Tichakuudza nezve nzira isingadhure uye yakachengeteka yekuita kuti vashandi vari kure vabatanidzwe kuburikidza neVPN, pasina kufumura kambani kune mukurumbira kana njodzi dzemari uye pasina kugadzira mamwe matambudziko kudhipatimendi reIT uye manejimendi ekambani.
Nekuvandudzwa kweIT, zvave zvichiita kukwezva vashandi vari kure kune nhamba inowedzera yezvinzvimbo.
Kana pakutanga pakati pevashandi vari kure paive nevamiriri vehunyanzvi hwekugadzira, semuenzaniso, vagadziri, vanyori, iye zvino accountant, chipangamazano chezvemitemo, uye vamiriri vazhinji vemamwe hunyanzvi vanogona kushanda zviri nyore kubva kumba, vachishanyira hofisi chete kana zvichidikanwa.
Asi chero zvakadaro, zvinodikanwa kuronga basa kuburikidza nechiteshi chakachengeteka.
The nyore sarudzo. Isu tinogadzira VPN pane sevha, mushandi anopiwa password yekupinda uye VPN cheti kiyi, pamwe nemirayiridzo yekuti ungamisa sei mutengi weVPN pakombuta yake. Uye iyo IT department inoona basa rayo rakapera.
Pfungwa yacho inoita seisina kuipa, kunze kwechinhu chimwe chete: inofanira kunge iri mushandi anoziva kugadzirisa zvinhu zvose ari oga. Kana isu tiri kutaura nezve anokwanisa network application yekuvandudza, zvinogoneka kuti achaita basa iri.
Asi accountant, muimbi, mugadziri, munyori wehunyanzvi, mugadziri wezvivakwa, uye mamwe akawanda hunyanzvi haafanire kunzwisisa kuomesesa kwekumisikidza VPN. Mumwe munhu anoda kubatana kwavari ari kure uye kubatsira, kana kuuya mumunhu uye kumisa zvese ipapo ipapo. Saizvozvo, kana chimwe chinhu chikamira kuvashandira, semuenzaniso, nekuda kwekukanganisa muchimiro chemushandisi, network network mutengi marongero akarasika, saka zvese zvinoda kudzokororwa zvakare.
Mamwe makambani anopa laptop ine software yatoiswa kare uye yakagadziriswa VPN software mutengi yebasa riri kure. Muchirevo, munyaya iyi, vashandisi havafaniri kuva nekodzero dzemutungamiri. Nenzira iyi, matambudziko maviri anogadziriswa: vashandi vanovimbiswa kupihwa rezinesi software inokodzera mabasa avo uye yakagadzirira-yakagadzirwa nzira yekutaurirana. Panguva imwecheteyo, havagone kushandura zvirongwa ivo pachavo, izvo zvinoderedza kuwanda kwekufona kune
tsigiro yehunyanzvi.
Mune zvimwe zviitiko izvi zviri nyore. Semuenzaniso, uine laptop, unogona kugara zvakanaka mukamuri yako mukati mezuva, uye chinyararire kushanda mukicheni usiku kuitira kuti usamutsa chero munhu.
Chii chinonyanya kukanganisa? Zvakafanana nekuwedzera - inharembozha inogona kutakurwa. Vashandisi vanowira mumapoka maviri: avo vanosarudza desktop PC yesimba uye hombe yekutarisa, uye avo vanoda kutakurika.
Boka rechipiri revashandisi rinovhota nemaoko maviri emalaptops. Vagamuchira laptop yekambani, vashandi vakadaro vanotanga kuenda nayo nomufaro kumakofi, maresitorendi, enda kune zvakasikwa uye edza kushanda kubva ipapo. Dai zvangoshanda, uye kwete kungoshandisa iyo yakagamuchirwa mudziyo sekombuta yako yemasocial network uye kumwe kuvaraidza.
Nenguva isipi, laptop yekambani inorasika kwete chete neruzivo rwebasa pane hard drive, asiwo neyakagadzirirwa VPN kuwana. Kana iyo "sevha password" bhokisi rekutarisa rakatariswa muVPN mutengi marongero, ipapo maminetsi anoverengeka. Mumamiriro ezvinhu apo kurasikirwa kusina kuwanikwa pakarepo, basa rekutsigira harina kuziviswa pakarepo, kana mushandi akakodzera ane kodzero yekuvhara haana kuwanikwa pakarepo - izvi zvinogona kuchinja kuva njodzi huru.
