Potengera kuchuluka kwa mafunso omwe adayamba kutifika kudzera pa SD-WAN, ukadaulo wayamba kuzika mizu ku Russia. Ogulitsa, mwachibadwa, sakugona ndipo amapereka malingaliro awo, ndipo apainiya ena olimba mtima akuwagwiritsa kale pa maukonde awo.
Timagwira ntchito ndi pafupifupi mavenda onse, ndipo kwa zaka zingapo mu labotale yathu ndidakwanitsa kuyang'ana muzomangamanga za aliyense wopanga mayankho ofotokozedwa ndi mapulogalamu. SD-WAN yochokera ku Fortinet imayima motalikirana pang'ono pano, yomwe idangopanga magwiridwe antchito akuyanjanitsa magalimoto pakati pa njira zoyankhulirana mu pulogalamu ya firewall. Njira yothetsera vutoli ndi demokalase, choncho nthawi zambiri imaganiziridwa ndi makampani omwe sanakonzekere kusintha kwapadziko lonse, koma akufuna kugwiritsa ntchito njira zawo zoyankhulirana bwino.
M'nkhaniyi ndikufuna kukuuzani momwe mungasinthire ndikugwira ntchito ndi SD-WAN kuchokera ku Fortinet, yemwe yankho ili ndiloyenera komanso zovuta zomwe mungakumane nazo pano.
Osewera otchuka kwambiri pamsika wa SD-WAN atha kugawidwa m'mitundu iwiri:
1. Oyambitsa omwe apanga mayankho a SD-WAN kuyambira poyambira. Opambana kwambiri mwa awa amalandira chilimbikitso chachikulu cha chitukuko atagulidwa ndi makampani akuluakulu - iyi ndi nkhani ya Cisco/Viptela, VMWare/VeloCloud, Nuage/Nokia
2. Ogulitsa ma netiweki akuluakulu omwe adapanga mayankho a SD-WAN, kukulitsa kukhazikika komanso kuwongolera kwa ma router awo achikhalidwe - iyi ndi nkhani ya Juniper, Huawei.
Fortinet adatha kupeza njira yake. Pulogalamu ya firewall inali ndi magwiridwe antchito omwe adapangitsa kuti azitha kuphatikiza mawonekedwe awo kukhala njira zenizeni ndikuwongolera katundu pakati pawo pogwiritsa ntchito ma algorithms ovuta poyerekeza ndi njira wamba. Izi zimatchedwa SD-WAN. Kodi chomwe Fortinet chidatchedwa SD-WAN? Msikawu ukumvetsetsa pang'onopang'ono kuti Software-Defined imatanthauza kulekanitsidwa kwa Control Plane kuchokera ku Data Plane, olamulira odzipereka, ndi oimba. Fortinet alibe chilichonse chonga icho. Kasamalidwe kapakati ndizosankha ndipo zimaperekedwa kudzera mu chida chachikhalidwe cha Fortimanager. Koma m'malingaliro mwanga, simuyenera kuyang'ana chowonadi chosamveka ndikutaya nthawi kukangana za mawu. M'dziko lenileni, njira iliyonse ili ndi ubwino wake ndi kuipa kwake. Njira yabwino ndikumvetsetsa ndikutha kusankha mayankho omwe amagwirizana ndi ntchitozo.
Ndiyesera kukuuzani ndi zowonera m'manja momwe SD-WAN yochokera ku Fortinet imawoneka ndi zomwe ingachite.
Momwe zonse zimagwirira ntchito
Tiyerekeze kuti muli ndi nthambi ziwiri zolumikizidwa ndi ma data awiri. Maulalo a datawa amaphatikizidwa kukhala gulu, lofanana ndi momwe ma Ethernet okhazikika amaphatikizidwira kukhala LACP-Port-Channel. Akale adzakumbukira PPP Multilink - komanso fanizo loyenera. Makanema amatha kukhala madoko akuthupi, VLAN SVI, komanso ngalande za VPN kapena GRE.
VPN kapena GRE nthawi zambiri amagwiritsidwa ntchito polumikiza ma network am'deralo pa intaneti. Ndipo madoko akuthupi - ngati pali kulumikizana kwa L2 pakati pamasamba, kapena polumikizana ndi MPLS/VPN odzipereka, ngati takhutitsidwa ndi kulumikizana popanda Kuphimba ndi kubisa. Chinthu chinanso chomwe madoko akuthupi amagwiritsidwa ntchito pagulu la SD-WAN ndikugwirizanitsa mwayi wofikira kwa ogwiritsa ntchito pa intaneti.
