Ho latela palo ea lipotso tse qalileng ho fihla ho rona ka SD-WAN, theknoloji e se e qalile ho mela ka botlalo Russia. Barekisi, ka tlhaho, ha ba robale mme ba fana ka maikutlo a bona, 'me bo-pula-maliboho ba bang ba sebete ba se ba ntse ba li kenya ts'ebetsong marang-rang a bona.
Re sebetsa le hoo e batlang e le barekisi bohle, 'me ka lilemo tse' maloa ka laboratoring ea rona ke khonne ho batlisisa ka har'a meralo ea moqapi e mong le e mong ea ka sehloohong oa tharollo e hlalositsoeng ke software. SD-WAN e tsoang Fortinet e eme ka thoko hanyane mona, e hahileng ts'ebetso ea ho leka-lekanya sephethephethe lipakeng tsa liteishene tsa puisano ho software ea firewall. Tharollo ke ho e-na le demokrasi, kahoo hangata e nkoa ke lik'hamphani tse e-s'o itokisetse liphetoho tsa lefats'e, empa li batla ho sebelisa mecha ea tsona ea puisano ka katleho.
Sehloohong sena ke batla ho u bolella mokhoa oa ho lokisa le ho sebetsa le SD-WAN ho tloha Fortinet, hore na tharollo ena e loketse mang le hore na u ka kopana le maraba afe mona.
Libapali tse hlahelletseng 'marakeng oa SD-WAN li ka aroloa ho e' ngoe ea mefuta e 'meli:
1. Li-Startups tse thehileng litharollo tsa SD-WAN ho tloha qalong. Ba atlehileng ka ho fetisisa ho tsena ba fumana ts'usumetso e kholo ea nts'etsopele kamora ho rekoa ke lik'hamphani tse kholo - ena ke pale ea Cisco/Viptela, VMWare/VeloCloud, Nuage/Nokia
2. Bahoebi ba bangata ba marang-rang ba entseng litharollo tsa SD-WAN, ba nts'etsapele ho lokisoa le taolo ea li-routers tsa bona tsa setso - ena ke pale ea Juniper, Huawei.
Fortinet e ile ea khona ho fumana tsela ea eona. Software ea firewall e ne e e-na le ts'ebetso e kentsoeng e entseng hore ho khonehe ho kopanya li-interfaces ho likanale tsa sebele le ho leka-lekanya mojaro pakeng tsa tsona ho sebelisa li-algorithms tse rarahaneng ha li bapisoa le litsela tse tloaelehileng. Ts'ebetso ena e ne e bitsoa SD-WAN. Na seo Fortinet se neng se bitsoa SD-WAN? 'Maraka o ntse o utloisisa butle-butle hore Software-Defined e bolela karohano ea Sefofane sa Taolo ho tloha ho Data Plane, balaoli ba inehetseng, le liletsa tsa 'mino. Fortinet ha e na letho le joalo. Tsamaiso e bohareng ke ea boikhethelo 'me e fanoa ka sesebelisoa sa setso sa Fortimanager. Empa ka maikutlo a ka, ha ua lokela ho batla 'nete e sa utloahaleng le ho senya nako ho ngangisana ka mantsoe. Lefatšeng la sebele, mokhoa o mong le o mong o na le melemo le mathata a oona. Tsela e molemohali ea ho tsoa ke ho li utloisisa le ho khona ho khetha litharollo tse lumellanang le mesebetsi.
Ke tla leka ho u joetsa ka li-screenshots letsohong hore na SD-WAN e tsoang Fortinet e shebahala joang le hore na e ka etsa eng.
Kamoo e sebetsang kateng kaofela
Ha re nke hore u na le makala a mabeli a hokahaneng ke liteishene tse peli tsa data. Lihokelo tsena tsa data li kopantsoe ho ba sehlopha, se ts'oanang le kamoo li-interfaces tsa Ethernet tse tloaelehileng li kopantsoeng ho LACP-Port-Channel. Batho ba khale ba tla hopola PPP Multilink - hape e le papiso e loketseng. Liteishene e ka ba likou tsa 'mele, VLAN SVI, hammoho le lithanele tsa VPN kapa GRE.
VPN kapa GRE hangata li sebelisoa ha ho hokeloa marang-rang a lekala sebakeng sa Marang-rang. Le likou tsa 'mele - haeba ho na le likhokahano tsa L2 lipakeng tsa libaka, kapa ha u hokela ho MPLS/VPN e inehetseng, haeba re khotsofetse ke khokahano ntle le Overlay le encryption. Ketsahalo e 'ngoe eo ho eona likou tsa 'mele li sebelisoang sehlopheng sa SD-WAN ke ho leka-lekanya phihlello ea lehae ea basebelisi ho Marang-rang.