Dzimwe nguva kuganhurira kuwana ruzivo kunobatsira. Asi kudzikisira kuwana hazvireve kugadzirisa zvachose matambudziko ekurasikirwa nemudziyo; ingori nzira yekudzikisa kurasikirwa kana data raburitswa uye kukanganiswa.
Unogona kushandisa encryption kana maviri-factor authentication, semuenzaniso ne USB kiyi. Kunze, iyo pfungwa inotaridzika zvakanaka, asi ikozvino kana iyo laptop ikawira mumaoko asiri iwo, muridzi wayo anozofanira kushanda nesimba kuti awane iyo data, kusanganisira kuwana kuburikidza neVPN. Munguva ino, iwe unogona kubata kuvharira kupinda kune yekambani network. Uye mikana mitsva inovhurika kune ari kure mushandisi: kubaya iyo laptop, kana kiyi yekupinda, kana zvese kamwechete. Zvekare, mwero wekudzivirira wakawedzera, asi iyo tekinoroji yekutsigira sevhisi haizofinhwa. Uye zvakare, yega yega opareta ari kure anozofanira kutenga maviri-chinhu chechokwadi (kana encryption) kit.
Imwe yakaparadzana inosiririsa uye yakareba nyaya kuunganidzwa kwekukuvadza kwemalaptops akarasika kana akakuvadzwa (akakandirwa pasi, akadirwa tii inotapira, kofi, nedzimwe tsaona) uye akarasika makiyi ekuwana.
Pakati pezvimwe zvinhu, Laptop ine mamechani zvikamu, senge keyboard, USB zvinongedzo, uye chivharo chine skrini - zvese izvi zvinopedza hupenyu hwayo hwesevhisi nekufamba kwenguva, inoremara, inove yakasununguka uye inofanirwa kugadziriswa kana kutsiviwa (kazhinji kazhinji. , iyo laptop yese inotsiviwa).
Saka chii zvino? Izvo zvinorambidzwa zvachose kutora laptop kubva mufurati uye track
kufamba?
Saka sei vakapa laptop?
Chimwe chikonzero ndechekuti laptop iri nyore kutamisa. Ngatiuye nechimwe chinhu, zvakare compact.
Iwe haugone kuburitsa kwete laptop, asi yakachengetedzwa LiveUSB flash drives ine VPN yekubatanidza yakatogadzirwa, uye mushandisi achashandisa yake komputa. Asi iyi zvakare lottery: iyo software musangano inomhanya pakombuta yemushandisi kana kwete? Dambudziko ringave riri nyore kushaya vatyairi vanodiwa.
Isu tinofanirwa kufunga kuti tingaronga sei kubatana kwevashandi kure, uye zvinoshuviwa kuti munhu wacho asakundwa nemuedzo wekudzungaira neguta nelaptop yemakambani, asi anogara kumba uye anoshanda akadzikama pasina njodzi yekukanganwa. kurasikirwa nemudziyo waakachengeteswa pane imwe nzvimbo.
Stationary VPN kupinda
Ko kana iwe ukapa kwete mudziyo wekupedzisira, semuenzaniso, laptop, kana kunyanya kwete yakaparadzana flash drive yekubatanidza, asi network gedhi rine VPN mutengi pabhodhi?
Semuenzaniso, yakagadzirira-yakagadzirwa router iyo inosanganisira kutsigirwa kwezvibvumirano zvakasiyana-siyana, umo VPN yekubatanidza yakatogadzirwa. Mushandi ari kure anongoda kubatanidza komputa yake kwairi otanga kushanda.
Izvi zvinobatsira kugadzirisa nyaya dzipi?
- Zvishandiso zvine gadziriro yekuwana kune network yekambani kuburikidza neVPN hazvibudiswe mumba.
- Unogona kubatanidza akati wandei kune imwe VPN chiteshi.
Isu takatonyora pamusoro apa kuti zvakanaka kugona kufamba-famba mufurati nelaptop, asi kazhinji zviri nyore uye zviri nyore kushanda nekombuta yedesktop.
Uye iwe unogona kubatanidza PC, laptop, smartphone, piritsi, uye kunyange e-reader kuVPN pane router - chero chinhu chinotsigira kuwana kuburikidza neWi-Fi kana wired Ethernet.
Kana iwe ukatarisa mamiriro acho zvakanyanya, izvi zvinogona kunge zviri, semuenzaniso, nzvimbo yekubatanidza kune mini-hofisi umo vanhu vakati wandei vanogona kushanda.
