ProHoster > Blog > Utongi > Basa rekure kure riri kuwedzera simba

Basa rekure kure riri kuwedzera simba

Basa rekure kure riri kuwedzera simba

Tichakuudza nezve nzira isingadhuri uye yakachengeteka yekupa vashandi vari kure neVPN yekubatanidza pasina kufumura kambani kune mukurumbira kana njodzi dzemari uye pasina kugadzira mamwe matambudziko eIT department uye manejimendi ekambani.

Nekuvandudzwa kweIT, zvave zvichiita kukwezva vashandi vari kure kune nhamba inowedzera yezvinzvimbo.

Kana pakutanga pakati pevashandi vari kure kwaive nevamiriri vehunyanzvi hwekugadzira, semuenzaniso, vagadziri, vanyori, ikozvino maakaunti, varairidzi vezvemitemo, uye vamiriri vazhinji vemamwe hunyanzvi vanogona kushanda zviri nyore kubva kumba, vachishanyira hofisi chete kana zvichidikanwa.

Asi chero zvakadaro, zvinodikanwa kuronga basa kuburikidza nechiteshi chakachengeteka.

The nyore sarudzo. Isu tinogadzira VPN pane sevha, mushandi anopiwa login-password uye kiyi-chitupa kubva kuVPN, pamwe nemirayiridzo yekuti ungamisa sei mutengi weVPN pakombuta yake. Uye iyo IT department inoona basa rayo rakapera.

Pfungwa yacho inoita seyakanaka, kunze kwechinhu chimwe chete: inofanirwa kunge iri mushandi anoziva kugadzirisa zvese ari ega. Kana isu tichitaura nezve anonyatso gadzira network application, zvine mukana wekuti achakwanisa kuita basa iri.

Asi accountant, muimbi, mugadziri, munyori wehunyanzvi, mugadziri uye dzimwe nyanzvi dzakawanda hazvidi hazvo kuti vanzwisise kuoma kweVPN setup. Mumwe munhu anoda kubatana kwavari ari kure uye kubatsira, kana kuuya mumunhu uye kumisikidza zvese pasaiti. Saizvozvo, kana chimwe chinhu chikamira kuvashandira, semuenzaniso, nekuda kwekutadza muchimiro chemushandisi, iyo network mutengi marongero akarasika, saka zvese zvinoda kudzokororwa kubva pakutanga.

Mamwe makambani anopa laptop ine pre-yakaiswa software uye yakagadziriswa VPN mutengi yebasa riri kure. Muchirevo, munyaya iyi, vashandisi havafaniri kuva nekodzero dzemutungamiri. Izvi zvinogadzirisa matambudziko maviri: vashandi vanovimbiswa kuve nerezinesi software inokodzera mabasa avo uye yakagadzirira-yakagadzirwa nzira yekutaurirana. Panguva imwecheteyo, havagone kushandura marongero ivo pachavo, izvo zvinoderedza kuwanda kwekufona kune
tsigiro yehunyanzvi.

Mune zvimwe zviitiko, izvi zviri nyore. Semuenzaniso, kana uine laptop, unogona kugara zvakanaka mukamuri yako mukati mezuva, uye chinyararire kushanda mukicheni usiku kuitira kuti usamutsa chero munhu.

Chii chinonyanya kukanganisa? Zvakafanana nekunaka - inharembozha inogona kutakurwa. Vashandisi vakakamurwa kuita mapoka maviri: avo vanosarudza desktop PC nekuda kwesimba rayo uye hombe yekutarisa, uye avo vanofarira kufamba.

Boka rechipiri revashandisi rinovhotera malaptop nemaoko ese. Mushure mekugamuchira laptop yekambani, vashandi vakadaro vanotanga kuenda nayo nerufaro kumakofi, maresitorendi, kuenda kune zvakasikwa uye edza kushanda kubva ipapo. Kana chete kushanda, uye kwete kungoshandisa yakagamuchirwa mudziyo sekombuta yavo yesocial network uye imwe varaidzo.

Nenguva isipi, laptop yekambani inorasika kwete chete neruzivo rwebasa pane hard drive, asiwo neyakagadzirirwa VPN kuwana. Kana iyo "sevha password" bhokisi rekutarisa rakatariswa muVPN mutengi marongero, saka miniti yega yega inoverengera. Mumamiriro ezvinhu apo kurasikirwa kusingawaniki pakarepo, basa rekutsigira harina kuziviswa pakarepo, mushandi akakodzera ane kodzero dzekuvhara haawanikwi pakarepo - izvi zvinogona kuchinja kuva njodzi huru.

