Vazhinji uye vazhinji vashandisi vari kuunza yavo yese IT zvivakwa kune yeruzhinji gore. Zvisinei, kana anti-virusi kutonga kusina kukwana muhutano hwemutengi, njodzi dzakakomba dzecyber dzinomuka. Kudzidzira kunoratidza kuti anosvika makumi masere muzana emavhairasi aripo anogara zvakakwana munzvimbo chaiyo. Mune ino positi isu tichataura nezve nzira yekuchengetedza zviwanikwa zveIT mune yeruzhinji gore uye nei echinyakare maantivirus asina kunyatsokodzera izvi zvinangwa.
Kutanga, tichakuudza kuti takasvika sei pazano rekuti zvakajairwa anti-virus kudzivirira maturusi haana kukodzera gore reruzhinji uye kuti dzimwe nzira dzekuchengetedza zviwanikwa dzinodiwa.
Chekutanga, vanopa vanowanzopa matanho anodiwa kuti ave nechokwadi chekuti mapuratifomu avo egore anodzivirirwa pamwero wepamusoro. Semuyenzaniso, pa #CloudMTS isu tinoongorora ese network traffic, tarisa matanda emakore edu ekuchengetedza masisitimu, uye kugara tichiita mapentest. Cloud zvikamu zvakagoverwa kune mumwe nemumwe vatengi zvinofanirwawo kuchengetedzwa zvakachengeteka.
Kechipiri, yakasarudzika sarudzo yekurwisa njodzi dzecyber inosanganisira kuisa antivirus uye antivirus manejimendi maturusi pamushini wega wega. Nekudaro, nehuwandu hukuru hwemakina chaiwo, tsika iyi inogona kusashanda uye inoda huwandu hwakakosha hwemakomputa zviwanikwa, nekudaro kuwedzera kurodha zvivakwa zvemutengi uye kuderedza kuita kwese kwegore. Ichi chave chinhu chakakosha chinodiwa pakutsvaga nzira nyowani dzekuvaka dzinoshanda anti-virus dziviriro yemakina evatengi chaiwo.
Uye zvakare, akawanda antivirus mhinduro pamusika haina kuchinjirwa kugadzirisa matambudziko ekuchengetedza IT zviwanikwa munzvimbo yeruzhinji makore. Semutemo, iwo anorema EPP mhinduro (Endpoint Dziviriro Mapuratifomu), ayo, uyezve, asingape inodiwa kugadzirisa padivi remutengi wemupi wegore.
Zvinova pachena kuti zvechinyakare antivirus mhinduro hadzina kukodzera kushanda mugore, nekuti ivo vanoremedza zvakakomba zvivakwa zvemukati panguva yekuvandudza uye scans, uye zvakare havana mazinga anodiwa ebasa-based manejimendi uye marongero. Tevere, isu tichaongorora zvakadzama kuti sei gore richida nzira nyowani dzekudzivirira hutachiona.
Izvo antivirus mune yeruzhinji gore inofanirwa kukwanisa kuita
Saka, ngatitarisei kune izvo chaizvo zvekushanda munzvimbo chaiyo:
Kubudirira kwezvigadziriso uye yakarongwa misa scans. Kana huwandu hwakakosha hwemakina anoshandisa echinyakare antivirus akatanga gadziriso panguva imwe chete, iyo inonzi "dutu" yekuvandudza ichaitika mugore. Simba remugadziri weESXi anogashira akati wandei muchina anogona kunge asina kukwana kubata kurwiswa kwemabasa akafanana achimhanya nekusarudzika. Kubva pakuona kwemupi wegore, dambudziko rakadaro rinogona kutungamira kune mamwe mitoro pane akati wandei ESXi mauto, izvo zvinozopedzisira zvakonzera kudonha kwekuita kweiyo cloud virtual infrastructure. Izvi zvinogona, pakati pezvimwe zvinhu, kukanganisa mashandiro emagetsi evamwe vatengi vemakore. Mamiriro ezvinhu akafanana angamuka paunenge uchitanga kuongorora kwehuwandu: kushandiswa panguva imwechete ne disk system yezvikumbiro zvakawanda zvakafanana kubva kune vashandisi vakasiyana zvichakanganisa kushanda kwegore rose. Nehupamhi hwepamusoro, kuderera kwemaitiro ekuchengetedza system kuchabata vatengi vese. Mitoro yakadaro isingafadzi kana mupi kana vatengi vake, sezvo inokanganisa "vavakidzani" vari mugore. Kubva pane iyi maonero, tsika antivirus inogona kuunza dambudziko guru.
