Pulogalamu ya ProHoster > Blog > Ulamuliro > Chitetezo cha chidziwitso cha data center

Chitetezo cha chidziwitso cha data center

Chitetezo cha chidziwitso cha data center
Izi ndi zomwe malo owunikira a NORD-2 data center omwe ali ku Moscow akuwoneka

Mwawerenga kangapo za zomwe zimatengedwa kuti zitsimikizire chitetezo cha chidziwitso (IS). Katswiri aliyense wodzilemekeza wa IT amatha kutchula malamulo achitetezo azidziwitso 5-10. Cloud4Y ikupereka kulankhula za chitetezo chazidziwitso cha malo opangira deta.

Mukawonetsetsa chitetezo chazidziwitso cha data center, zinthu "zotetezedwa" kwambiri ndi:

  • zidziwitso (data);
  • njira zosonkhanitsira, kukonza, kusunga ndi kutumiza zidziwitso;
  • ogwiritsa ntchito dongosolo ndi ogwira ntchito yosamalira;
  • zida zopangira zidziwitso, kuphatikiza zida za hardware ndi mapulogalamu pokonza, kutumiza ndi kuwonetsa zidziwitso, kuphatikiza njira zosinthira zidziwitso, njira zotetezera zidziwitso ndi malo.

Malo omwe ali ndi udindo wa data center amatengera mtundu wa ntchito zomwe zimaperekedwa (IaaS/PaaS/SaaS). Momwe zikuwonekera, onani chithunzi pansipa:

Chitetezo cha chidziwitso cha data center
Kuchuluka kwa ndondomeko ya chitetezo cha data center malinga ndi chitsanzo cha mautumiki operekedwa

Chinthu chofunika kwambiri pakupanga ndondomeko ya chitetezo cha chidziwitso ndikumanga chitsanzo cha ziwopsezo ndi ophwanya malamulo. Ndi chiyani chomwe chingakhale chowopsa ku malo opangira data?

  1. Zochitika zoyipa zachilengedwe, zopangidwa ndi anthu komanso chikhalidwe cha anthu
  2. Zigawenga, zigawenga, etc.
  3. Kudalira kwa ogulitsa, othandizira, othandizana nawo, makasitomala
  4. Kulephera, kulephera, kuwonongeka, kuwonongeka kwa mapulogalamu ndi hardware
  5. Ogwira ntchito ku data center omwe akugwiritsa ntchito ziwopsezo zachitetezo pogwiritsa ntchito ufulu ndi mphamvu zoperekedwa mwalamulo (ophwanya zidziwitso zamkati)
  6. Ogwira ntchito ku data center omwe amagwiritsa ntchito ziwopsezo zachitetezo chazidziwitso kunja kwa ufulu ndi mphamvu zoperekedwa mwalamulo, komanso mabungwe omwe si okhudzana ndi ogwira ntchito pamalo opangira data, koma kuyesa mwayi wosaloleka ndi zochita zosaloledwa (ophwanya zidziwitso zakunja)
  7. Kusatsatira zofunikira za oyang'anira ndi oyang'anira, malamulo apano

Kusanthula kwachiwopsezo - kuzindikira ziwopsezo zomwe zingachitike ndikuwunika kuchuluka kwa zotsatira za kukhazikitsidwa kwawo - kudzathandiza kusankha molondola ntchito zofunika kwambiri zomwe akatswiri achitetezo azidziwitso zapa data amayenera kuthetsa, ndikukonza bajeti zogulira zida ndi mapulogalamu.

Kuonetsetsa chitetezo ndi njira yopitilira yomwe imaphatikizapo magawo okonzekera, kukhazikitsa ndi kugwira ntchito, kuyang'anira, kusanthula ndi kukonza njira zotetezera chidziwitso. Kupanga njira zoyendetsera chitetezo chazidziwitso, zomwe zimatchedwa "Deming cycle".

