Faʻamasinoina i le numera o fesili na amata ona oʻo mai ia i matou e ala i le SD-WAN, o le tekonolosi ua amata ona aʻa lelei i Rusia. O tagata faʻatau, e masani lava, e le o momoe ma ofoina atu a latou manatu, ma o nisi o paionia totoa ua uma ona faʻaaogaina i luga oa latou upega tafailagi.
Matou te galulue faʻatasi ma toetoe lava o tagata faʻatau uma, ma i le tele o tausaga i totonu o la matou fale suʻesuʻe na mafai ai ona ou suʻesuʻe i le fausaga o soʻo se atinaʻe tetele o fofo faʻamalamalamaina polokalama. SD-WAN mai Fortinet o loʻo tu teisi ese iinei, lea na na o le fausiaina o le faʻaogaina o le faʻapaleniina o feoaiga i le va o fesoʻotaʻiga i totonu o le firewall software. O le fofo e fai si faatemokalasi, o lea e masani ona mafaufauina e kamupani e leʻi sauni mo suiga o le lalolagi, ae manaʻo e faʻaoga lelei a latou fesoʻotaʻiga.
I lenei tusiga ou te manaʻo e taʻu atu ia te oe pe faʻafefea ona faʻapipiʻi ma galue ma SD-WAN mai Fortinet, o ai lenei fofo e talafeagai ma o a mailei e te ono feagai ai iinei.
O tagata taʻutaʻua taʻutaʻua i le maketi SD-WAN e mafai ona faʻavasegaina i se tasi o ituaiga e lua:
1. Startups na fatuina SD-WAN fofo mai le sasa. O le sili ona manuia o nei mea e maua ai se malosi tele mo le atinaʻe pe a uma ona faʻatau e kamupani tetele - o le tala lea ia Cisco / Viptela, VMWare / VeloCloud, Nuage / Nokia.
2. Tele faʻatau fesoʻotaʻiga na latou faia ni fofo SD-WAN, atinaʻeina o le polokalame ma le faʻaogaina o latou ala masani - o le tala lea ia Juniper, Huawei
Na mafai e Fortinet ona maua lona ala. O le firewall software na fausia i totonu o galuega e mafai ai ona tuʻufaʻatasia a latou fesoʻotaʻiga i auala faʻapitoa ma faapaleni le uta i le va oi latou e faʻaaoga ai algorithms lavelave pe a faʻatusatusa i auala masani. O lenei galuega sa taʻua SD-WAN. E mafai ona taʻua le Fortinet SD-WAN? O le maketi o loʻo faasolosolo malie ona malamalama o le Software-Defined o lona uiga o le vavaeeseina o le Vaalele Pulea mai le Vaalele Faʻamatalaga, faʻatonu faʻatonu, ma le au faʻaupu. Fortinet e leai se mea faapena. O le pulega fa'apitoa e filifili ma ofo mai e ala i le meafaigaluega masani a Fortimanager. Ae i loʻu manatu, e le tatau ona e suʻeina se mea moni ma faʻaumatia taimi e finau ai e uiga i faaupuga. I le lalolagi moni, o auala taʻitasi e iai ona lelei ma faʻaletonu. O le auala sili e alu ese ai o le malamalama ia i latou ma mafai ona filifili fofo e fetaui ma galuega.
O le a ou taumafai e taʻu atu ia te oe ma faʻamalama i lou lima pe o le a le SD-WAN mai Fortinet foliga ma mea e mafai ona fai.
E fa'afefea ona galue mea uma
Se'i fa'apea e lua au lala e feso'ota'i e ala fa'amatalaga se lua. O nei feso'ota'iga fa'amaumauga e tu'ufa'atasia i se vaega, e tutusa ma le fa'aogaina masani o feso'ota'iga Ethernet i totonu o le LACP-Port-Channel. O le a manatua e tagata tuai le PPP Multilink - ose fa'atusa talafeagai. Auala e mafai ona avea ma ports faaletino, VLAN SVI, faʻapea foʻi ma VPN poʻo GRE tunnels.