Pamalo athu pali ma firewall anayi ndi ma tunnel awiri a VPN omwe akugwira ntchito kudzera pa "ogwiritsa ntchito mauthenga" awiri. Chithunzichi chikuwoneka motere:
Misewu ya VPN imapangidwira mu mawonekedwe a mawonekedwe kuti ikhale yofanana ndi kugwirizana kwa mfundo ndi mfundo pakati pa zipangizo zomwe zili ndi maadiresi a IP pa P2P, zomwe zingatheke kuti zitsimikizire kuti kuyankhulana kudzera mumsewu wina kukugwira ntchito. Kuti magalimoto asungidwe ndikupita mbali ina, ndikokwanira kuti mulowe mumsewu. Njira ina ndikusankha magalimoto kuti asungidwe pogwiritsa ntchito mndandanda wa subnets, zomwe zimasokoneza kwambiri woyang'anira pamene kasinthidwe kamakhala kovuta. Mu netiweki yayikulu, mutha kugwiritsa ntchito ukadaulo wa ADVPN kupanga VPN; iyi ndi analogue ya DMVPN kuchokera ku Cisco kapena DVPN yaku Huawei, yomwe imalola kukhazikitsidwa kosavuta.
Kukonzekera kwa Site-to-Site VPN pazida ziwiri zokhala ndi njira ya BGP mbali zonse ziwiri
«ЦОД» (DC)
«Филиал» (BRN)
config system interface
edit "WAN1"
set vdom "Internet"
set ip 1.1.1.1 255.255.255.252
set allowaccess ping
set role wan
set interface "DC-BRD"
set vlanid 111
next
edit "WAN2"
set vdom "Internet"
set ip 3.3.3.1 255.255.255.252
set allowaccess ping
set role lan
set interface "DC-BRD"
set vlanid 112
next
edit "BRN-Ph1-1"
set vdom "Internet"
set ip 192.168.254.1 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.2 255.255.255.255
set interface "WAN1"
next
edit "BRN-Ph1-2"
set vdom "Internet"
set ip 192.168.254.3 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.4 255.255.255.255
set interface "WAN2"
next
end
config vpn ipsec phase1-interface
edit "BRN-Ph1-1"
set interface "WAN1"
set local-gw 1.1.1.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 2.2.2.1
set psksecret ***
next
edit "BRN-Ph1-2"
set interface "WAN2"
set local-gw 3.3.3.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 4.4.4.1
set psksecret ***
next
end
config vpn ipsec phase2-interface
edit "BRN-Ph2-1"
set phase1name "BRN-Ph1-1"
set proposal aes256-sha256
set dhgrp 2
next
edit "BRN-Ph2-2"
set phase1name "BRN-Ph1-2"
set proposal aes256-sha256
set dhgrp 2
next
end
config router static
edit 1
set gateway 1.1.1.2
set device "WAN1"
next
edit 3
set gateway 3.3.3.2
set device "WAN2"
next
end
config router bgp
set as 65002
set router-id 10.1.7.1
set ebgp-multipath enable
config neighbor
edit "192.168.254.2"
set remote-as 65003
next
edit "192.168.254.4"
set remote-as 65003
next
end
config network
edit 1
set prefix 10.1.0.0 255.255.0.0
next
end
config system interface
edit "WAN1"
set vdom "Internet"
set ip 2.2.2.1 255.255.255.252
set allowaccess ping
set role wan
set interface "BRN-BRD"
set vlanid 111
next
edit "WAN2"
set vdom "Internet"
set ip 4.4.4.1 255.255.255.252
set allowaccess ping
set role wan
set interface "BRN-BRD"
set vlanid 114
next
edit "DC-Ph1-1"
set vdom "Internet"
set ip 192.168.254.2 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.1 255.255.255.255
set interface "WAN1"
next
edit "DC-Ph1-2"
set vdom "Internet"
set ip 192.168.254.4 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.3 255.255.255.255
set interface "WAN2"
next
end
config vpn ipsec phase1-interface
edit "DC-Ph1-1"
set interface "WAN1"
set local-gw 2.2.2.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 1.1.1.1
set psksecret ***
next
edit "DC-Ph1-2"
set interface "WAN2"