Dzimwe nguva zvinobatsira kuganhurira kuwana ruzivo. Asi kurambidza kupinda hakurevi kugadzirisa zvachose dambudziko rekurasikirwa nemudziyo, ingori nzira yekudzikisa kurasikirwa kana data yaburitswa uye yakakanganiswa.

Iwe unogona kushandisa encryption kana maviri-factor authentication, semuenzaniso, ne USB kiyi. Pamusoro, iyo pfungwa inotaridzika zvakanaka, ikozvino kana iyo laptop ikawira mumaoko asiri iwo, muridzi wayo achatodikitira kuti awane mukana kune iyo data, kusanganisira yeVPN kuwana. Munguva ino, unogona kuvhara kupinda kune network yekambani. Uye mikana mitsva inovhurika kune ari kure mushandisi: kupotsa iyo laptop, kana kiyi yekupinda, kana zvese kamwechete. Zvekare, iyo nhanho yekudzivirira yakawedzera, asi iyo tekinoroji yekutsigira sevhisi haizofinhwa. Mukuwedzera, ikozvino iwe uchafanirwa kutenga maviri-factor authentication (kana encryption) kit kune yega yega mushandisi ari kure.

Imwe yakaparadzana inosiririsa uye yakareba nyaya iri kuunganidza kukuvadzwa kwemalaptops akarasika kana akakuvadzwa (akakandwa pasi, akadirwa tii inotapira, kofi, nedzimwe tsaona) uye akarasika makiyi ekuwana.

Pamusoro pezvimwe zvese, Laptop ine memechani zvikamu zvakaita sekhibhodi, USB ports, uye chivharo-ku-screen gomo - zvese izvi zvinopera nekufamba kwenguva, zvinoremara, zvinoregedza, uye zvinogadziriswa kana kutsiviwa (kazhinji, iyo laptop yese inotsiviwa).

Saka chii zvino? Nyatsorambidza kutora laptop kubva mufurati uye tarisa
kufamba?

Saka sei vakapa laptop?

Chimwe chikonzero ndechekuti laptop iri nyore kupa. Ngatifunge nezve chimwe chinhu, zvakare compact.

Iwe haugone kuburitsa kwete laptop, asi yakachengetedzwa LiveUSB flash drives ine VPN yekubatanidza yakatogadzirwa, uye mushandisi achashandisa komputa yake. Asi pano zvakare irotari: iyo software inovaka inomhanya pakombuta yemushandisi kana kwete? Dambudziko rinogona kunge riri mukusavapo kwekutanga kwevatyairi vanodiwa.

Isu tinofanirwa kufunga kuti tingaronga sei kubatana kwevashandi vanoshanda vari kure, nepo zvichidikanwa kuti munhu asakundwa nemuedzo wekudzungaira muguta aine laptop yekambani, asi anogara pamba uye anoshanda akadzikama pasina njodzi yekukanganwa kana kurasikirwa nechishandiso chaakapihwa kune imwe nzvimbo.

Yakagadziriswa kupinda kuburikidza neVPN

Asi ko kana isu tikaburitsa kwete mudziyo wekupedzisira, semuenzaniso, laptop, kana zvakatonyanya kwete yakaparadzana flash drive yekubatanidza, asi network gedhi rine VPN mutengi pabhodhi?

Semuenzaniso, yakagadzirira-yakagadzirwa router iyo inosanganisira kutsigirwa kwezvibvumirano zvakasiyana-siyana, umo VPN yekubatanidza yakatogadzirwa kare. Mushandi ari kure anongoda kubatanidza komputa yake kwairi otanga kushanda.

Izvi zvinobatsira kugadzirisa nyaya dzipi?

  1. Zvishandiso zvine gadziriro yekuwana kune network yekambani kuburikidza neVPN hazvibviswe mumba.
  2. Iwe unogona kubatanidza akawanda maturusi kune imwe VPN chiteshi.

Isu takatonyora pamusoro apa kuti zvakanaka kukwanisa kufamba-famba mufurati nelaptop, asi kazhinji zviri nyore uye zviri nyore kushanda nekombuta yedesktop.

Uye iwe unogona kubatanidza PC, laptop, smartphone, piritsi, uye kunyange e-bhuku kuVPN pane router - chero chinhu chinotsigira kupinda kuburikidza neWi-Fi kana wired Ethernet.

Kana tikatarisa mamiriro acho zvakanyanya, izvi zvinogona kunge zviri, semuenzaniso, nzvimbo yekubatanidza kune mini-hofisi umo vanhu vakati wandei vanogona kushanda.