VPN poʻo GRE e masani ona faʻaogaina pe a faʻafesoʻotaʻi lala lala i luga ole Initaneti. Ma ports faaletino - pe afai o loʻo i ai fesoʻotaʻiga L2 i le va o nofoaga, poʻo pe a faʻafesoʻotaʻi i luga o se MPLS/VPN tuuto, pe a faʻamalieina i tatou i le fesoʻotaʻiga e aunoa ma le Overlay ma le faʻailoga. O le isi fa'aaliga o lo'o fa'aogaina ai ports fa'aletino i se vaega SD-WAN o lo'o fa'apaleni le avanoa fa'apitonu'u o tagata fa'aoga ile Initaneti.
I le matou tulaga e fa puipui afi ma lua VPN tunnels o loʻo faʻaogaina e ala i "tele fesoʻotaʻiga" e lua. O le ata e pei o lenei:
VPN tunnels o loʻo faʻapipiʻiina i le faʻaogaina o fesoʻotaʻiga ina ia tutusa ma fesoʻotaʻiga i le va o masini ma tuatusi IP i luga o fesoʻotaʻiga P2P, lea e mafai ona pinged e faʻamautinoa ai o loʻo galue le fesoʻotaʻiga e ala i se tunnel faapitoa. Ina ia mafai ona faʻailogaina le taʻavale ma alu i le isi itu, ua lava le faʻauluina i totonu o le alavai. O le isi filifiliga o le filifilia lea o fefaʻatauaiga mo faʻamatalaga e faʻaaoga ai lisi o subnets, lea e matua fenumiai ai le pule aʻo faʻalavelave faʻalavelave. I totonu o se fesoʻotaʻiga tele, e mafai ona e faʻaogaina le tekonolosi ADVPN e fausia ai se VPN; o se faʻataʻitaʻiga lea o le DMVPN mai Cisco poʻo le DVPN mai Huawei, lea e mafai ai ona faigofie le seti.
Site-to-Site VPN config mo masini e lua ma BGP auala i itu uma e lua
«ЦОД» (DC)
«Филиал» (BRN)
config system interface
edit "WAN1"
set vdom "Internet"
set ip 1.1.1.1 255.255.255.252
set allowaccess ping
set role wan
set interface "DC-BRD"
set vlanid 111
next
edit "WAN2"
set vdom "Internet"
set ip 3.3.3.1 255.255.255.252
set allowaccess ping
set role lan
set interface "DC-BRD"
set vlanid 112
next
edit "BRN-Ph1-1"
set vdom "Internet"
set ip 192.168.254.1 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.2 255.255.255.255
set interface "WAN1"
next
edit "BRN-Ph1-2"
set vdom "Internet"
set ip 192.168.254.3 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.4 255.255.255.255
set interface "WAN2"
next
end
config vpn ipsec phase1-interface
edit "BRN-Ph1-1"
set interface "WAN1"
set local-gw 1.1.1.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 2.2.2.1
set psksecret ***
next
edit "BRN-Ph1-2"
set interface "WAN2"
set local-gw 3.3.3.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 4.4.4.1
set psksecret ***
next
end
config vpn ipsec phase2-interface
edit "BRN-Ph2-1"
set phase1name "BRN-Ph1-1"
set proposal aes256-sha256
set dhgrp 2
next
edit "BRN-Ph2-2"
set phase1name "BRN-Ph1-2"
set proposal aes256-sha256
set dhgrp 2
next
end
config router static
edit 1
set gateway 1.1.1.2
set device "WAN1"
next
edit 3
set gateway 3.3.3.2
set device "WAN2"
next
end
config router bgp
set as 65002
set router-id 10.1.7.1
set ebgp-multipath enable
config neighbor
edit "192.168.254.2"
set remote-as 65003
next