set local-gw 4.4.4.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 3.3.3.1
set psksecret ***
next
end
config vpn ipsec phase2-interface
edit "DC-Ph2-1"
set phase1name "DC-Ph1-1"
set proposal aes128-sha1
set dhgrp 2
next
edit "DC2-Ph2-2"
set phase1name "DC-Ph1-2"
set proposal aes128-sha1
set dhgrp 2
next
end
config router static
edit 1
set gateway 2.2.2.2
et device "WAN1"
next
edit 3
set gateway 4.4.4.2
set device "WAN2"
next
end
config router bgp
set as 65003
set router-id 10.200.7.1
set ebgp-multipath enable
config neighbor
edit "192.168.254.1"
set remote-as 65002
next
edit "192.168.254.3"
set remote-as 65002
next
end
config network
edit 1
set prefix 10.200.0.0 255.255.0.0
next
end
Ndikupereka config mu mawonekedwe a malemba, chifukwa, m'malingaliro mwanga, ndizosavuta kukonza VPN motere. Pafupifupi makonda onse ndi ofanana mbali zonse ziwiri; m'mawu atha kupangidwa ngati kopi-paste. Ngati muchita zomwezo pa intaneti, ndizosavuta kulakwitsa - iwalani cholembera kwinakwake, lowetsani mtengo wolakwika.
Pambuyo powonjezera ma interfaces ku mtolo
Njira zonse ndi ndondomeko zachitetezo zitha kutanthauza, osati zolumikizira zomwe zikuphatikizidwamo. Osachepera, muyenera kulola kuchuluka kwa magalimoto kuchokera pamanetiweki amkati kupita ku SD-WAN. Mukawapangira malamulo, mutha kugwiritsa ntchito njira zodzitetezera monga IPS, antivayirasi ndi kuwulula kwa HTTPS.
Malamulo a SD-WAN amapangidwira mtolo. Awa ndi malamulo omwe amatanthawuza kusanja algorithm pamagalimoto enaake. Ndizofanana ndi njira zamachitidwe mu Policy-Based Routing, pokhapokha chifukwa cha kuchuluka kwa magalimoto pansi pa ndondomekoyi, si hop yotsatira kapena mawonekedwe omwe amatuluka nthawi zonse omwe amaikidwa, koma mawonekedwe omwe amawonjezeredwa pagulu la SD-WAN kuphatikiza. algorithm yoyezera magalimoto pakati pa zolumikizira izi.
Magalimoto amatha kupatulidwa kuchokera kumayendedwe ambiri ndi chidziwitso cha L3-L4, ndi mapulogalamu odziwika, mautumiki apa intaneti (URL ndi IP), komanso ogwiritsa ntchito odziwika a malo ogwirira ntchito ndi ma laputopu. Pambuyo pake, imodzi mwama algorithms otsatirawa atha kuperekedwa kwa magalimoto omwe aperekedwa:
Pamndandanda wa Interface Preference, mawonekedwe awo kuchokera kwa omwe adawonjezedwa kale pamtolo omwe azithandizira mtundu wamtunduwu amasankhidwa. Powonjezera osati mawonekedwe onse, mutha kuchepetsa ndendende njira zomwe mumagwiritsa ntchito, titi, imelo, ngati simukufuna kulemetsa mayendedwe okwera mtengo ndi SLA yayikulu nayo. Mu FortiOS 6.4.1, zinakhala zotheka kugwirizanitsa magulu ophatikizidwa ku mtolo wa SD-WAN m'magulu, kupanga, mwachitsanzo, chigawo chimodzi cholankhulirana ndi malo akutali, ndi china chofikira pa intaneti pogwiritsa ntchito NAT. Inde, inde, kuchuluka kwa magalimoto omwe amapita pa intaneti nthawi zonse kungakhalenso koyenera.
Za kusanja ma aligorivimu
Ponena za momwe Fortigate (chozimitsa moto kuchokera ku Fortinet) ingagawanitse magalimoto pakati pa ma tchanelo, pali zosankha ziwiri zosangalatsa zomwe sizodziwika kwambiri pamsika:
Mtengo Wotsikitsitsa (SLA) - kuchokera pamawonekedwe onse omwe amakhutiritsa SLA panthawiyi, yomwe ili ndi kulemera kochepa (mtengo), yomwe imayikidwa pamanja ndi woyang'anira, imasankhidwa; mawonekedwe awa ndi oyenera "zochuluka" magalimoto monga zosunga zobwezeretsera ndi kusamutsa wapamwamba.