Mukati mechikamu chakachengetedzwa chakadaro, zvishandiso zvakabatana zvinogona kuchinjana ruzivo, unogona kuronga chimwe chinhu senge faira-yekugovera sosi, nepo uine yakajairika kuwana Internet, kutumira magwaro ekudhindwa kune yekunze printa, zvichingodaro.
Corporate telephony! Pane zvakawanda mune iyi ruzha inonzwika kune imwe nzvimbo muchubhu! Iyo yepakati VPN chiteshi chezvishandiso zvakati wandei inokutendera kuti ubatanidze smartphone kuburikidza neWi-Fi network uye shandisa IP telephony kufona kunhamba pfupi mukati mekambani network.
Zvikasadaro, waizofanira kufona nhare kana kushandisa zvekunze zvikumbiro zvakaita seWhatsApp, izvo zvisingawanzo kuenderana nekambani yekuchengetedza mutemo.
Uye sezvo tiri kutaura pamusoro pekuchengeteka, zvakakosha kucherechedza chimwe chinhu chinokosha. Iine hardware VPN gedhi, unogona kukwidziridza kuchengetedzeka kwako uchishandisa mitsva yekudzora maficha pane ingress gedhi. Izvi zvinokutendera kuti uwedzere kuchengetedzeka uye kushandura chikamu cheiyo traffic kuchengetedza mutoro kune network network gedhi.
Ndeipi mhinduro inogona kupa Zyxel kune iyi kesi?
Isu tiri kufunga nezve mudziyo unofanirwa kupihwa kuti ushandiswe kwenguva pfupi kune vese vashandi vanogona uye vanoda kushanda vari kure.
Saka, chigadzirwa chakadaro chinofanira kuva:
- kuchipa;
- yakavimbika (kuitira kuti usaparadza mari uye nguva pakugadzirisa);
- inowanikwa kutengwa mumaketani ezvitoro;
- nyore kumisikidza (inoitirwa kuti ishandiswe pasina kufona chaiko
nyanzvi yakadzidziswa).
Haisi kunzwika chaizvo, handiti?
Zvisinei, mudziyo wakadaro uripo, uripo chaizvo uye wakasununguka
- Zyxel ZyWALL VPN2S
VPN2S ndeye VPN firewall iyo inokutendera iwe kushandisa yakavanzika yekubatanidza
point-to-point pasina kuomesesa gadziriso yetiweki paramita.
Mufananidzo 1. Kuonekwa kweZyxel ZyWALL VPN2S
Muchidimbu chigadziriso chemudziyo
Hardware Features
10/100/1000 Mbps RJ-45 zviteshi
3 x LAN, 1 x WAN/LAN, 1 x WAN
USB ports
2 X USB 2.0
Hapana fani
kuti
Sistimu kugona uye kuita
SPI Firewall Throughput (Mbps)
1.5 Gbps
VPN Bandwidth (Mbps)
35
Nhamba yepamusoro yezvikamu zvenguva imwe chete. TCP
50000
Nhamba yepamusoro yenguva imwe chete IPsec VPN tunnels [5] 20
Customizable zones
kuti
IPv6 rutsigiro
kuti
Nhamba yepamusoro yeVLANs
16
Main Software Features
Multi-WAN Load Balance/Failover
kuti
Virtual yakavanzika network (VPN)
Hongu (IPSec, L2TP pamusoro peIPSec, PPTP, L2TP, GRE)
VPN mutengi
IPSec/L2TP/PPTP
Sefa yemukati
1 gore remahara
Firewall
kuti
VLAN/Interface Group
kuti
Bandwidth Management
kuti
Chiitiko log uye kuongorora
kuti
Cloud Mubatsiri
kuti
Remote control
kuti
Cherechedza: Iyo data iri patafura yakavakirwa paOPAL BE microcode 1.12 kana kupfuura
gare gare shanduro.
Ndezvipi zvingasarudzwa zveVPN zvinotsigirwa neZyWALL VPN2S
Chaizvoizvo, kubva pazita zviri pachena kuti ZyWALL VPN2S mudziyo inonyanya
yakagadzirirwa kubatanidza vashandi vari kure uye mini-mapazi kuburikidza neVPN.
- Iyo L2TP Pamusoro peIPSec VPN protocol inopihwa kune vashandisi vekupedzisira.
- Kuti ubatanidze mini-mahofisi, kutaurirana kuburikidza neSite-kune-Site IPSec VPN inopihwa.