Kuvharirwa kwakachengeteka. Kana faira kana gwaro rinogona kutapukirwa nehutachiona rikaonekwa pahurongwa, rinotumirwa kunovharirwa. Ehe, faira ine hutachiona inogona kubviswa nekukurumidza, asi izvi kazhinji hazvigamuchirwe kumakambani mazhinji. Mabhizinesi ebhizinesi antivirus asina kuchinjirwa kushanda mugore remupi, sekutonga, ane yakajairwa quarantine zone - zvese zvine hutachiona zvinhu zvinowira mairi. Semuenzaniso, izvo zvinowanikwa pamakomputa evashandisi vekambani. Vatengi veanopa gore "vanogara" muzvikamu zvavo (kana maroja). Aya mativi akajeka uye ari ega: vatengi havazive nezve mumwe nemumwe uye, hongu, havaone izvo vamwe vari kugamuchira mugore. Zviripachena, iyo general quarantine, iyo inosvikwa nevashandisi vese antivirus mugore, inogona kusanganisira gwaro rine ruzivo rwakavanzika kana chakavanzika chekutengeserana. Izvi hazvigamuchirwi kune mupi uye vatengi vayo. Naizvozvo, panogona kuve nemhinduro imwe chete - kuvharirwa wega kune mutengi wega wega muchikamu chake, uko pasina mupi kana vamwe vatengi vanogona kuwana.
Individual security policy. Mumwe nemumwe mutengi ari mugore ikambani yakaparadzana, iyo iyo IT department inoisa yayo yega mitemo yekuchengetedza. Semuenzaniso, vatungamiri vanotsanangura mitemo yekuongorora uye kuronga anti-virus scans. Saizvozvo, sangano rega rega rinofanirwa kunge riine nzvimbo yaro yekudzora kugadzirisa zvirongwa zveantivirus. Panguva imwecheteyo, zvigadziriso zvakatarwa hazvifanirwe kukanganisa vamwe vatengi vegore, uye mupi anofanirwa kuona kuti, semuenzaniso, antivirus inogadziridza inoitwa seyakajairwa kune ese maklayiti echokwadi mashini.
Sangano rekubhadharisa uye rezinesi. Iyo yegore modhi inoratidzirwa nekuchinjika uye inosanganisira kubhadhara chete kwehuwandu hweIT zviwanikwa zvakashandiswa nemutengi. Kana pane kudiwa, semuenzaniso, nekuda kwemwaka, saka huwandu hwezviwanikwa hunogona kukurumidza kuwedzera kana kuderedzwa - zvese zvinoenderana nezvinodiwa zvezvino zvesimba rekombuta. Traditional antivirus haina kuchinjika - sekutonga, mutengi anotenga rezinesi kwegore kune yakafanotemerwa nhamba yemaseva kana nzvimbo dzekushandira. Vashandisi veCloud vanogara vachibvisa uye kubatanidza mamwe machina ekuwedzera zvichienderana nezvavanoda izvozvi - nekudaro, marezinesi eantivirus anofanirwa kutsigira modhi imwechete.
Mubvunzo wechipiri ndewekuti rezinesi richange richipi chaizvo. Traditional antivirus inopihwa rezinesi nehuwandu hwemaseva kana nzvimbo dzekushandira. Marezenisi anoenderana nenhamba yemakina akadzivirirwa haakodzeri zvachose mukati megore modhi. Mutengi anogona kugadzira chero nhamba yemashini chaiwo anoenderana naye kubva kune iripo zviwanikwa, semuenzaniso, mashanu kana gumi michina. Iyi nhamba haisi yenguva dzose kune vazhinji vatengi; hazvigoneke kuti isu, semupi, titarise shanduko dzayo. Iko hakuna tekinoroji mukana wekupa rezinesi neCPU: vatengi vanogashira chaiwo processors (vCPUs), iyo inofanirwa kushandiswa kupa rezinesi. Nekudaro, iyo itsva anti-virus yekudzivirira modhi inofanirwa kusanganisira kugona kwemutengi kuona nhamba inodiwa yevCPUs iyo yaachazogamuchira anti-virus rezinesi.
Kutevedza mutemo. Chinhu chakakosha, sezvo mhinduro dzinoshandiswa dzinofanirwa kuve nechokwadi chekutevedzera zvinodiwa nemutongi. Semuenzaniso, gore "vagari" vanowanzoshanda nedata remunhu. Muchiitiko ichi, mupi anofanira kunge aine chikamu chakasiyana chakasimbiswa chegore chinonyatsoenderana nezvinodiwa zvePersonal Data Law. Ipapo makambani haafanire kuzvimiririra "kuvaka" iyo yese sisitimu yekushanda nedata rako pachako: tenga michina yakasimbiswa, batanidza uye ugadzirise, uye uwane chitupa. Nekuchengetedzwa kwecyber kweISPD yevatengi vakadaro, antivirus inofanirwawo kutevedzera zvinodiwa nemutemo weRussia uye kuve neFSTEC chitupa.