edit "192.168.254.4"
set remote-as 65003
next
end
config network
edit 1
set prefix 10.1.0.0 255.255.0.0
next
end
config system interface
edit "WAN1"
set vdom "Internet"
set ip 2.2.2.1 255.255.255.252
set allowaccess ping
set role wan
set interface "BRN-BRD"
set vlanid 111
next
edit "WAN2"
set vdom "Internet"
set ip 4.4.4.1 255.255.255.252
set allowaccess ping
set role wan
set interface "BRN-BRD"
set vlanid 114
next
edit "DC-Ph1-1"
set vdom "Internet"
set ip 192.168.254.2 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.1 255.255.255.255
set interface "WAN1"
next
edit "DC-Ph1-2"
set vdom "Internet"
set ip 192.168.254.4 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.3 255.255.255.255
set interface "WAN2"
next
end
config vpn ipsec phase1-interface
edit "DC-Ph1-1"
set interface "WAN1"
set local-gw 2.2.2.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 1.1.1.1
set psksecret ***
next
edit "DC-Ph1-2"
set interface "WAN2"
set local-gw 4.4.4.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 3.3.3.1
set psksecret ***
next
end
config vpn ipsec phase2-interface
edit "DC-Ph2-1"
set phase1name "DC-Ph1-1"
set proposal aes128-sha1
set dhgrp 2
next
edit "DC2-Ph2-2"
set phase1name "DC-Ph1-2"
set proposal aes128-sha1
set dhgrp 2
next
end
config router static
edit 1
set gateway 2.2.2.2
et device "WAN1"
next
edit 3
set gateway 4.4.4.2
set device "WAN2"
next
end
config router bgp
set as 65003
set router-id 10.200.7.1
set ebgp-multipath enable
config neighbor
edit "192.168.254.1"
set remote-as 65002
next
edit "192.168.254.3"
set remote-as 65002
next
end
config network
edit 1
set prefix 10.200.0.0 255.255.0.0
next
end
O loʻo ou tuʻuina atu le faʻasologa i tusitusiga, aua, i loʻu manatu, e sili atu ona faigofie le faʻatulagaina o le VPN i lenei auala. Toeitiiti lava o tulaga uma e tutusa i itu uma e lua; i tusitusiga e mafai ona faia o se kopi-faʻapipiʻi. Afai e te faia le mea lava e tasi i luga o le upega tafaʻilagi, e faigofie ona fai se mea sese - galo se siaki i se mea, faʻaoga sese le tau.
A maeʻa ona matou faʻaopoopoina fesoʻotaʻiga i le fusi
o auala uma ma faiga faʻavae saogalemu e mafai ona faasino i ai, ae le o fesoʻotaʻiga o loʻo aofia ai. I se tulaga maualalo, e tatau ona e faʻatagaina fefaʻatauaiga mai fesoʻotaʻiga i totonu ile SD-WAN. A e faia tulafono mo i latou, e mafai ona e faʻaogaina faiga puipuia e pei ole IPS, antivirus ma HTTPS faʻaalia.
SD-WAN Tulafono ua fa'atulagaina mo le fusi. O tulafono ia e faʻamalamalamaina le paleni algorithm mo fefaʻatauaiga patino. E tutusa i latou ma faiga faʻavae i totonu o Faiga Faʻavae Faʻavae, naʻo le iʻuga o fefaʻatauaiga o loʻo paʻu i lalo o le faiga faʻavae, e leʻo le isi-hop poʻo le faʻaoga masani i fafo e faʻapipiʻiina, ae o fesoʻotaʻiga faʻaopoopo i le SD-WAN bundle faʻaopoopo. se algorithm faapaleni taavale i le va o nei fesoʻotaʻiga.