Mbali yofunikira ya ndondomeko za chitetezo ndi kugawa maudindo ndi maudindo a ogwira ntchito kuti akwaniritse. Ndondomeko ziyenera kuwunikiridwa nthawi zonse kuti ziwonetse kusintha kwa malamulo, ziwopsezo zatsopano, ndi chitetezo chomwe chikubwera. Ndipo, zowona, fotokozerani zofunikira zachitetezo chazidziwitso kwa ogwira ntchito ndikupereka maphunziro.

Miyezo ya bungwe

Akatswiri ena amakayikira za chitetezo cha "mapepala", akuganizira kuti chinthu chachikulu ndi luso lothandizira kukana kuyesa kuwononga. Zochitika zenizeni pakuwonetsetsa chitetezo chazidziwitso m'mabanki zikuwonetsa zosiyana. Akatswiri achitetezo azidziwitso atha kukhala ndi ukadaulo wapamwamba wozindikira ndikuchepetsa zoopsa, koma ngati ogwira ntchito pa data satsatira malangizo awo, zonse zikhala pachabe.

Chitetezo, monga lamulo, sichibweretsa ndalama, koma chimachepetsa ngozi. Choncho, nthawi zambiri amatengedwa ngati chinthu chosokoneza komanso chachiwiri. Ndipo akatswiri a chitetezo akayamba kukwiya (okhala ndi ufulu uliwonse wochita zimenezo), mikangano nthawi zambiri imabuka ndi ogwira ntchito ndi akuluakulu a madipatimenti ogwira ntchito.

Kukhalapo kwa miyezo yamakampani ndi zofunikira zoyendetsera ntchito kumathandizira akatswiri achitetezo kuteteza maudindo awo pokambirana ndi oyang'anira, komanso kuvomerezedwa kwachitetezo chazidziwitso, malamulo ndi malamulo amalola ogwira ntchito kutsatira zomwe zafotokozedwa pamenepo, ndikupereka maziko azisankho zomwe nthawi zambiri sizimakonda.

Chitetezo cha malo

Pamene malo opangira deta amapereka chithandizo pogwiritsa ntchito chitsanzo cha colocation, kuonetsetsa kuti chitetezo chakuthupi ndi kuwongolera kwa zipangizo za kasitomala zimawonekera. Pazifukwa izi, zotsekera (mbali zotchingidwa ndi holo) zimagwiritsidwa ntchito, zomwe zimayang'aniridwa ndi kanema wa kasitomala komanso komwe mwayi wopeza ogwira ntchito ku data center uli ndi malire.

M'malo apakompyuta aboma okhala ndi chitetezo chakuthupi, zinthu sizinali zoyipa kumapeto kwa zaka zana zapitazi. Panali kuwongolera kolowera, kuwongolera kulowa m'malo, ngakhale opanda makompyuta ndi makamera apakanema, njira yozimitsa moto - pakayaka moto, freon idatulutsidwa m'chipinda cha makina.

Masiku ano, chitetezo chakuthupi chimatsimikiziridwa bwino kwambiri. Njira zowongolera ndi zowongolera (ACS) zakhala zanzeru, ndipo njira za biometric zoletsa kulowa zikuyambitsidwa.

Njira zozimitsira moto zakhala zotetezeka kwa ogwira ntchito ndi zida, zomwe zimaphatikizapo kukhazikitsa zoletsa, kudzipatula, kuziziritsa ndi zotsatira za hypoxic pagawo lamoto. Pamodzi ndi machitidwe ovomerezeka otetezera moto, malo opangira deta nthawi zambiri amagwiritsa ntchito njira yodziwira moto mwamsanga.

Kuteteza malo opangira data ku ziwopsezo zakunja - moto, kuphulika, kugwa kwa nyumba zomanga, kusefukira kwamadzi, mpweya wowononga - zipinda zotetezera ndi zotetezedwa zidayamba kugwiritsidwa ntchito, momwe zida za seva zimatetezedwa kuzinthu zonse zowononga zakunja.

Ulalo wofooka ndi munthu

Makina owonera makanema a "Smart", ma sensor a volumetric tracking (acoustic, infrared, ultrasonic, microwave), njira zowongolera zofikira zachepetsa zoopsa, koma sizinathetse mavuto onse. Njirazi sizingathandize, mwachitsanzo, pamene anthu omwe adalowetsedwa bwino mu data center ndi zida zolondola anali "ogwidwa" pa chinachake. Ndipo, monga nthawi zambiri, kugwedezeka mwangozi kumabweretsa mavuto aakulu.