- Zvakare, uchishandisa ZyWALL VPN2S unogona kuvaka L2TP VPN yekubatanidza nayo
mupi wevhisi yekuwana Internet yakachengeteka.
Zvinofanira kucherechedzwa kuti kupatsanurwa uku kunonyanya kuenderana. Somuenzaniso, unogona
nzvimbo iri kure gadzirisa iyo Site-to-Site IPSec VPN yekubatanidza ine imwechete
mushandisi mukati meiyo perimeter.
Ehe, zvese izvi uchishandisa yakasimba VPN algorithms (IKEv2 uye SHA-2).
Kushandisa akawanda WANs
Nokuda kwebasa riri kure, chinhu chikuru ndechokuva nechiteshi chakagadzikana. Zvinosuruvarisa, pamwe chete
Izvi hazvigone kuvimbiswa nemutsara wekutaurirana kunyangwe kubva kune akavimbika mupi.
Matambudziko anogona kukamurwa kuva marudzi maviri:
- kudonha mukumhanya - iyo Multi-WAN mutoro wekuenzanisa basa ichabatsira neizvi
kuchengetedza kugadzikana kwakagadzikana pakukurumidza kunodiwa; - kukundikana pane chiteshi - nekuda kweichi Multi-WAN failover basa rinoshandiswa
kuve nechokwadi kushivirira kukanganisa uchishandisa nzira yekudzokorora.
Ndeapi masimba ehardware aripo kune izvi:
- Yechina LAN port inogona kugadziridzwa seyekuwedzera WAN port.
- Iyo USB port inogona kushandiswa kubatanidza 3G / 4G modem, inopa
backup chiteshi muchimiro chekukurukurirana kweserura.
Kuwedzera kuchengetedzwa kwetiweki
Sezvambotaurwa pamusoro apa, ichi ndicho chimwe chezvakanakira kushandisa zvakakosha
centralized devices.
ZyWALL VPN2S ine SPI (Stateful Packet Inspection) firewall basa rekurwisa marudzi akasiyana-siyana ekurwiswa, kusanganisira DoS (Denial of Service), kurwiswa uchishandisa spoofed IP kero, pamwe nekusatenderwa kure kure kune masisitimu, inofungidzira network traffic uye mapakeji.
Sekuwedzera dziviriro, chishandiso chine Zvemukati kusefa kuvharira mushandisi kuwana kune zvinofungidzika, zvine njodzi uye zvekunze zvemukati.
Kurumidza uye nyore 5-nhanho kuseta ine setup wizard
Kukurumidza kuseta chinongedzo, pane iri nyore yekuseta wizard uye graphical
interface mumitauro yakati wandei.
Mufananidzo 2. Muenzaniso weimwe yekuseta wizard skrini.
Kune manejimendi anokurumidza uye ane hunyanzvi, Zyxel inopa yakazara pasuru yezvishandiso zvekutonga zviri kure zvaunogona kugadzirisa zviri nyore VPN2S nekuiongorora.
Iko kugona kudzokorodza marongero kunorerutsa zvakanyanya kugadzirira kweakawanda ZyWALL VPN2S zvishandiso zvekuendesa kune vashandi vari kure.
VLAN rutsigiro
Pasinei nekuti ZyWALL VPN2S yakagadzirirwa basa riri kure, inotsigira VLAN. Izvi zvinokubvumira kuti uwedzere kuchengetedzeka kwetiweki, semuenzaniso, kana hofisi yemumwe muzvinabhizimusi yakabatana, ine muenzi Wi-Fi. Mabasa eVLAN akajairwa, akadai sekudzikamisa nhepfenyuro, kuderedza traffic inotapuriranwa uye kushandisa chengetedzo marongero, ari kudiwa mumakambani network, asi musimboti anogona zvakare kushandiswa mumabhizinesi madiki.
Rutsigiro rweVLAN runobatsirawo pakuronga network yakaparadzana, semuenzaniso, yeIP telephony.
Kuti uve nechokwadi chekushanda neVLAN, ZyWALL VPN2S device inotsigira IEEE 802.1Q standard.
Summing up
Ngozi yekurasikirwa nenharembozha ine yakagadziriswa VPN chiteshi inoda mhinduro kunze kwekugovera malaptop emakambani.
Iko kushandiswa kwe compact uye isingadhure VPN magedhi inokubvumira kuronga nyore basa revashandi vari kure.
Iyo ZyWALL VPN2S modhi yaive yakagadzirirwa kubatanidza vashandi vari kure uye mahofisi madiki.
Useful links
β
β
β
β
β
Source: www.habr.com