E mafai ona vavaeeseina le taʻavale mai le faʻasalalauga lautele e ala i le L3-L4 faʻamatalaga, e ala i talosaga faʻamaonia, auaunaga Initaneti (URL ma IP), faʻapea foʻi ma tagata faʻaogaina o fale faigaluega ma komepiuta feaveaʻi. A maeʻa lenei mea, e mafai ona tuʻuina atu se tasi o faʻataʻitaʻiga paleni o loʻo i lalo i le fefaʻatauaʻiga tuʻufaʻatasia:
I le lisi o Fa'amatalaga Fa'apitoa, o feso'ota'iga mai i latou ua uma ona fa'aopoopo i le fusi lea o le a fa'aogaina ai lenei ituaiga fefa'ataua'iga ua filifilia. E ala i le faʻaopoopoina e le o fesoʻotaʻiga uma, e mafai ona e faʻatapulaʻaina poʻo fea auala e te faʻaogaina, fai mai, imeli, pe afai e te le manaʻo e faʻamafaina auala taugata ma se SLA maualuga. I le FortiOS 6.4.1, na mafai ai ona faʻapipiʻi fesoʻotaʻiga faʻaopoopo i le SD-WAN fusi i totonu o sone, faia, mo se faʻataʻitaʻiga, tasi sone mo fesoʻotaʻiga ma nofoaga mamao, ma le isi mo le Initaneti i le lotoifale e faʻaaoga ai le NAT. Ioe, ioe, o feoaiga e alu i luga ole Initaneti masani e mafai foi ona paleni.
E uiga i le paleni algorithms
E tusa ai ma le auala e mafai ai e le Fortigate (se firewall mai Fortinet) ona vaeluaina fefaʻatauaiga i le va o auala, e lua filifiliga manaia e le masani ai i luga o le maketi:
Tau aupito maualalo (SLA) - mai fesoʻotaʻiga uma e faʻamalieina le SLA i le taimi nei, o le tasi e maualalo le mamafa (tau), faʻatulagaina ma le lima e le pule, ua filifilia; e talafeagai lenei faiga mo "tele" feoaiga e pei o faaleoleo ma faila fesiitaiga.
Tulaga Sili (SLA) - o lenei algorithm, i le faaopoopo atu i le tuai masani, jitter ma le leiloa o Fortigate packets, e mafai foi ona faʻaogaina le alalaupapa o loʻo iai nei e iloilo ai le lelei o auala; E talafeagai lenei faiga mo feoaiga ma'ale'ale e pei ole VoIP ma fa'asalalauga vitiō.
O nei algorithms e manaʻomia le faʻatulagaina o se mita faʻatinoga o fesoʻotaʻiga - Performance SLA. Ole mita lea i lea taimi ma lea taimi (siaki vaeluaga) e mataituina faʻamatalaga e uiga i le tausisia o le SLA: paʻu gau, latency ma jitter i le ala fesoʻotaʻiga, ma e mafai ona "teena" na auala e le o ausia i le taimi nei tulaga lelei - ua leiloloa le tele o pepa poʻo le oʻo foi tele le taofiofia. E le gata i lea, o le mita e mataʻituina le tulaga o le alalaupapa, ma e mafai ona aveese mo sina taimi mai le fusi pe a faʻafuaseʻi ona leiloa tali (faʻaletonu aʻo leʻi toaga). A toe fa'afo'i, pe a mae'a ni tali fa'asolosolo (toe fa'afo'i so'otaga pe a uma), o le a otometi lava ona toe fa'afo'i atu e le mita le alavai i le fusi, ma o le a amata ona toe fa'asalalau atu fa'amaumauga.
E fa'apea le fa'atulagaina o le "mita":
I totonu o le upega tafaʻilagi, ICMP-Echo-request, HTTP-GET ma DNS talosaga o loʻo avanoa e fai ma faʻataʻitaʻiga suʻega. O loʻo i ai ni nai filifiliga i luga o le laina faʻatonu: TCP-echo ma UDP-echo filifiliga o loʻo avanoa, faʻapea foʻi ma se faʻataʻitaʻiga faʻapitoa o fuataga - TWAMP.