Zabwino Kwambiri (SLA) - algorithm iyi, kuphatikiza kuchedwa kwanthawi zonse, jitter ndi kutayika kwa mapaketi a Fortigate, atha kugwiritsanso ntchito mayendedwe aposachedwa kuti awone mtundu wamayendedwe; Njirayi ndi yoyenera kwa anthu omwe ali ndi vuto lalikulu monga VoIP ndi misonkhano yamavidiyo.
Ma algorithms awa amafunikira kukhazikitsa mita yolumikizira njira yolumikizirana - Performance SLA. Mamita awa nthawi ndi nthawi (onani nthawi) amayang'anira zambiri zokhudzana ndi kutsatira SLA: kutayika kwa paketi, latency ndi jitter munjira yolumikizirana, ndipo amatha "kukana" njira zomwe sizikukwaniritsa zoyambira zabwino - akutaya mapaketi ochulukirapo kapena akukumana nawo. kuchedwa kwambiri. Kuphatikiza apo, mita imayang'anira momwe mayendedwe ake alili, ndipo amatha kuyichotsa kwakanthawi pamtolo ngati kutayika kwa mayankho mobwerezabwereza (kulephera kusanachitike). Ikabwezeretsedwa, pambuyo pa mayankho angapo motsatizana (kubwezeretsanso ulalo pambuyo), mita imangobweza njirayo pamtolo, ndipo deta idzayambanso kufalikiranso.
Izi ndi zomwe makonda a "mita" amawonekera:
Mu mawonekedwe a intaneti, pempho la ICMP-Echo, HTTP-GET ndi DNS pempho likupezeka ngati ma protocol. Pali zosankha zingapo pamzere wamalamulo: TCP-echo ndi UDP-echo zosankha zilipo, komanso njira yapadera yoyezera khalidwe - TWAMP.
Zotsatira zoyezera zitha kuwonekanso pa intaneti:
Ndipo pamzere wolamula:
Kusaka zolakwika
Ngati mudapanga lamulo, koma zonse sizikugwira ntchito monga momwe mukuyembekezera, muyenera kuyang'ana mtengo wa Hit Count pamndandanda wa Malamulo a SD-WAN. Iwonetsa ngati magalimoto akugwera mulamulo ili konse:
Patsamba la zoikamo la mita yokha, mutha kuwona kusintha kwa magawo amayendedwe pakapita nthawi. Mzere wamadontho ukuwonetsa mtengo wagawo
Mu mawonekedwe a intaneti mutha kuwona momwe kuchuluka kwa magalimoto kumagawidwira ndi kuchuluka kwa data yomwe imatumizidwa / kulandilidwa komanso kuchuluka kwa magawo:
Kuphatikiza pa zonsezi, pali mwayi wabwino kwambiri wotsata ndime ya mapaketi ndi tsatanetsatane wambiri. Mukamagwira ntchito pa netiweki yeniyeni, kasinthidwe kachipangizo kamakhala ndi mfundo zambiri zamanjira, kuwotcha moto, komanso kugawa magalimoto pamadoko a SD-WAN. Zonsezi zimagwirizanitsa wina ndi mzake m'njira yovuta, ndipo ngakhale wogulitsa amapereka tsatanetsatane wa chipika zojambula za paketi processing algorithms, ndikofunika kwambiri kuti tisamange ndi kuyesa malingaliro, koma kuti muwone kumene magalimoto amapita.
Mwachitsanzo, malamulo otsatirawa
diagnose debug flow filter saddr 10.200.64.15
diagnose debug flow filter daddr 10.1.7.2
diagnose debug flow show function-name
diagnose debug enable
diagnose debug trace 2
Imakulolani kuti muzitsatira mapaketi awiri okhala ndi adilesi yochokera 10.200.64.15 ndi adilesi yopita 10.1.7.2.
Ife ping 10.7.1.2 kuchokera 10.200.64.15 kawiri ndi kuyang'ana pa linanena bungwe pa kutonthoza.
Phukusi loyamba:
Phukusi lachiwiri:
Nayi paketi yoyamba yolandilidwa ndi firewall:
id=20085 trace_id=475 func=print_pkt_detail line=5605 msg="vd-Internet:0 received a packet(proto=1, 10.200.64.15:42->10.1.7.2:2048) from DMZ-Office. type=8, code=0, id=42, seq=0."
