzer unit.
- Mukalola kuthekera kopanga madera olamulira, muyenera kusankha mawonekedwe awo ogwiritsira ntchito - Normal kapena Advanced. Munjira Yachizolowezi, simungawonjezere madera osiyanasiyana (kapena ma VDOM) a FortiGate yomweyo kumadera osiyanasiyana olamulira a chipangizo cha FortiAnalyzer. Izi ndizotheka mu Advanced mode. Mawonekedwe apamwamba amakupatsani mwayi wokonza deta kuchokera kumadera osiyanasiyana ndikulandila malipoti osiyana pa iwo. Ngati mwayiwala kuti madera enieni ndi chiyani, yang'anani , likulongosoledwa pamenepo mwatsatanetsatane.
Tiwona kupanga madera olamulira ndikugawa kukumbukira pakati pawo pakapita nthawi ngati gawo lothandizira la phunzirolo.
Tsopano tiyeni tikambirane za makina ojambulira ndi kukonza zipika zomwe zikubwera ku FortiAnalyzer.
Mitengo yolandilidwa ndi FortiAnalyzer imapanikizidwa ndikusungidwa mu fayilo ya chipika. Fayiloyi ikafika kukula kwake, imalembedwa ndikusungidwa. Mitengo yotereyi imatchedwa archive. Amatengedwa ngati zipika zapaintaneti chifukwa sangathe kuwunikidwa munthawi yeniyeni. Zilipo kuti ziwonedwe mumtundu waiwisi. Ndondomeko yosungira deta mu domeni yoyang'anira imatsimikizira kuti malogi oterowo adzasungidwa nthawi yayitali bwanji pachikumbutso cha chipangizocho.
Nthawi yomweyo, zipika zimayikidwa mu database ya SQL. Malogiwa amagwiritsidwa ntchito posanthula deta pogwiritsa ntchito njira za Log View, FortiView ndi Reports. Ndondomeko yosungira deta mu domeni yoyang'anira imatsimikizira kuti malogi oterowo adzasungidwa nthawi yayitali bwanji pachikumbutso cha chipangizocho. Pambuyo pazipikazi zichotsedwa pachikumbutso cha chipangizocho, zitha kukhalabe ngati zipika zosungidwa, koma izi zimadalira ndondomeko yosungiramo data mu dera loyang'anira.
Kuti timvetsetse zoyambira zoyambirira, chidziwitsochi ndi chokwanira kwa ife. Tsopano tiyeni tikambirane masanjidwe athu:
Pa izo mukuwona zida za 6 - FortiGate, FortiMail, FortiAnalyzer, woyang'anira madambwe, kompyuta yakunja ya wogwiritsa ntchito komanso kompyuta ya wogwiritsa ntchito mkati. FortiGate ndi FortiMail ndizofunikira kuti apange zipika za zida zosiyanasiyana za Fortinet kuti agwiritse ntchito chitsanzo kuganizira mbali zogwirira ntchito ndi madera osiyanasiyana oyang'anira. Ogwiritsa ntchito mkati ndi kunja, komanso woyang'anira dera amafunika kuti apange magalimoto osiyanasiyana. Windows imayikidwa pakompyuta ya wogwiritsa ntchito mkati, ndipo Kali Linux imayikidwa pakompyuta ya ogwiritsa ntchito akunja.
Muchitsanzo ichi, FortiMail imagwira ntchito mu Seva, kutanthauza kuti ndi seva yapadera yamakalata yomwe ogwiritsa ntchito amkati ndi akunja amatha kusinthana maimelo. Zokonda zofunika monga zolemba za MX zimakonzedwa pa olamulira domain. Kwa wogwiritsa ntchito kunja, seva ya DNS ndiye woyang'anira dera lamkati - izi zimachitika pogwiritsa ntchito kutumiza kwa doko (kapena ukadaulo wina wa Virtual IP) pa FortiGate.
Zokonda izi sizikuphatikizidwa paphunziro chifukwa sizikugwirizana ndi mutu wamaphunzirowo. Kutumiza ndikusintha koyambirira kwa gawo la FortiAnalyzer kudzaphimbidwa. Zigawo zotsalira za kamangidwe kamakono zinakonzedwa pasadakhale.
Zofunikira pazida zosiyanasiyana zidaperekedwa pansipa. Kwa ine, kamangidwe kameneka kamagwira ntchito pamakina okonzekeratu m'malo a VMWare Workstation. Makhalidwe a makinawa alembedwanso pansipa.
chipangizo
RAM GB
vCPU
HDD, GB
Domain controller
6
3
40
Wogwiritsa ntchito mkati
4
2
32
Wogwiritsa ntchito kunja
2
2
8
Zithunzi za FortiGate
2
2
30
FortiAnalyzer
8
4
80
FortiMail
2
4
50
Makina opangira
28
19
280
Zofunikira pamakina zomwe zalembedwa patebuloli ndizochepa; muzochitika zenizeni, zofunikira zambiri zimafunikira. Zowonjezera pazofunikira zamakina zitha kupezeka pa .
Kanemayo akuwonetsa zomwe takambirana pamwambapa, komanso gawo lothandizira - ndi kasinthidwe koyambirira kwa chipangizo cha FortiAnalyzer. Sangalalani kuwonera!
Mu phunziro lotsatira tiwona mwatsatanetsatane mbali zogwirira ntchito ndi zipika. Kuti mupewe kuphonya, lembani ku yathu .
Mukhozanso kutsatira zosintha pazithandizo zotsatirazi:
Source: www.habr.com