E mafai fo'i ona va'aia fa'ai'uga o le fuaina i luga ole laiga i luga ole laiga:
Ma i luga o le laina o le poloaiga:
Fa'afitauli
Afai na e faia se tulafono, ae e le aoga mea uma e pei ona faʻamoemoeina, e tatau ona e vaʻavaʻai i le tau Hit Count i le lisi o Tulafono SD-WAN. O le a faʻaalia ai pe pa'ū le taʻavale i lenei tulafono:
I luga o le itulau fa'atulagaina o le mita lava ia, e mafai ona e va'aia le suiga o laina laina i le taimi. O le laina togitogi e fa'aalia ai le tau o le fa'ailoga
I luga o le upega tafaʻilagi e mafai ona e vaʻavaʻai pe faʻafefea ona tufatufaina atu fefaʻatauaiga i le aofaʻi o faʻamatalaga tuʻuina atu / mauaina ma le numera o vasega:
I le faaopoopo atu i nei mea uma, o loʻo i ai se avanoa sili ona lelei e siaki ai le faʻaogaina o afifi ma faʻamatalaga sili. Pe a galue i se fesoʻotaʻiga moni, o le faʻaogaina o masini e faʻaputuina le tele o faiga faʻavae, faʻamalama afi, ma fefaʻatauaʻiga o fefaʻatauaiga i luga o ports SD-WAN. O nei mea uma e fegalegaleai ma le tasi i le isi i se auala faigata, ma e ui lava o loʻo tuʻuina atu e le tagata faʻatau faʻataʻitaʻiga poloka faʻataʻitaʻiga o faʻasologa o pusa algorithms, e taua tele le le mafai ona fausia ma faʻataʻitaʻiina aʻoaʻoga, ae ia vaʻai poʻo fea e alu i ai le auala moni.
Mo se faataitaiga, o le seti o poloaiga
diagnose debug flow filter saddr 10.200.64.15
diagnose debug flow filter daddr 10.1.7.2
diagnose debug flow show function-name
diagnose debug enable
diagnose debug trace 2
Fa'ataga oe e su'e ni afifi se lua ma se tuatusi fa'apogai o le 10.200.64.15 ma se tuatusi o le 10.1.7.2.
Matou te ping 10.7.1.2 mai le 10.200.64.15 faalua ma vaʻai i le gaioiga i luga o le faʻamafanafanaga.
Muamua afifi:
afifi lona lua:
O le pepa muamua lea na maua e le firewall:
id=20085 trace_id=475 func=print_pkt_detail line=5605 msg="vd-Internet:0 received a packet(proto=1, 10.200.64.15:42->10.1.7.2:2048) from DMZ-Office. type=8, code=0, id=42, seq=0."
VDOM – Internet, Proto=1 (ICMP), DMZ-Office – название L3-интерфейса. Type=8 – Echo.
