3 FortiAnalyzer Chiyambi V 6.4. Kugwira ntchito ndi zipika

Takulandirani ku phunziro lachitatu la maphunzirowa FortiAnalyzer Chiyambi. pa phunziro lomaliza tidapereka zoseketsa zomwe zimafunikira ma lab. Mu phunziro ili, tiwona mfundo zoyambira zogwirira ntchito ndi zipika FortiAnalyzer, dziwani ndi oyang'anira zochitika, komanso lingalirani njira zotetezera zipika. Gawo lachidziwitso, komanso kujambula kwathunthu kwa phunziro la kanema, zili pansi pa odulidwa.

Kuti mutolere zipika kuchokera pazida, ayenera kulembetsedwa ndi FortiAnalyzer. Pali njira ziwiri zolembera.

1. Njira yoyamba - pa chipangizo cholembetsedwa, njira "kutumiza zipika ku FortiAnalyzer" imatsegulidwa ndipo adilesi yake ya IP ikuwonetsedwa. Pambuyo pake, pempho limatumizidwa ku FortiAnalyzer kuti mulembetse chipangizochi. Woyang'anira ayenera kuvomereza kapena kukana pempho lomwe lalandiridwa. Ndi ukadaulo waukadaulo wowongolera, FortiGate ikhoza kuwonjezeredwa ku ADOM yayikulu (yomwe imatchedwa mizu, yomwe tidagwira nayo ntchito m'phunziro lomaliza), komanso ku ADOM yodzipangira yokha yomwe idapangidwira zida za FortiGate.
2. Njira yachiwiri ndiyotchedwa Wizard Registration Wizard. Kulembetsa kwa chipangizo kumachitika pa FortiAnalyzer palokha. Kulembetsa kumafuna zambiri za chipangizo chomwe chikulembetsedwa - nambala yachinsinsi, adilesi ya IP, mtundu wa chipangizocho, ndi mtundu wa makina ogwiritsira ntchito. Ngati kutsimikizira kwa data kukuyenda bwino, chipangizocho chimawonjezedwa pamndandanda wa FortiAnalyzer. Ngati ukadaulo wa Admin Domain wayatsidwa, chipangizochi chidzalembetsa zokha mu Domain yoyenera ya Admin. Ngati muli ndi madera angapo oyang'anira, ndiye kuti muyenera kulembetsa chipangizocho kuchokera kumalo olamulira omwe mukufuna kuwonjezera.

Chida chilichonse chimapanga zipika zamitundu yosiyanasiyana. Mitundu yayikulu yamitengo yomwe zida za Fortinet zitha kupanga zikuwonetsedwa pachithunzichi.

Tidalankhula kale za kukonza kwa zipika mu phunziro lapitalo, koma ndikuganiza kuti ndikofunikira kukumbukira kukumbukira kwanu. Mitengo yolandilidwa ndi FortiAnalyzer imapanikizidwa ndikusungidwa ku fayilo ya chipika. Fayiloyi ikafika kukula kwake, imalembedwa ndikusungidwa. Mitengo yotereyi imatchedwa archive. Amatengedwa ngati zipika zapaintaneti chifukwa sangathe kuwunikidwa munthawi yeniyeni. Zikupezeka kuti ziwonedwe mumtundu wa RAW. Ndondomeko yosungira zidziwitso mu domain yoyang'anira imatsimikizira kuti zipika zotere zidzasungidwa nthawi yayitali bwanji mu kukumbukira kwa FortiAnalyzer.

Nthawi yomweyo, zipikazo zimayikidwa mu database ya SQL kuti zithandizire kusanthula. Zolemba izi zimawunikidwa mu FortiAnalyzer munthawi yeniyeni pogwiritsa ntchito njira za Log View, FortiView ndi Reports. Ndondomeko yosungira zidziwitso mu domain yoyang'anira imatsimikizira kuti zipika zotere zidzasungidwa nthawi yayitali bwanji mu kukumbukira kwa FortiAnalyzer. Pambuyo pochotsa zipikazi pachikumbutso cha FortiAnalyzer, zitha kukhalabe ngati zipika zosungidwa, koma izi zimatengera ndondomeko yosunga deta mudera loyang'anira.

Mwadongosolo, njira yopangira zipika ikuwonetsedwa mu chithunzi pansipa.

Zipika zikafika pa chipangizocho, zimayang'aniridwa ndi oyang'anira zochitika. Amakulolani kuti muzitsatira zochitika zachidwi pogwiritsa ntchito mikhalidwe yokonzedweratu. Zomwe zimayikidwa pazigawo zomwe zili mu zolemba zamtundu wa RAW. Dongosololi lili ndi zochitika zomwe zafotokozedweratu pagawo lililonse loyang'anira, komabe, ngati kuli kofunikira, mutha kupanga omwe akuwongolera zochitika zanu. Kugwiritsa ntchito kwakukulu kwa oyang'anira zochitika ndikuti zochitika zosangalatsa zikachitika, dongosololi limatha kutumiza zidziwitso ku imelo kapena ma seva a syslog komanso kudzera pa SNMP. Izi zimakuthandizani kuti muyankhe mwachangu pazomwe zikuchitika pa intaneti.