Sebakeng sa rona ho na le li-firewall tse 'nè le lithanele tse peli tsa VPN tse sebetsang ka "basebelisi ba puisano" ba babeli. Setšoantšo se shebahala tjena:
Li-tunnel tsa VPN li hlophisitsoe ka mokhoa oa sebopeho e le hore li tšoane le likhokahano tsa ntlha-to-point pakeng tsa lisebelisoa tse nang le liaterese tsa IP ho li-interfaces tsa P2P, tse ka pinged ho netefatsa hore puisano ka kotopo e itseng e sebetsa. E le hore sephethephethe se ka ngolisoa 'me se ee ka lehlakoreng le leng, ho lekane ho se tsamaisa ka har'a kotopo. Ntho e 'ngoe ke ho khetha sephethephethe bakeng sa encryption ho sebelisa manane a subnets, e leng se ferekanyang mookameli haholo ha tlhophiso e ntse e rarahana le ho feta. Marang-rang a maholo, o ka sebelisa theknoloji ea ADVPN ho haha VPN; ena ke analogue ea DMVPN e tsoang ho Cisco kapa DVPN e tsoang ho Huawei, e lumellang ho seta habonolo.
Sebaka sa marang-rang sa VPN config bakeng sa lisebelisoa tse peli tse nang le BGP routing mahlakoreng ka bobeli
«ЦОД» (DC)
«Филиал» (BRN)
config system interface
edit "WAN1"
set vdom "Internet"
set ip 1.1.1.1 255.255.255.252
set allowaccess ping
set role wan
set interface "DC-BRD"
set vlanid 111
next
edit "WAN2"
set vdom "Internet"
set ip 3.3.3.1 255.255.255.252
set allowaccess ping
set role lan
set interface "DC-BRD"
set vlanid 112
next
edit "BRN-Ph1-1"
set vdom "Internet"
set ip 192.168.254.1 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.2 255.255.255.255
set interface "WAN1"
next
edit "BRN-Ph1-2"
set vdom "Internet"
set ip 192.168.254.3 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.4 255.255.255.255
set interface "WAN2"
next
end
config vpn ipsec phase1-interface
edit "BRN-Ph1-1"
set interface "WAN1"
set local-gw 1.1.1.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 2.2.2.1
set psksecret ***
next
edit "BRN-Ph1-2"
set interface "WAN2"
set local-gw 3.3.3.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 4.4.4.1
set psksecret ***
next
end
config vpn ipsec phase2-interface
edit "BRN-Ph2-1"
set phase1name "BRN-Ph1-1"
set proposal aes256-sha256
set dhgrp 2
next
edit "BRN-Ph2-2"
set phase1name "BRN-Ph1-2"
set proposal aes256-sha256
set dhgrp 2
next
end
config router static
edit 1
set gateway 1.1.1.2
set device "WAN1"
next
edit 3
set gateway 3.3.3.2
set device "WAN2"
next
end
config router bgp
set as 65002
set router-id 10.1.7.1
set ebgp-multipath enable
config neighbor
edit "192.168.254.2"
set remote-as 65003
next
edit "192.168.254.4"
set remote-as 65003
next
end
config network
edit 1
set prefix 10.1.0.0 255.255.0.0
next
end
config system interface
edit "WAN1"
set vdom "Internet"
set ip 2.2.2.1 255.255.255.252
set allowaccess ping
set role wan
set interface "BRN-BRD"
set vlanid 111
next
edit "WAN2"
set vdom "Internet"
set ip 4.4.4.1 255.255.255.252
set allowaccess ping
set role wan
set interface "BRN-BRD"
set vlanid 114
next
edit "DC-Ph1-1"
set vdom "Internet"
set ip 192.168.254.2 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.1 255.255.255.255
set interface "WAN1"
next
edit "DC-Ph1-2"
set vdom "Internet"
set ip 192.168.254.4 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 192.168.254.3 255.255.255.255
set interface "WAN2"
next
end
config vpn ipsec phase1-interface
edit "DC-Ph1-1"
set interface "WAN1"
set local-gw 2.2.2.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 1.1.1.1
set psksecret ***
next
edit "DC-Ph1-2"
set interface "WAN2"
set local-gw 4.4.4.1
set peertype any