Isu takatarisa maitiro anosungirwa ayo antivirus kuchengetedzwa mune yeruzhinji gore inofanirwa kusangana. Tevere, isu tichagovera isu pachedu ruzivo mukugadzirisa antivirus mhinduro kuti ishande mugore remupi.
Unogona sei kuita shamwari pakati peantivirus uye gore?
Sezvo ruzivo rwedu rwakaratidza, kusarudza mhinduro inobva pakutsanangura uye zvinyorwa ndechimwe chinhu, asi kuishandisa mukuita munzvimbo yakatoshanda yegore ibasa rakasiyana zvachose maererano nekuoma. Isu tichakuudza zvatakaita mukudzidzira uye nekugadzirisa kwatakaita antivirus kuti ishande mune yeruzhinji gore remupi. Mutengesi weiyo anti-virus mhinduro aive Kaspersky, ane portfolio inosanganisira anti-virus kuchengetedza mhinduro kune makore nharaunda. Isu takagara pa "Kaspersky Chengetedzo yeVirtualization" (Chiedza Mumiriri).
Inosanganisira imwechete Kaspersky Security Center console. Chiedza mumiriri uye kuchengetedza chaiwo michina (SVM, Chengetedzo Virtual Machine) uye KSC yekubatanidza server.
Mushure mekunge tadzidza magadzirirwo emhinduro yeKaspersky uye takaita miedzo yekutanga pamwe chete nevanjiniya vevatengesi, mubvunzo wakamuka pamusoro pekubatanidza sevhisi mugore. Kuitwa kwekutanga kwakaitwa pamwe chete paMoscow cloud site. Uye ndizvo zvatakaziva.
Kuti uderedze traffic yetiweki, zvakasarudzwa kuisa SVM pane yega yega ESXi mugadziri uye "sunga" iyo SVM kune ESXi mauto. Muchiitiko ichi, vamiririri vemwenje veakachengetedzwa chaiwo michina vanowana iyo SVM yeiyo chaiyo ESXi host pavari kumhanya. Muroja wakasiyana wekutonga akasarudzwa kune iyo huru KSC. Nekuda kweizvozvo, maKSCs ari pasi anowanikwa mune vanoroja ega ega mutengi uye anogadzirisa iyo yepamusoro KSC iri muchikamu chemanejimendi. Ichi chirongwa chinokubvumira kukurumidza kugadzirisa matambudziko anomuka muvatengi vanoroja.
Mukuwedzera kune nyaya nekusimudza zvikamu zve-anti-virus solution pachayo, takanga takatarisana nebasa rekugadzirisa kuwirirana kwetiweki kuburikidza nekugadzirwa kwemamwe maVxLAN. Uye kunyangwe mhinduro yacho pakutanga yaiitirwa vatengi vebhizinesi vane makore ega, nerubatsiro rweinjiniya savvy uye tekinoroji kuchinjika kweNSX Edge takakwanisa kugadzirisa matambudziko ese ane chekuita nekuparadzaniswa kwevaridzi uye kupihwa rezinesi.
Takashanda pamwe chete neKaspersky mainjiniya. Nokudaro, mukugadzirisa kugadziriswa kwekugadzirisa magadzirirwo maererano nekubatana kwetiweki pakati pezvikamu zvehurongwa, zvakaonekwa kuti, kunze kwekuwana kubva kune vamiririri vechiedza kuenda kuSVM, mhinduro inodiwawo - kubva kuSVM kusvika kune vamiririri vechiedza. Iyi network yekubatanidza haigoneke munzvimbo ine multitenant nekuda kwekugona kweiyo yakafanana network zvigadziriso zvemashini chaiwo mune akasiyana makore maroja. Naizvozvo, pakukumbira kwedu, vatinoshanda navo kubva kumutengesi vakagadziridza zvakare nzira yekudyidzana kwetiweki pakati peiyo mwenje mumiriri neSVM maererano nekubvisa kudiwa kwetiweki yekubatanidza kubva kuSVM kune vamiriri vemwenje.
Mushure mekunge mhinduro yaiswa uye yakayedzwa paMoscow cloud site, takaidzokorora kune dzimwe nzvimbo, kusanganisira chikamu chegore chakasimbiswa. Basa iri rave kuwanikwa mumatunhu ese enyika.