Ua faia se sauniga fou mo ia:
msg="allocate a new session-0006a627"
Ma sa maua se fetaui i le faiga o faiga faavae o auala
msg="Match policy routing id=2136539137: to 10.1.7.2 via ifindex-110"
E aliali mai e manaʻomia le lafo i se tasi o alalaupapa VPN:
"find a route: flag=04000000 gw-192.168.254.1 via DC-Ph1-1"
Ole tulafono fa'ataga nei o lo'o maua ile faiga fa'avae firewall:
msg="Allowed by Policy-3:"
O lo'o fa'ailoga le afifi ma lafo i le alalaupapa VPN:
func=ipsecdev_hard_start_xmit line=789 msg="enter IPsec interface-DC-Ph1-1"
func=_ipsecdev_hard_start_xmit line=666 msg="IPsec tunnel-DC-Ph1-1"
func=esp_output4 line=905 msg="IPsec encrypt/auth"
O le fa'ailoga fa'ailoga e lafo i le tuatusi faitoto'a mo lenei fa'aoga WAN:
msg="send to 2.2.2.2 via intf-WAN1"
Mo le pepa lona lua, e tupu tutusa mea uma, ae e lafoina i se isi alalaupapa VPN ma alu atu i se isi pusa afi:
func=ipsecdev_hard_start_xmit line=789 msg="enter IPsec interface-DC-Ph1-2"
func=_ipsecdev_hard_start_xmit line=666 msg="IPsec tunnel-DC-Ph1-2"
func=esp_output4 line=905 msg="IPsec encrypt/auth"
func=ipsec_output_finish line=622 msg="send to 4.4.4.2 via intf-WAN2"
Tulaga lelei o le fofo
Fa'amoemoega fa'atino ma fa'aoga fa'aoga. O le seti seti na maua i FortiOS aʻo leʻi oʻo mai le SD-WAN ua faʻasaoina atoatoa. O lona uiga, e leai ni a matou polokalama fa'ato'a atia'e, ae o se faiga matua mai se fa'atau fale puipui fa'amaonia. Faatasi ai ma se seti masani o galuega tau fesoʻotaʻiga, o se faʻaoga faigofie ma faigofie ona aʻoaʻoina. E to'afia tagata fa'atau SD-WAN, fai mai, Remote-Access VPN galuega i luga o masini pito?
Tulaga saogalemu 80. FortiGate o se tasi o fofo pito i luga firewall. O loʻo i ai le tele o mea i luga o le Initaneti i luga o le faʻatulagaina ma le faʻatautaia o pa puipui, ma i luga o le maketi o galuega o loʻo i ai le tele o tagata tomai faapitoa i le puipuiga ua uma ona faʻatautaia fofo a le tagata faʻatau.
Ole tau mo galuega SD-WAN. O le fausiaina o se SD-WAN network i luga o FortiGate tau tutusa ma le fausiaina o se fesoʻotaʻiga WAN masani i luga, talu ai e leai ni laisene faaopoopo e manaʻomia e faʻatino ai galuega SD-WAN.
Tau pa puipui maualalo. O le Fortigate e lelei le fa'avasegaina o masini mo tulaga eseese o fa'atinoga. O faʻataʻitaʻiga laiti ma sili ona taugofie e fetaui lelei mo le faʻalauteleina o se ofisa poʻo se nofoaga faʻatau e, fai mai, 3-5 tagata faigaluega. O le tele o tagata fa'atau oloa e leai ni fa'ata'ita'iga fa'atauva'a ma taugofie.
Fa'atinoga maualuga. O le faʻaitiitia o le SD-WAN faʻatinoga i le paleni o fefaʻatauaiga na mafai ai e le kamupani ona tuʻuina atu se SD-WAN ASIC faʻapitoa, faʻafetai i le faʻaogaina o le SD-WAN e le faʻaitiitia ai le faʻatinoga o le firewall atoa.
Le mafai ona faʻatinoina se ofisa atoa i luga o meafaigaluega Fortinet. O se paipa ia o pa puipui, ki, Wi-Fi avanoa avanoa. O sea ofisa e faigofie ma faigofie ona pulea - sui ma avanoa avanoa e resitalaina i luga o pa puipui ma pulea mai ia i latou. Mo se faʻataʻitaʻiga, o le mea lea e foliga mai e foliga mai o se uafu ki mai le atigipusa afi e pulea lenei ki:
Le lava o fa'atonu e avea o se mea e tasi o le toilalo. O le tagata faʻatau lava ia e taulaʻi i lenei mea, ae e mafai ona taʻua o se faʻamanuiaga i se vaega, aua mo na tagata faʻatau o loʻo i ai pule, faʻamautinoaina o latou sese o le faapalepale e taugofie, e masani lava i le tau o se vaega itiiti o punaoa faakomepiuta i se siosiomaga virtualization.