set net-device disable
set proposal aes128-sha1
set dhgrp 2
set remote-gw 3.3.3.1
set psksecret ***
next
end
config vpn ipsec phase2-interface
edit "DC-Ph2-1"
set phase1name "DC-Ph1-1"
set proposal aes128-sha1
set dhgrp 2
next
edit "DC2-Ph2-2"
set phase1name "DC-Ph1-2"
set proposal aes128-sha1
set dhgrp 2
next
end
config router static
edit 1
set gateway 2.2.2.2
et device "WAN1"
next
edit 3
set gateway 4.4.4.2
set device "WAN2"
next
end
config router bgp
set as 65003
set router-id 10.200.7.1
set ebgp-multipath enable
config neighbor
edit "192.168.254.1"
set remote-as 65002
next
edit "192.168.254.3"
set remote-as 65002
next
end
config network
edit 1
set prefix 10.200.0.0 255.255.0.0
next
end
Ke fana ka config ka mokhoa oa mongolo, hobane, ka maikutlo a ka, ho bonolo haholoanyane ho lokisa VPN ka tsela ena. Hoo e ka bang litlhophiso tsohle lia tšoana mahlakoreng ka bobeli; ka sebopeho sa mongolo li ka etsoa joalo ka kopi-peista. Haeba u etsa ntho e tšoanang ho web interface, ho bonolo ho etsa phoso - lebala letšoao kae-kae, kenya boleng bo fosahetseng.
Ka mor'a hore re kenye li-interfaces ho bongata
Litsela tsohle le maano a ts'ireletso li ka bua ka eona, eseng lihokelo tse kenyellelitsoeng ho eona. Bonyane, o hloka ho lumella sephethephethe ho tloha marang-rang a kahare ho ea SD-WAN. Ha o ba etsetsa melao, o ka sebelisa mehato ea ts'ireletso joalo ka IPS, antivirus le phatlalatso ea HTTPS.
Melao ea SD-WAN e hlophisitsoe bakeng sa bongata. Ena ke melao e hlalosang algorithm ea ho leka-lekanya bakeng sa sephethephethe se itseng. Li tšoana le maano a tsamaiso ho Policy-Based Routing, feela ka lebaka la sephethephethe se oelang tlas'a leano, ha se "hop" e latelang kapa sebopeho se tloaelehileng se tsoang se kentsoeng, empa li-interfaces li kenyellelitsoe ho SD-WAN bundle plus. algorithm ea ho leka-lekanya sephethephethe lipakeng tsa likhokahano tsena.
Sephethephethe se ka aroloa ho phallo e akaretsang ka tlhaiso-leseling ea L3-L4, ka lits'ebetso tse tsebahalang, lits'ebeletso tsa Marang-rang (URL le IP), hammoho le basebelisi ba tsebahalang ba li-workstations le lilaptop. Kamora sena, e 'ngoe ea li-algorithms tse latelang tsa ho leka-lekanya e ka abeloa sephethephethe se abetsoeng:
Lethathamong la Interface Preference, likhokahano tseo ho tsoa ho tse seng li kentsoe mokotleng o tla sebeletsa mofuta ona oa sephethephethe lia khethoa. Ka ho kenyelletsa eseng li-interfaces tsohle, o ka fokotsa hantle hore na u sebelisa liteishene life, ho re, lengolo-tsoibila, haeba u sa batle ho jarisa liteishene tse theko e boima ka SLA e phahameng ka eona. Ho FortiOS 6.4.1, ho ile ha khoneha ho kopanya li-interfaces tsa lihlopha tse kenyellelitsoeng mokotleng oa SD-WAN ka libaka, ho theha, mohlala, sebaka se le seng sa puisano le libaka tse hōle, le se seng bakeng sa phihlello ea inthanete ea lehae ka NAT. E, e, sephethephethe se kenang Inthaneteng se tloaelehileng le sona se ka ba se leka-lekaneng.
Mabapi le ho leka-lekanya algorithms
Mabapi le hore na Fortigate (firewall e tsoang Fortinet) e ka arola sephethephethe lipakeng tsa liteishene, ho na le likhetho tse peli tse khahlisang tse sa tloahelehileng haholo 'marakeng:
Theko e tlase (SLA) - ho tsoa ho li-interfaces tsohle tse khotsofatsang SLA hona joale, e nang le boima bo tlaase (litšenyehelo), e behiloeng ka letsoho ke mookameli, e khethoa; mokhoa ona o loketse sephethephethe sa "bongata" joalo ka li-backups le phetiso ea lifaele.