Tsopano tiyeni tikambirane za kuteteza zipika. Popeza zipikazo zili ndi chidziwitso chofunikira pazomwe zikuchitika pa intaneti, ziyenera kutetezedwa kuti zisawonongeke chifukwa cha zolephera zosiyanasiyana komanso kusagwirizana kwakunja. Ukadaulo woyamba womwe ungathandizire kuteteza zipika ngati zolephera zosiyanasiyana ndi RAID. Zimakulolani kugawanitsa malo kuchokera ku ma disks omwe alipo mumagulu angapo omveka kuti ngati disk imodzi kapena zingapo (malingana ndi mtundu wa RAID) zikulephera, deta sitayika. Mitundu yayikulu ya RAID yomwe ingagwiritsidwe ntchito ku FortiAnalyzer ikuwonetsedwa pachithunzi pansipa.

• RAID 0 imafalitsa zambiri pama disks awiri kapena kuposerapo. Cholinga chachikulu ndi liwiro ndi ntchito. Ngati disk imodzi kapena zingapo zalephera, gulu lonse la disk lidzavutika;
• RAID 1 imagawa zidziwitso pama disks awiri kapena kuposerapo. Ngati diski imodzi ikulephera, gulu la disk lidzapitiriza kugwira ntchito bwino;
• RAID 5 imagawira zidziwitso pama disks angapo, komanso imagawa chimbale chimodzi kuti chiwongolere deta iliyonse yomwe imatchedwa "unyolo wa data". Ngati diski imodzi ikulephera, gulu la disk lidzapitiriza kugwira ntchito bwino;
• RAID 6 imagwira ntchito mofananamo, ma disks awiri okha omwe aperekedwa kale kuti abwezeretse deta;
• RAID 10 imagwirizanitsa zosankha za RAID 0 ndi RAID 1. Ndi izi, zidzatheka kupitiriza kugwira ntchito ndi chidziwitso ngati 2 disks ikulephera (imodzi kuchokera ku nkhondo iliyonse, mwinamwake sikungatheke kuwerenga zambiri);
• RAID 50 imagwirizanitsa ntchito ya RAID 0 ndi RAID 5. Pankhaniyi, ntchito yokhazikika yokhala ndi chidziwitso idzapitirira ngakhale disk imodzi ikulephera mu RAID 5 iliyonse;
• RAID 60 imaphatikiza ntchito za RAID 0 ndi RAID 6. Pankhaniyi, ntchito yokhazikika yokhala ndi chidziwitso idzapitirira ngakhale ma disks 6 alephera mu RAID 2 iliyonse.

Njira yotsatira ndikusunga zolemba. Pali zosankha zingapo zosunga zobwezeretsera - kuchokera pa Log View menyu, komwe mungagwiritse ntchito fyuluta inayake kuti musunge zipika zofunika, kapena Log Sakatulani, komwe mungatsitse mafayilo ojambulidwa. Ndikothekanso kusunga zipika kumaseva akunja pogwiritsa ntchito mawonekedwe a CLI.

Njira ina yomwe imakulolani kuti muteteze chidziwitso chofunikira chomwe chili mu zipika ndi redundancy. Palinso njira zingapo pano.

1. Yoyamba, yomwe zida zimatumiza zipika ku 2 FortiAnalyzers nthawi imodzi - imodzi mwazo ndi yayikulu, ina ndi zosunga zobwezeretsera.
2. Takambirana kale njira yachiwiri m'phunziro lomaliza - FortiAnalyzer imodzi imagwira ntchito yosonkhanitsa ndikusonkhanitsa zipika kuchokera pazida zosiyanasiyana. Malinga ndi ndondomekoyi, zipika zomwe zasonkhanitsidwa zimatumizidwa ku FortiAnalyzer, yomwe imagwira ntchito mu Analyzer mode. Pakachitika kulephera kwachiwiri, wokhometsayo azitha kutumiza zipikazo ku FortiAnalyzer ina.
3. Ndipo njira yachitatu ndikusamutsa mitengo kuchokera ku FortiAnalyzer kupita ku ma seva akunja, mwachitsanzo, kupita ku Syslog. Pankhaniyi, kusamutsidwa kwa zipika kudzachitika mu nthawi yeniyeni.

Kuteteza zipika kuti zisasokonezedwe, njira ziwiri zazikulu zimagwiritsidwa ntchito:

1. Kubisa kwa njira yotumizira deta pakati pa FortiAnalyzer ndi zida zina;
2. Kuteteza zipika kuti zisasinthidwe powonjezera cheke.

Kanemayo akuwonetsa zomwe takambirana pamwambapa, ndikukambirananso za momwe angagwiritsire ntchito zipika - kuzisefa, kuziwona m'njira zosiyanasiyana, kukhazikitsa osamalira zochitika. Sangalalani kuwonera!

M’phunziro lotsatira, tidzakambitsirana za mbali zogwirira ntchito ndi malipoti. Kuti musaphonye, ​​lembetsani ku tsamba lathu Youtube njira.

Mukhozanso kutsatira zosintha pazithandizo zotsatirazi:

Gulu la Vkontakte
Yandex Zen
Webusayiti yathu
Telegalamu njira

Source: www.habr.com