Ntchito ya data center ikhoza kukhudzidwa ndi kugwiritsidwa ntchito molakwika kwa zinthu zake ndi antchito, mwachitsanzo, migodi yosaloledwa. Machitidwe a Data Center Infrastructure Management (DCIM) angathandize pazochitikazi.

Ogwira ntchito amafunikiranso chitetezo, chifukwa nthawi zambiri anthu amatchedwa ulalo wovuta kwambiri pachitetezo. Zigawenga zomwe zikuwawachitikira nthawi zambiri zimayamba pogwiritsa ntchito njira zaukadaulo. Nthawi zambiri makina otetezedwa kwambiri amawonongeka kapena amawonongeka wina atadina/kutsitsa/kuchita zinazake. Zowopsa zoterezi zitha kuchepetsedwa pophunzitsa ogwira ntchito komanso kugwiritsa ntchito njira zabwino padziko lonse lapansi pankhani yachitetezo chazidziwitso.

Chitetezo cha zomangamanga zomangamanga

Zowopseza zachikhalidwe pakugwira ntchito kwa data center ndizolephera kwa mphamvu ndi kulephera kwa machitidwe ozizira. Tazolowera kale zoopsa zotere ndipo taphunzira kuthana nazo.

Njira yatsopano yakhala kufalikira kwa zida za "smart" zolumikizidwa ndi netiweki: ma UPS olamulidwa, makina oziziritsa anzeru ndi mpweya wabwino, owongolera osiyanasiyana ndi masensa olumikizidwa ndi machitidwe oyang'anira. Pomanga chitsanzo choopseza deta, musaiwale za kuthekera kwa kuukira kwa maukonde a zomangamanga (ndipo, mwinamwake, pa intaneti yogwirizana ndi IT ya data center). Choyambitsa vutoli ndikuti zida zina (mwachitsanzo, zoziziritsa kukhosi) zitha kusamutsidwa kunja kwa malo opangira data, tinene, padenga la nyumba yobwereka.

Chitetezo cha njira zoyankhulirana

Ngati malo a data amapereka chithandizo osati molingana ndi chitsanzo cha colocation, ndiye kuti chiyenera kuthana ndi chitetezo chamtambo. Malinga ndi Check Point, chaka chatha chokha, 51% ya mabungwe padziko lonse lapansi adakumana ndi ziwopsezo pamapangidwe awo amtambo. Kuwukira kwa DDoS kuyimitsa mabizinesi, ma virus obisala amafuna chiwombolo, kuwukira komwe kumayendetsedwa ndi mabanki kumabweretsa kuba ndalama kumaakaunti amakalata.

Ziwopsezo za kulowerera kwakunja zimadetsa nkhawa akatswiri odziwa chitetezo cha data center. Zofunikira kwambiri pazida za data ndizogawidwa zomwe zimasokoneza kuperekedwa kwa ntchito, komanso ziwopsezo zakubera, kuba kapena kusinthidwa kwa data yomwe ili m'malo osungiramo zinthu kapena kusungirako.

Kuteteza dera lakunja la malo opangira data, makina amakono amagwiritsidwa ntchito ndi ntchito zozindikiritsa ndikuletsa ma code oyipa, kuwongolera ntchito komanso kuthekera kolowetsa ukadaulo woteteza chitetezo cha Threat Intelligence. Nthawi zina, machitidwe omwe ali ndi IPS (kulepheretsa kulowerera) amatumizidwa ndikusintha kwadzidzidzi kwa siginecha yokhazikitsidwa kumadera otetezedwa.

Kuti atetezedwe ku DDoS, makampani aku Russia, monga lamulo, amagwiritsa ntchito ntchito zapadera zakunja zomwe zimapatutsira magalimoto kumalo ena ndikusefa mumtambo. Chitetezo kumbali ya opareshoni ndichothandiza kwambiri kuposa mbali ya kasitomala, ndipo malo opangira data amakhala ngati amkhalapakati pakugulitsa ntchito.