Boleng bo Botle (SLA) - algorithm ena, ntle le tieho e tloaelehileng, jitter le tahlehelo ea lipakete tsa Fortigate, e ka boela ea sebelisa mojaro oa mocha oa hona joale ho lekola boleng ba liteishene; Mokhoa ona o loketse sephethephethe se hlokolosi joalo ka VoIP le seboka sa video.
Li-algorithms tsena li hloka ho theha metara ea ts'ebetso ea mocha oa puisano - Performance SLA. Methara ena nako le nako (ho hlahloba nako) e beha leihlo tlhahisoleseling mabapi le ho latela SLA: tahlehelo ea pakete, latency le jitter mocheng oa puisano, 'me e ka "hana" liteishene tseo hajoale li sa fihlelleng litekanyetso tsa boleng - li lahleheloa ke lipakete tse ngata haholo kapa li na le mathata. latency e ngata. Ho phaella moo, meter e lekola boemo ba mocha, 'me e ka e tlosa ka nakoana ho tloha mokotleng haeba ho ka ba le tahlehelo e pheta-phetoang ea likarabo (ho hlōleha pele ho se sebetse). Ha e tsosolosoa, ka mor'a likarabo tse 'maloa tse latellanang (ho tsosolosa sehokelo ka mor'a), meter e tla khutlisetsa mocha ka har'a bongata,' me data e tla qala ho fetisoa ka eona hape.
Sena ke tsela eo "metara" e shebahalang ka eona:
Sehokelong sa marang-rang, kopo ea ICMP-Echo, HTTP-GET le DNS li fumaneha joalo ka liprothokholo tsa liteko. Ho na le likhetho tse ling hape moleng oa taelo: Likhetho tsa TCP-echo le UDP-echo lia fumaneha, hammoho le protocol e khethehileng ea tekanyo ea boleng - TWAMP.
Liphetho tsa litekanyo li ka bonoa ho sehokelo sa tepo:
Mme moleng wa taelo:
Ho batle phoso
Haeba u thehile molao, empa ntho e 'ngoe le e' ngoe ha e sebetse kamoo ho neng ho lebelletsoe, o lokela ho sheba boleng ba Hit Count lethathamong la Melao ea SD-WAN. E tla bontša hore na sephethephethe se oela molaong ona ho hang:
Leqepheng la litlhophiso la mitha ka boeona, u ka bona phetoho ho li-parameter tsa mocha ka nako. Mohala o nang le matheba o bontša boleng ba moeli oa parameter
Sehokelong sa marang-rang u ka bona kamoo sephethephethe se tsamaisoang ka bongata ba data e fetisitsoeng / e amohetsoeng le palo ea linako:
Ntle le tsena tsohle, ho na le monyetla o motle oa ho lekola ho feta ha lipakete ka lintlha tse ngata. Ha o sebetsa marang-rang a 'nete, tlhophiso ea sesebelisoa e bokella maano a mangata a ho tsamaisa, firewalling, le kabo ea sephethephethe ho pholletsa le likou tsa SD-WAN. Sena sohle se sebelisana ka tsela e rarahaneng, 'me le hoja morekisi a fana ka litšoantšo tse qaqileng tsa li-block tsa li-algorithms tsa ho sebetsana le pakete, ke habohlokoa haholo hore u se ke ua khona ho haha le ho hlahloba likhopolo, empa ho bona hore na sephethephethe se ea hokae.
Ka mohlala, sete e latelang ea litaelo
diagnose debug flow filter saddr 10.200.64.15
diagnose debug flow filter daddr 10.1.7.2
diagnose debug flow show function-name
diagnose debug enable
diagnose debug trace 2
E u lumella ho latela lipakete tse peli ka aterese ea mohloli oa 10.200.64.15 le aterese ea moo u eang teng ea 10.1.7.2.
Re ping 10.7.1.2 ho tloha 10.200.64.15 ka makhetlo a mabeli 'me re sheba tlhahiso ea console.
Sephutheloana sa pele:
Pakete ea bobeli:
Mona ke pakete ea pele e amohetsoeng ke firewall:
id=20085 trace_id=475 func=print_pkt_detail line=5605 msg="vd-Internet:0 received a packet(proto=1, 10.200.64.15:42->10.1.7.2:2048) from DMZ-Office. type=8, code=0, id=42, seq=0."
VDOM – Internet, Proto=1 (ICMP), DMZ-Office – название L3-интерфейса. Type=8 – Echo.