Mukati mechikamu chakachengetedzwa chakadaro, zvishandiso zvakabatana zvinogona kuchinjana ruzivo, unogona kuronga chimwe chinhu senge faira-yekugovera sosi, uchiri kuwana yakajairika kuInternet, kutumira magwaro ekudhinda paprinter yekunze, zvichingodaro.

Corporate telephony! Yakawanda sei mune iyi ruzha inonzwika kune imwe nzvimbo munharembozha! Iyo yepakati VPN chiteshi chezvishandiso akati wandei inokutendera kuti ubatanidze smartphone kuburikidza neWi-Fi network uye shandisa IP runhare rwekufona kune mapfupi manhamba mukati mekambani network.

Zvikasadaro, waizofanira kufonera nharembozha yako kana kushandisa zvekunze zvikumbiro seWhatsApp, izvo zvisingawanzo kuenderana nemitemo yekuchengetedza yemakambani.

Uye sezvo tiri kutaura pamusoro pechengeteko, zvakakodzera kucherechedza chimwe chinhu chinokosha. Iine hardware VPN gedhi, unogona kusimbisa dziviriro nekushandisa mitsva yekutonga mabasa pane inouya gedhi. Izvi zvinokutendera kuti uwedzere kuchengetedzeka uye kuendesa chikamu cheiyo traffic kuchengetedza mutoro kune network gedhi.

Ndeipi mhinduro inogona kupa Zyxel kune iyi kesi?

Tiri kufunga nezve mudziyo unogona kupihwa kuti ushandiswe kwenguva pfupi kune vese vashandi vanogona uye vanoda kushanda vari kure.

Saka, chigadzirwa chakadaro chinofanira kuva:

  • isingadhuri;
  • yakavimbika (kuitira kuti usaparadza mari uye nguva pakugadzirisa);
  • inowanikwa kutengwa mumaketani ezvitoro;
  • nyore kumisikidza (inotarisirwa kushandiswa pasina kufona kwakakosha)
    nyanzvi yakadzidziswa).

Hazvina kunzwika sezvazviri chaizvo, ndizvo here?

Nekudaro, mudziyo wakadaro uripo, uripo uye wakasununguka
zviri kutengeswa
- Zyxel ZyWALL VPN2S

VPN2S ndeye VPN firewall iyo inokutendera iwe kushandisa yakavanzika yekubatanidza
point-to-point pasina yakaoma network parameter marongero.

Basa rekure kure riri kuwedzera simba

Mufananidzo 1. Zyxel ZyWALL VPN2S kuonekwa

Muchidimbu kutsanangurwa kwechigadzirwa

Hardware Features

10/100/1000 Mbps RJ-45 zviteshi
3 x LAN, 1 x WAN/LAN, 1 x WAN

USB ports
2 X USB 2.0

Hapana fani
kuti

Sistimu kugona uye kuita

SPI Firewall Throughput (Mbps)
1.5 Gbps

VPN Bandwidth (Mbps)
35

Nhamba yepamusoro yezvikamu zveTCP zvakafanana
50000

Nhamba yepamusoro yenguva imwe chete IPsec VPN tunnels [5] 20

Customizable zones
kuti

IPv6 rutsigiro
kuti

Nhamba yepamusoro yeVLANs
16

Mabasa makuru esoftware

Multi-WAN Load Balance/Failover
kuti

Virtual yakavanzika network (VPN)
Hongu (IPSec, L2TP pamusoro peIPSec, PPTP, L2TP, GRE)

VPN Mutengi
IPSec/L2TP/PPTP

Sefa yemukati
1 gore remahara

Firewall
kuti

VLAN/Interface Group
kuti

Bandwidth Management
kuti

Chiitiko Log uye Monitoring
kuti

Cloud Mubatsiri
kuti

Remote control
kuti

Cherechedza: Iyo data iri patafura inopihwa iyo OPAL BE microcode 1.12 kana kupfuura
late version.

Ndezvipi zvingasarudzwa zveVPN zvinotsigirwa neZyWALL VPN2S

Muchokwadi, kubva pazita zviri pachena kuti ZyWALL VPN2S mudziyo inonyanya
yakagadzirirwa kubatanidza vashandi vari kure uye mini-mapazi kuburikidza neVPN.

  • Kune vashandisi vekupedzisira, L2TP Pamusoro peIPSec VPN protocol inopihwa.
  • Kuti ubatanidze mini-mahofisi, Site-to-Site IPSec VPN yekubatanidza inopihwa.
  • Zvakare nerubatsiro rweZyWALL VPN2S unogona kuvaka L2TP VPN yekubatanidza nayo
    mupi wevhisi yekuwana Internet yakachengeteka.