Kuwukira kwamkati kwa DDoS kumathekanso m'malo opangira ma data: wowukira amalowa ma seva otetezedwa mofooka a kampani imodzi yomwe imakhala ndi zida zake pogwiritsa ntchito mtundu wa colocation, ndipo kuchokera pamenepo amakana kuwukira kwa makasitomala ena pa data iyi kudzera pa netiweki yamkati. .

Yang'anani pazochitika zenizeni

M'pofunika kuganizira zenizeni za chinthu chotetezedwa - kugwiritsa ntchito zida zowonetseratu, kusintha kwa kusintha kwa zomangamanga za IT, kugwirizana kwa mautumiki, pamene kuukira kopambana kwa kasitomala mmodzi kungawononge chitetezo cha oyandikana nawo. Mwachitsanzo, pakubera doko lakutsogolo mukugwira ntchito ku Kubernetes-based PaaS, wowukira atha kupeza zidziwitso zonse zachinsinsi komanso mwayi wofikira ku orchestration system.

Zogulitsa zomwe zimaperekedwa pansi pa chitsanzo chautumiki zimakhala ndi digiri yapamwamba ya automation. Kuti zisasokoneze bizinesi, njira zotetezera zidziwitso ziyenera kutsatiridwa pamlingo wocheperako wa automation ndi makulitsidwe opingasa. Kuchulukitsa kuyenera kutsimikiziridwa pazigawo zonse zachitetezo chazidziwitso, kuphatikiza makina owongolera olowera ndi makiyi olowera. Ntchito yapadera ndikukulitsa ma module omwe amawunika kuchuluka kwa ma network.

Mwachitsanzo, kusefa kuchuluka kwa maukonde pakugwiritsa ntchito, maukonde ndi magawo agawo m'malo opezeka kwambiri a data kuyenera kuchitidwa pamlingo wa ma hypervisor network modules (mwachitsanzo, VMware's Distributed Firewall) kapena popanga maunyolo antchito (zozimitsa moto za Palo Alto Networks) .

Ngati pali zofooka pamlingo wa virtualization wazinthu zamakompyuta, kuyesetsa kupanga dongosolo lachitetezo chazidziwitso papulatifomu sikudzakhala kothandiza.

Miyezo yachitetezo chazidziwitso mu data center

Njira yodzitetezera ndiyo kugwiritsa ntchito njira zophatikizira, zotetezedwa zazidziwitso zambiri, kuphatikiza magawo akulu pamlingo wa firewall (kugawa magawo azinthu zosiyanasiyana zamabizinesi), magawo ang'onoang'ono potengera ma firewall kapena ma tagging amagulu. (maudindo a ogwiritsa ntchito kapena ntchito) zotanthauzidwa ndi ndondomeko zofikira.

Gawo lotsatira ndikuzindikira zolakwika mkati ndi pakati pa magawo. Mphamvu zamagalimoto zimawunikidwa, zomwe zingasonyeze kukhalapo kwa zinthu zoipa, monga kusanthula maukonde, kuyesa DDoS kuukira, kutsitsa deta, mwachitsanzo, podula mafayilo a database ndikuwatulutsa m'magawo omwe amawonekera pafupipafupi pakapita nthawi. Magalimoto ochulukirachulukira amadutsa pamalo opangira data, kotero kuti muzindikire zolakwika, muyenera kugwiritsa ntchito ma aligorivimu osakira, osasanthula mapaketi. Ndikofunika kuti osati zizindikilo za zoyipa ndi zoyipa zokha zomwe zizindikirike, komanso kugwiritsa ntchito pulogalamu yaumbanda ngakhale mumsewu wobisika popanda kuwamasulira, monga akunenera mu Cisco solutions (Stealthwatch).