Architecture yeruzivo rwekuchengetedza mhinduro mukati megadziriro yenzira itsva
Iyo yakajairwa chirongwa chekushanda kweantivirus mhinduro munzvimbo yeruzhinji gore ndeyekutevera:
Scheme yekushanda kwemhinduro yeantivirus munzvimbo yeruzhinji gore #CloudMTS
Ngatitsanangurirei maficha ekushanda kwezvinhu zvega zvemhinduro mugore:
β’ Imwe koni inobvumira vatengi kubata nepakati hurongwa hwekudzivirira: mhanyisa scans, gadzirisa zvigadziriso uye tarisa nzvimbo dzekuvharirwa. Zvinokwanisika kugadzirisa mitemo yekuchengetedza yega mukati mechikamu chako.
Izvo zvinofanirwa kucherechedzwa kuti kunyangwe isu tiri mupi webasa, isu hatikanganise marongero akaiswa nevatengi. Chinhu chega chatinogona kuita kuseta zvakare marongero ekuchengetedza kune akajairwa kana kugadziridzwazve kuchidikanwa. Semuyenzaniso, izvi zvinogona kudiwa kana mutengi akazvisimbisa netsaona kana kuti akadzideredza zvakanyanya. Kambani inogona kugara ichigashira nzvimbo yekudzora ine default marongero, ayo yaanogona kugadzirisa yakazvimirira. Izvo zvakashata zveKaspersky Security Center ndezvekuti ipuratifomu iripo chete yeMicrosoft inoshanda sisitimu. Kunyangwe lightweight vamiririri vanogona kushanda neese Windows neLinux michina. Nekudaro, Kaspersky Lab inovimbisa kuti munguva pfupi iri kutevera KSC ichashanda pasi peLinux OS. Rimwe remabasa akakosha eKSC kugona kubata kugarwa. Imwe neimwe kambani yevatengi mumakore edu ine yega. Iyi nzira inobvisa mamiriro ekuti gwaro rakabatwa nehutachiona netsaona rinobva raonekwa pachena, sezvingaitika mune yemhando yepamusoro antivirus yekambani ine general quarantine.
β’ Vamiririri vechiedza. Sechikamu cheiyo modhi nyowani, isingaremi Kaspersky Security mumiriri inoiswa pamushini wega wega. Izvi zvinobvisa kudiwa kwekuchengetedza anti-virus database pane imwe neimwe VM, iyo inoderedza huwandu hwe disk nzvimbo inodiwa. Iyo sevhisi inosanganisirwa neyegore zvivakwa uye inoshanda kuburikidza neSVM, iyo inowedzera density yemashini chaiwo pane iyo ESXi host uye kuita kweiyo cloud system. Iyo mwenje mumiriri inovaka mutsara wemabasa kune yega yega muchina: tarisa iyo faira system, ndangariro, nezvimwe. Asi iyo SVM ine basa rekuita mashandiro aya, atinozotaura nezvazvo gare gare. Iyo mumiriri inoshandawo se firewall, inodzora chengetedzo marongero, inotumira ane hutachiona mafaera kuti avharirwe uye anotarisisa "hutano" hwese hweiyo inoshanda sisitimu iyo yakaiswa. Zvese izvi zvinogona kudzorwa uchishandisa iyo yatotaurwa imwe console.
β’ Chengetedzo Virtual Machine. Ese mabasa akasimba-akasimba (anti-virus database updates, yakarongwa scans) inobatwa neyakasiyana Security Virtual Machine (SVM). Iye ane mutoro wekushanda kweakazara-yakazara anti-virus injini uye dhatabhesi yayo. Iyo kambani IT zvivakwa zvinogona kusanganisira akati wandei maSVM. Iyi nzira inowedzera kuvimbika kweiyo system - kana muchina mumwe ukatadza uye ukasapindura kwemasekonzi makumi matatu, vamiririri vanotanga kutsvaga imwe.
β’ KSC yekubatanidza server. Chimwe chezvikamu zveKSC huru, iyo inopa maSVM ayo kune vamiriri vemwenje zvinoenderana nealgorithm inotsanangurwa muzvirongwa zvayo, uye zvakare inodzora kuwanikwa kweSVM. Nekudaro, iyi software module inopa kuyera kuyera kune ese maSVM eiyo makore zvivakwa.