Izvo zvinofanirwa kucherechedzwa kuti kupatsanurwa uku kunenge kwakaringana. Somuenzaniso, mumwe anogona
nzvimbo iri kure kugadzirisa iyo Site-to-Site IPSec VPN yekubatanidza ine imwechete
mushandisi mukati meperimeter.

Ehe, zvese izvi zvinoitwa uchishandisa yakasimba VPN algorithms (IKEv2 uye SHA-2).

Kushandisa akawanda WANs

Nokuda kwebasa riri kure, chinhu chikuru ndechokuva nechiteshi chakagadzikana. Zvinosuruvarisa, neimwe chete
Kunyangwe mutsara wekutaurirana wemupi wakavimbika haugone kuvimbisa izvi.

Matambudziko anogona kukamurwa kuva marudzi maviri:

  • kumhanya kudonhedza - iyo Multi-WAN mutoro wekuenzanisa ficha ichabatsira neizvi
    kuchengetedza kugadzikana kwakagadzikana pakukurumidza kunodiwa;
  • kukundikana kwechiteshi - iyi ndiyo iyo Multi-WAN failover basa ndeye
    kuve nechokwadi kushivirira kukanganisa nekudzokorora.

Ndeapi masimba ehardware aripo kune izvi:

  • Yechina LAN port inogona kugadziridzwa seyekuwedzera WAN port.
  • Iyo USB port inogona kushandiswa kubatanidza 3G / 4G modem, inopa
    backup chiteshi muchimiro chekukurukurirana kweserura.

Kuvandudza network kuchengetedza

Sezvambotaurwa pamusoro apa, ichi ndicho chimwe chezvakanakira kushandisa zvakakosha
centralized devices.

ZyWALL VPN2S ine Stateful Packet Inspection (SPI) firewall basa rekurwisa marudzi akasiyana-siyana ekurwiswa, kusanganisira DoS (Denial of Service), kurwiswa uchishandisa fake IP kero, pamwe nekusatenderwa kure kure kune masisitimu, inofungidzira network traffic uye mapaketi.

Seimwe dziviriro, chishandiso chine Zvemukati kusefa kuvharira mushandisi kuwana kune zvinofungidzika, zvine njodzi uye zvekunze zvemukati.

Kurumidza uye nyore kuseta mumatanho mashanu ane setup wizard

Nekukurumidza kuseta yekubatanidza, kune iri nyore kuseta wizard uye graphical interface
Multilingual interface.

Basa rekure kure riri kuwedzera simba

Mufananidzo 2. Muenzaniso weimwe yekuseta wizard skrini.

Kune manejimendi anobudirira uye anoshanda, Zyxel inopa yakazara pasuru yezvishandiso zvekutonga zviri kure zvinoita kuti zvive nyore kugadzirisa uye kutarisa VPN2S.

Iko kugona kutevedzera marongero kunorerutsa zvakanyanya kugadzirira kweakawanda ZyWALL VPN2S zvishandiso zvekutumira kune vashandi vari kure.

VLAN rutsigiro

Pasinei nekuti ZyWALL VPN2S yakagadzirirwa basa riri kure, inotsigira VLAN. Izvi zvinokutendera kuti uwedzere kuchengetedzwa kwetiweki, semuenzaniso, kana hofisi yemunhu muzvinabhizimusi yakabatana, ine muenzi Wi-Fi. Mashandiro eVLAN akajairwa, akadai sekudzikamisa nhepfenyuro, kuderedza traffic inotapuriranwa uye kushandisa chengetedzo mitemo iri kudiwa mumambureti emakambani, asi mumabhizinesi madiki, musimboti, vanogonawo kuwana application.

Rutsigiro rweVLAN runobatsirawo pakuronga network yakaparadzana, semuenzaniso, yeIP telephony.

Kuti uve nechokwadi chekushanda kweVLAN, ZyWALL VPN2S device inotsigira IEEE 802.1Q standard.

Summing up

Ngozi yekurasikirwa nenharembozha ine yakagadziriswa VPN chiteshi inoda mhinduro kunze kwekugovera malaptop emakambani.

Kushandisa compact uye isingadhure VPN magedhi inobvumidza iwe kuronga zviri nyore basa revashandi vari kure.

Iyo ZyWALL VPN2S modhi yakagadzirirwa kubatanidza vashandi vari kure uye mahofisi madiki.

Useful links

Zyxel VPN2S - vhidhiyo
ZyWALL VPN2S peji pane yepamutemo Zyxel webhusaiti
TEST: VPN2S Diki Hofisi Solution + WiFi Hotspot
Teregiramu chat "Zyxel Club"
Teregiramu chiteshi "Zyxel Nhau"

Source: www.habr.com

Voeg