Seboka se secha se etselitsoe eena:
msg="allocate a new session-0006a627"
'Me papali e fumanoe litlhophisong tsa leano la ho tsamaisa
msg="Match policy routing id=2136539137: to 10.1.7.2 via ifindex-110"
Hoa fumaneha hore pakete e hloka ho romelloa ho e 'ngoe ea lithanele tsa VPN:
"find a route: flag=04000000 gw-192.168.254.1 via DC-Ph1-1"
Molao o latelang oa ho lumella o fumanoa melaong ea firewall:
msg="Allowed by Policy-3:"
Pakete e patiloe mme e romelloa kotopong ea VPN:
func=ipsecdev_hard_start_xmit line=789 msg="enter IPsec interface-DC-Ph1-1"
func=_ipsecdev_hard_start_xmit line=666 msg="IPsec tunnel-DC-Ph1-1"
func=esp_output4 line=905 msg="IPsec encrypt/auth"
Pakete e kentsoeng e romelloa atereseng ea heke bakeng sa sebopeho sena sa WAN:
msg="send to 2.2.2.2 via intf-WAN1"
Bakeng sa pakete ea bobeli, ntho e 'ngoe le e' ngoe e etsahala ka mokhoa o ts'oanang, empa e romelloa kotopong e 'ngoe ea VPN' me e tloha ka koung e fapaneng ea firewall:
func=ipsecdev_hard_start_xmit line=789 msg="enter IPsec interface-DC-Ph1-2"
func=_ipsecdev_hard_start_xmit line=666 msg="IPsec tunnel-DC-Ph1-2"
func=esp_output4 line=905 msg="IPsec encrypt/auth"
func=ipsec_output_finish line=622 msg="send to 4.4.4.2 via intf-WAN2"
Melemo ea tharollo
Ts'ebetso e tšepahalang le sebopeho se bonolo sa mosebelisi. Sebopeho se neng se fumaneha ho FortiOS pele ho fihla SD-WAN se bolokiloe ka botlalo. Ke hore, ha re na software e sa tsoa etsoa, empa re na le sistimi e holileng e tsoang ho morekisi ea netefalitsoeng oa firewall. Ka sete e tloaelehileng ea mesebetsi ea marang-rang, sehokelo sa webo se bonolo ebile se bonolo ho ithuta. Ke barekisi ba bakae ba SD-WAN ba nang le ts'ebetso ea Remote-Access VPN ho lisebelisoa tsa ho qetela?
Tshireletso boemo 80. FortiGate ke e 'ngoe ea litharollo tse holimo tsa firewall. Ho na le boitsebiso bo bongata Inthaneteng mabapi le ho theha le ho tsamaisa li-firewalls, 'me' marakeng oa basebetsi ho na le litsebi tse ngata tsa tšireletso tse seng li ntse li tseba tharollo ea barekisi.
Theko ea Zero bakeng sa ts'ebetso ea SD-WAN. Ho aha marang-rang a SD-WAN ho FortiGate ho bitsa chelete e tšoanang le ho aha marang-rang a kamehla a WAN ho eona, kaha ha ho hlokahale lilaesense tse eketsehileng ho kenya tšebetsong ts'ebetso ea SD-WAN.
Theko e tlase ea thibelo ea ho kena. Fortigate e na le boemo bo botle ba lisebelisoa bakeng sa maemo a fapaneng a ts'ebetso. Mefuta e nyane ka ho fetisisa le e theko e tlaase haholo e loketse ho holisa ofisi kapa sebaka sa thekiso ka ho re, basebetsi ba 3-5. Barekisi ba bangata ha ba na mefuta e joalo e sa sebetseng hantle le e theko e tlaase.
Tshebetso e phahameng. Ho fokotsa ts'ebetso ea SD-WAN ho leka-lekanya sephethephethe ho lumelletse k'hamphani ho lokolla SD-WAN ASIC e khethehileng, ka lebaka leo ts'ebetso ea SD-WAN e sa fokotseng ts'ebetso ea firewall ka kakaretso.