VDOM – Internet, Proto=1 (ICMP), DMZ-Office – название L3-интерфейса. Type=8 – Echo.
Gawo latsopano lamupangira iye:
msg="allocate a new session-0006a627"
Ndipo machesi adapezeka muzokonda zamakawunitsidwe
msg="Match policy routing id=2136539137: to 10.1.7.2 via ifindex-110"
Zikuoneka kuti paketiyo iyenera kutumizidwa ku imodzi mwamakina a VPN:
"find a route: flag=04000000 gw-192.168.254.1 via DC-Ph1-1"
Lamulo lololeza lotsatira limapezeka muzozimitsa moto:
msg="Allowed by Policy-3:"
Phukusili limabisidwa ndikutumizidwa ku ngalande ya VPN:
func=ipsecdev_hard_start_xmit line=789 msg="enter IPsec interface-DC-Ph1-1"
func=_ipsecdev_hard_start_xmit line=666 msg="IPsec tunnel-DC-Ph1-1"
func=esp_output4 line=905 msg="IPsec encrypt/auth"
Paketi yobisidwa imatumizidwa ku adilesi yolowera pachipata cha mawonekedwe awa a WAN:
msg="send to 2.2.2.2 via intf-WAN1"
Pa paketi yachiwiri, zonse zimachitika mofanana, koma zimatumizidwa ku ngalande ina ya VPN ndikudutsa pa doko lina la firewall:
func=ipsecdev_hard_start_xmit line=789 msg="enter IPsec interface-DC-Ph1-2"
func=_ipsecdev_hard_start_xmit line=666 msg="IPsec tunnel-DC-Ph1-2"
func=esp_output4 line=905 msg="IPsec encrypt/auth"
func=ipsec_output_finish line=622 msg="send to 4.4.4.2 via intf-WAN2"
Ubwino wa yankho
Magwiridwe odalirika komanso mawonekedwe osavuta kugwiritsa ntchito. Zomwe zidalipo ku FortiOS SD-WAN isanabwere idasungidwa kwathunthu. Ndiko kuti, tilibe mapulogalamu opangidwa kumene, koma dongosolo lokhwima kuchokera kwa ogulitsa ovomerezeka a firewall. Ndi machitidwe achikhalidwe chamaneti, mawonekedwe osavuta komanso osavuta kuphunzira pa intaneti. Ndi mavenda angati a SD-WAN omwe ali, titi, Remote-Access VPN magwiridwe antchito pazida zomaliza?
Mulingo wachitetezo 80. FortiGate ndi imodzi mwamayankho apamwamba kwambiri a firewall. Pali zinthu zambiri pa intaneti pakukhazikitsa ndi kuyang'anira zozimitsa moto, ndipo pamsika wantchito pali akatswiri ambiri achitetezo omwe adziwa kale mayankho a ogulitsa.
Mtengo wa Zero wa magwiridwe antchito a SD-WAN. Kupanga netiweki ya SD-WAN pa FortiGate kumawononga ndalama zofananira ndikumanga netiweki ya WAN nthawi zonse, popeza palibe zilolezo zowonjezera zomwe zimafunikira kuti mugwiritse ntchito SD-WAN.
Mtengo wotsika wotchinga. Fortigate ili ndi mawonekedwe abwino a zida zamagawo osiyanasiyana amachitidwe. Zitsanzo zazing'ono komanso zotsika mtengo ndizoyenera kukulitsa ofesi kapena malo ogulitsa, tinene, antchito 3-5. Ogulitsa ambiri alibe zitsanzo zotsika mtengo komanso zotsika mtengo.
Kuchita kwakukulu. Kuchepetsa magwiridwe antchito a SD-WAN pakuwongolera magalimoto kunalola kampaniyo kutulutsa SD-WAN ASIC yapadera, chifukwa chake ntchito ya SD-WAN sikuchepetsa magwiridwe antchito a firewall yonse.