M'malire otsiriza ndi chitetezo cha zipangizo mapeto a maukonde am'deralo: maseva ndi makina pafupifupi, mwachitsanzo, mothandizidwa ndi nthumwi anaika pa zipangizo mapeto (makina pafupifupi), amene kusanthula ntchito I/O, deletions, makope ndi ntchito maukonde, kutumiza deta ku mtambo, komwe kuwerengera komwe kumafunikira mphamvu yayikulu yamakompyuta kumachitika. Kumeneko, kusanthula kumachitika pogwiritsa ntchito ma algorithms a Big Data, mitengo yamakina yamakina imamangidwa ndipo zosokoneza zimadziwika. Ma algorithms amadzipangira okha kutengera kuchuluka kwa data yomwe imaperekedwa ndi network network of sensors.

Mutha kuchita popanda kukhazikitsa othandizira. Zida zamakono zotetezera zidziwitso ziyenera kukhala zopanda ntchito ndikuphatikizidwa mu machitidwe opangira pa hypervisor level.
Zomwe zalembedwazi zimachepetsa kwambiri chiopsezo cha chitetezo cha chidziwitso, koma izi sizingakhale zokwanira kwa malo opangira deta omwe amapereka makina opangira chiopsezo chachikulu, mwachitsanzo, magetsi a nyukiliya.

Zofunikira pakuwongolera

Kutengera zomwe zikukonzedwa, zida zapakatikati komanso zowoneka bwino zapa data ziyenera kukwaniritsa zofunikira zachitetezo zomwe zakhazikitsidwa m'malamulo ndi miyezo yamakampani.

Malamulowa akuphatikizapo lamulo la "Pa Personal Data" (152-FZ) ndi lamulo la "Pa chitetezo cha KII Facilities of the Russian Federation" (187-FZ), lomwe linayamba kugwira ntchito chaka chino - ofesi ya wosuma mlandu yayamba kale kukhala ndi chidwi. mkati mwa kukhazikitsidwa kwake. Mikangano yoti ngati malo opangira ma data ndi a maphunziro a CII idakalipobe, koma nthawi zambiri, malo opangira data omwe akufuna kupereka chithandizo kwa anthu a CII akuyenera kutsatira zofunikira zalamulo latsopanoli.

Sizidzakhala zophweka kwa malo opangira deta omwe akukhala ndi machitidwe a chidziwitso cha boma. Malinga ndi Lamulo la Boma la Russian Federation la May 11.05.2017, 555 No. XNUMX, nkhani za chitetezo cha chidziwitso ziyenera kuthetsedwa musanayike GIS mu ntchito yamalonda. Ndipo malo opangira data omwe akufuna kukhala ndi GIS ayenera kukwaniritsa zofunikira zoyendetsera.

Pazaka zapitazi za 30, machitidwe otetezera malo osungiramo deta afika kutali: kuchokera ku machitidwe osavuta otetezera thupi ndi machitidwe a bungwe, omwe, komabe, sanataye kufunikira kwawo, ku machitidwe ovuta anzeru, omwe amagwiritsa ntchito kwambiri zinthu zanzeru zopangira. Koma tanthauzo la njirayo silinasinthe. Tekinoloje zamakono sizingakupulumutseni popanda miyeso ya bungwe ndi maphunziro a ogwira ntchito, ndipo mapepala sangakupulumutseni popanda mapulogalamu ndi njira zamakono. Chitetezo chapakati pa data sichingatsimikizidwe kamodzi; ndikuyesa kosalekeza tsiku ndi tsiku kuzindikira ziwopsezo zofunika kwambiri ndikuthana ndi mavuto omwe akubwera.

Ndi chiyani chinanso chomwe mungawerenge pabulogu? Cloud4Y

β†’ Kukhazikitsa pamwamba pa GNU/Linux
β†’ Pentesters patsogolo pa cybersecurity
β†’ Njira yanzeru zopangira kuchokera ku lingaliro labwino kupita kumakampani asayansi
β†’ 4 njira kupulumutsa pa mtambo backups
β†’ Mutt story

Lembani ku wathu uthengawo-channel kuti musaphonye nkhani yotsatira! Timalemba zosaposa kawiri pa sabata komanso pa bizinesi. Tikukukumbutsaninso kuti mungathe yesani kwaulere cloud solutions Cloud4Y.

Source: www.habr.com

Kuwonjezera ndemanga