Le mea e vaʻai i ai
Leai se vaeluaga i le va o le Vaalele Pule ma le Vaalele Fa'amatalaga. O lona uiga o le fesoʻotaʻiga e tatau ona faʻapipiʻiina i le lima poʻo le faʻaaogaina o meafaigaluega faʻale-aganuʻu ua uma ona maua - FortiManager. Mo tagata faʻatau na faʻatinoina sea vavaeesega, o le fesoʻotaʻiga ua faʻapipiʻiina lava. E na'o le pule e mana'omia le fetu'una'i o lona topology, fa'asa se mea i se mea, leai se isi mea. Ae ui i lea, o le pu card a FortiManager e mafai ona pulea e le gata o firewalls, ae faʻapea foʻi suiga ma Wi-Fi avanoa avanoa, o lona uiga, toetoe lava o le fesoʻotaʻiga atoa.
Fa'atupula'ia fa'aopoopo i le fa'atonutonuina. Ona o le mea moni e faʻaaogaina meafaigaluega faʻaleaganuʻu e faʻaogaina ai fesoʻotaʻiga fesoʻotaʻiga, o le faʻaogaina o fesoʻotaiga ma le faʻaofiina o le SD-WAN e faʻatupulaʻia laʻititi. I le isi itu, o le a vave ona maua galuega fou, talu ai e faʻatagaina muamua e le tagata faʻatau mo na o le firewall operating system (lea e vave ona faʻaaogaina), ona faʻaopoopoina lea o le pulega faʻatasi ma fesoʻotaʻiga talafeagai.
O nisi fa'atinoga e mafai ona maua mai le laina fa'atonu, ae e le'o maua mai le 'upega tafa'ilagi. O nisi taimi e le fefe tele le alu i totonu o le laina o le poloaiga e faʻapipiʻi se mea, ae e faʻafefe le le vaʻai i luga o le upega tafaʻilagi ua uma ona faʻatulagaina e se tasi se mea mai le laina o le poloaiga. Ae e masani lava ona faʻaoga i foliga fou ma faasolosolo malie, faʻatasi ai ma faʻafouga FortiOS, ua faʻaleleia le gafatia o le upega tafaʻilagi.
O ai e fetaui mo ai?
Mo i latou e le tele ni lala. O le faʻatinoina o se fofo SD-WAN faʻatasi ai ma vaega tutotonu lavelave i luga o se fesoʻotaʻiga o lala 8-10 atonu e le tau le moligao - e tatau ona e faʻaaluina tupe i laisene mo masini SD-WAN ma punaoa faʻapitoa e faʻafeiloaʻi ai vaega tutotonu. O se kamupani la'ititi e masani lava ona fa'atapula'aina punaoa fa'akomepiuta maua fua. I le tulaga o Fortinet, ua lava naʻo le faʻatauina o firewalls.
Mo i latou e tele lala laiti. Mo le tele o tagata faʻatau, o le tau maualalo ole fofo ile lala e fai si maualuga ma atonu e le manaia mai le manatu ole pisinisi a le tagata faʻatau. Fortinet e ofoina atu masini laiti i tau sili ona manaia.
Mo i latou e le o sauni e laa mamao tele. O le fa'atinoina o le SD-WAN fa'atasi ai ma ta'ita'i, auala fa'atau, ma se faiga fou i fuafuaga ma pulega feso'ota'iga atonu o se la'asaga tele mo nisi tagata fa'atau. Ioe, o sea faʻatinoga o le a iu lava ina fesoasoani e faʻamalieina le faʻaogaina o auala fesoʻotaʻiga ma le galuega a le pule, ae muamua e tatau ona e aʻoaʻoina le tele o mea fou. Mo i latou e leʻi sauni mo se suiga faʻataʻitaʻiga, ae manaʻo e faʻateleina a latou auala fesoʻotaʻiga, o le fofo mai Fortinet e saʻo.
puna: www.habr.com