Algorithm yekushanda mugore: kuderedza mutoro pane zvivakwa
Kazhinji, iyo antivirus algorithm inogona kumiririrwa sezvinotevera. Mumiririri anowana iyo faira pamushini chaiwo uye anoitarisa. Mhedzisiro yekusimbisa inochengetwa mune yakajairwa centralized SVM mutongo dhatabhesi (inonzi Shared Cache), imwe neimwe yekupinda iyo inoratidza yakasarudzika faira sampuli. Iyi nzira inokubvumira kuti uone kuti iyo faira imwe chete haina kuongororwa kakawanda mumutsara (somuenzaniso, kana yakavhurwa pamichina yakasiyana-siyana). Iyo faira inodzokororwa chete kana shanduko yaitwa kwairi kana scan yakatangwa nemaoko.
Kuitwa kweantivirus mhinduro mugore remupi
Mufananidzo wacho unoratidza dhayagiramu yakajairika yekumisikidzwa kwemhinduro mugore. Iyo huru Kaspersky Security Center inoiswa munzvimbo yekutonga yegore, uye yega SVM inoiswa pane yega yega ESXi host ichishandisa KSC yekubatanidza server (yega yega ESXi mugadziri ane SVM yake yakasungirirwa neakakosha marongero paVMware vCenter Server). Vatengi vanoshanda muzvikamu zvavo zvemakore, uko kune chaiwo michina ine vamiririri. Iwo anotungamirwa kuburikidza nemunhu ega KSC maseva ari pasi peiyo huru KSC. Kana zvichidikanwa kuchengetedza nhamba diki yemachina chaiwo (anosvika mashanu), mutengi anogona kupihwa mukana wekuwana iyo chaiyo console yeyakasarudzika yakatsaurirwa KSC server. Kudyidzana kwenetiweki pakati pemutengi KSC uye iyo huru KSC, pamwe nevamiriri vemwenje uye maSVM, inoitwa uchishandisa NAT kuburikidza neEdgeGW mutengi chaiwo ma routers.
Zvinoenderana nefungidziro yedu uye mhedzisiro yekuyedzwa kwevatinoshanda navo kumutengesi, Chiedza Mumiriri anodzikisa mutoro pavatengi' chaiwo zvivakwa neanosvika makumi maviri neshanu muzana (kana ichienzaniswa nehurongwa hunoshandisa yechinyakare anti-virus software). Kunyanya, yakajairwa Kaspersky Endpoint Security (KES) antivirus yenzvimbo dzemuviri inopedza kanenge kaviri sevhavha CPU nguva (25%) seyakareruka mumiriri-based virtualization solution (2,95%).
CPU mutoro wekuenzanisa chati
Mamiriro akafanana anocherechedzwa nehuwandu hwemadhisiki ekunyora anowanikwa: kune yekare antivirus ndeye 1011 IOPS, yegore antivirus ndeye 671 IOPS.
Dhisiki yekuwana chiyero chekuenzanisa girafu
Kubatsira kwekuita kunoita kuti iwe uchengetedze kugadzikana kwezvivakwa uye kushandisa komputa simba zvakanyanya. Nekugadzirisa kushanda munzvimbo yeruzhinji gore, mhinduro haideredze kuita kwegore: inotarisa pakati mafaera uye kurodha zvinyorwa, kugovera mutoro. Izvi zvinoreva kuti, kune rimwe divi, kutyisidzira kwakakodzera kune gore zvivakwa hazvizopotsa, kune rimwe divi, zviwanikwa zvekushandisa zvemashini chaiwo zvichaderedzwa neavhareji ye25% zvichienzaniswa neyechinyakare antivirus.
Panyaya yekushanda, zvese zvigadziriso zvakafanana kune mumwe nemumwe: pazasi pane tafura yekufananidza. Nekudaro, mugore, sekuratidzwa kwemhedzisiro yebvunzo pamusoro, ichiri yakaringana kushandisa mhinduro kune chaiwo nharaunda.
Nezve mitero mukati megadziriro yenzira itsva. Isu takasarudza kushandisa modhi inotibvumidza kuwana marezinesi zvichienderana nehuwandu hwevCPU. Izvi zvinoreva kuti nhamba yemarezinesi ichaenzana nehuwandu hwevCPU. Unogona kuyedza antivirus yako nekusiya chikumbiro .
Muchinyorwa chinotevera pamusoro pemisoro yemakore, tichataura nezve kushanduka kwegore WAFs uye chii chiri nani kusarudza: Hardware, software kana gore.
Iwo mameseji akagadzirwa nevashandi vegore mupi #CloudMTS: Denis Myagkov, anotungamira mugadziri uye Alexey Afanasyev, ruzivo rwekuchengetedza chigadzirwa maneja.
Source: www.habr.com