Kutha kukhazikitsa ofesi yonse pazida za Fortinet. Awa ndi ma firewall, ma switch, malo olowera pa Wi-Fi. Ofesi yotereyi ndiyosavuta komanso yosavuta kuyang'anira - ma switch ndi malo olowera amalembetsedwa paziwopsezo zamoto ndikuwongolera kuchokera kwa iwo. Mwachitsanzo, izi ndi momwe ma switch port angawonekere kuchokera pa mawonekedwe a firewall omwe amawongolera switch iyi:
Kupanda owongolera ngati mfundo imodzi yolephera. Wogulitsa mwiniwakeyo akuyang'ana pa izi, koma izi zikhoza kutchedwa phindu mwa gawo, chifukwa kwa ogulitsa omwe ali ndi olamulira, kuonetsetsa kuti kulekerera kwawo kulibe ndalama zotsika mtengo, nthawi zambiri pamtengo wochepa wazinthu zamakompyuta mu chilengedwe cha virtualization.
Zomwe muyenera kuyang'ana
Palibe kusiyana pakati pa Control Plane ndi Data Plane. Izi zikutanthauza kuti maukonde amayenera kukonzedwa pamanja kapena kugwiritsa ntchito zida zowongolera zomwe zilipo kale - FortiManager. Kwa ogulitsa omwe akhazikitsa kulekanitsa uku, maukonde amadzisonkhanitsa okha. Woyang'anira angofunika kusintha mawonekedwe ake, kuletsa china chake kwinakwake, palibenso china. Komabe, lipenga la FortiManager ndiloti limatha kuyendetsa osati zozimitsa moto zokha, komanso ma switch ndi ma Wi-Fi, ndiko kuti, pafupifupi maukonde onse.
Kuwonjezeka kovomerezeka pakuwongolera. Chifukwa chakuti zida zachikhalidwe zimagwiritsidwa ntchito kuti zisinthe kasinthidwe ka netiweki, kuwongolera kwa netiweki ndikuyambitsa SD-WAN kumawonjezeka pang'ono. Kumbali inayi, magwiridwe antchito atsopano amapezeka mwachangu, popeza wogulitsa amangotulutsa kokha pulogalamu yachitetezo chamoto (yomwe imapangitsa kuti ikhale yotheka kuigwiritsa ntchito), kenako ndikuwonjezera dongosolo loyang'anira ndi zolumikizira zofunika.
Zochita zina zitha kupezeka kuchokera pamzere wolamula, koma sizipezeka pa intaneti. Nthawi zina sizowopsya kwambiri kulowa mu mzere wolamula kuti mukonze chinachake, koma ndizowopsya kuti musawone pa intaneti kuti wina wakonza kale chinachake kuchokera pamzere wolamula. Koma izi nthawi zambiri zimagwira ntchito kuzinthu zatsopano kwambiri ndipo pang'onopang'ono, ndi zosintha za FortiOS, kuthekera kwa mawonekedwe a intaneti kumatheka.
Amene angagwirizane
Kwa iwo amene alibe nthambi zambiri. Kukhazikitsa yankho la SD-WAN lokhala ndi zigawo zovuta zapakati pa netiweki ya nthambi za 8-10 sikungawononge kandulo - mudzayenera kugwiritsa ntchito ndalama pazilolezo za zida za SD-WAN ndi zida zadongosolo la virtualization kuti mulandire zigawo zapakati. Kampani yaying'ono nthawi zambiri imakhala ndi zida zaulere zamakompyuta. Pankhani ya Fortinet, ndikwanira kungogula zozimitsa moto.
Kwa omwe ali ndi nthambi zazing'ono zambiri. Kwa ogulitsa ambiri, mtengo wocheperako panthambi iliyonse ndiwokwera kwambiri ndipo sungakhale wosangalatsa pakuwona bizinesi ya kasitomala womaliza. Fortinet imapereka zida zazing'ono pamitengo yokongola kwambiri.
Kwa iwo omwe sanakonzekere kupita patali kwambiri. Kukhazikitsa SD-WAN ndi owongolera, njira zogulira eni ake, ndi njira yatsopano yokonzekera ndi kuyang'anira maukonde zitha kukhala sitepe lalikulu kwambiri kwa makasitomala ena. Inde, kukhazikitsa koteroko kudzakuthandizani kukhathamiritsa kugwiritsa ntchito njira zoyankhulirana komanso ntchito ya oyang'anira, koma choyamba muyenera kuphunzira zinthu zambiri zatsopano. Kwa iwo omwe sanakonzekere kusintha kwa paradigm, koma akufuna kufinya zambiri kuchokera kumayendedwe awo olankhulirana, yankho lochokera ku Fortinet ndiloyenera.
Source: www.habr.com