Bokhoni ba ho kenya tšebetsong ofisi eohle ho lisebelisoa tsa Fortinet. Tsena ke li-firewall, li-switches, libaka tsa phihlello tsa Wi-Fi. Ofisi e joalo e bonolo ebile e bonolo ho e laola - li-switches le libaka tsa phihlello li ngolisitsoe ho li-firewall mme li laoloa ho tsoa ho tsona. Mohlala, sena ke seo switch port e kanna ea shebahala joalo ka sebopeho sa firewall se laolang switch ena:
Ho hloka balaoli joalo ka ntlha e le 'ngoe ea ho hloleha. Morekisi ka boeena o tsepamisitse maikutlo ho sena, empa sena se ka bitsoa feela molemo ka karolo e itseng, hobane bakeng sa barekisi ba nang le balaoli, ho netefatsa hore mamello ea bona ea liphoso ha e theko e tlaase, hangata ka theko ea lisebelisoa tse nyenyane tsa k'homphieutha sebakeng sa virtualization.
Seo u lokelang ho se batla
Ha ho na karohano pakeng tsa Control Plane le Data Plane. Sena se bolela hore marang-rang a tlameha ho hlophisoa ka letsoho kapa ka ho sebelisa lisebelisoa tsa tsamaiso tse seng li ntse li le teng - FortiManager. Bakeng sa barekisi ba sebelisitseng karohano e joalo, marang-rang a bokelloa ka boeona. Mookameli a ka 'na a hloka feela ho fetola topology ea eona, ho thibela ntho e itseng kae-kae, ha ho letho le leng hape. Leha ho le joalo, karete ea terompeta ea FortiManager ke hore ha e khone ho laola li-firewall feela, empa hape le li-switches le libaka tsa ho fumana Wi-Fi, ke hore, hoo e batlang e le marang-rang kaofela.
Keketseho ea maemo a taolo. Ka lebaka la hore lisebelisoa tsa setso li sebelisetsoa ho iketsetsa tlhophiso ea marang-rang, taolo ea marang-rang ka ho kenngoa ha SD-WAN e eketseha hanyenyane. Ka lehlakoreng le leng, ts'ebetso e ncha e fumaneha kapele, kaha morekisi o qala ho e lokolla feela bakeng sa sistimi ea ts'ebetso ea firewall (eo hang-hang e etsang hore e khonehe ho e sebelisa), ebe joale o tlatselletsa tsamaiso ea tsamaiso ka li-interfaces tse hlokahalang.
Ts'ebetso e 'ngoe e ka ba teng ho tsoa moleng oa taelo, empa ha e fumanehe ho tsoa ho sehokelo sa webo. Ka linako tse ling ha ho tšabe hakaalo ho kena molaong oa taelo ho lokisa ntho e itseng, empa hoa tšosa ho se bone ka har'a marang-rang hore motho e mong o se a lokiselitse ho hong ho tloha molaong oa taelo. Empa hangata sena se sebetsa ho likarolo tse ncha ka ho fetesisa mme butle-butle, ka lintlafatso tsa FortiOS, bokhoni ba sebopeho sa marang-rang boa ntlafatsoa.
Ke mang ea tla tšoanela
Bakeng sa ba se nang makala a mangata. Ho kenya ts'ebetsong tharollo ea SD-WAN e nang le likarolo tse rarahaneng tse bohareng ho marang-rang a makala a 8-10 ho ka 'na ha se ke ha bitsa kerese - o tla tlameha ho sebelisa chelete ho laesense bakeng sa lisebelisoa tsa SD-WAN le lisebelisoa tsa tsamaiso ea virtualization ho amohela likarolo tse bohareng. Khampani e nyane hangata e na le lisebelisoa tse fokolang tsa mahala tsa komporo. Tabeng ea Fortinet, ho lekane ho reka li-firewall feela.
Bakeng sa ba nang le makala a mangata a manyenyane. Bakeng sa barekisi ba bangata, theko e tlase ea tharollo ka lekala e phahame haholo mme e kanna ea se thahaselle ho ea ka pono ea khoebo ea bareki ba ho qetela. Fortinet e fana ka lisebelisoa tse nyane ka litheko tse ntle haholo.
Bakeng sa ba seng ba itokiselitse ho hata hole haholo. Ho kenya ts'ebetsong SD-WAN ka balaoli, tsamaiso ea thepa, le mokhoa o mocha oa ho rera le ho laola marang-rang e ka ba mohato o moholo haholo ho bareki ba bang. E, ts'ebetsong e joalo qetellong e tla thusa ho ntlafatsa ts'ebeliso ea liteishene tsa puisano le mosebetsi oa batsamaisi, empa pele u tla tlameha ho ithuta lintho tse ngata tse ncha. Bakeng sa ba seng ba itokiselitse phetoho ea paradigm, empa ba batla ho pepeta ho feta mecheng ea bona ea puisano, tharollo e tsoang ho Fortinet e nepahetse.
Source: www.habr.com