Imibuliso kuye wonke umntu oqhubeka efunda uthotho malunga nesizukulwana esitsha se-NGFW Jonga indawo yosapho lwe-SMB (uthotho lwe-1500). IN sijonge isisombululo se-SMP (i-portal yolawulo ye-SMB gateways). Namhlanje ndingathanda ukuthetha nge-Smart-1 Cloud portal, ibeka ngokwayo njengesisombululo esisekelwe kwi-SaaS Check Point, isebenza njengeSeva yoLawulo kwifu, ngoko kuya kufaneleka kuyo nayiphi na i-NGFW yokuHlola iNqanaba. Kwabo bathe basijoyina, mandikukhumbuze ngezihloko ebekuxoxiwe ngazo ngaphambili: , , .
Masiqaqambise ezona mpawu ziphambili zeSmart-1 Cloud:
- Isisombululo esisodwa esisembindini sokulawula yonke isiseko sakho se-Check Point (amasango abonakalayo kunye nawomzimba kumanqanaba ahlukeneyo).
- Iseti eqhelekileyo yemigaqo-nkqubo yazo zonke iiBlades ikuvumela ukuba wenze lula iinkqubo zolawulo (ukudala/ukuhlelwa kwemithetho yemisebenzi eyahlukeneyo).
- Inkxaso yendlela yeprofayili xa usebenza kunye nezicwangciso zesango. Uxanduva lokuhlukana kwamalungelo okufikelela xa usebenza kwi-portal, apho abalawuli benethiwekhi, iingcali zophicotho-zincwadi, njl njl.
- Ukubeka iliso kwesongelo, esibonelela ngeelogs kunye nokujongwa kwesiganeko kwindawo enye.
- Inkxaso yokusebenzisana nge-API. Umsebenzisi unokuphumeza iinkqubo ezizenzekelayo, ukwenza lula imisebenzi yesiqhelo yemihla ngemihla.
- Ukufikelela kwiwebhu. Isusa izithintelo malunga nenkxaso yee-OS ezizimeleyo kwaye iyaqondakala.
Kwabo sele beqhelene nezisombululo ze-Check Point, amandla angundoqo anikezelweyo awahlukanga kunokuba neSeva yoLawulo oluzinikeleyo kwindawo kwiziseko zakho. Ziya kuba zilungile, kodwa kwimeko ye-Smart-1 Cloud, ukugcinwa komncedisi wolawulo kunikezelwa ziingcali ze-Check Point. Ibandakanya: ukwenza ii-backups, ukubeka esweni indawo yasimahla kwimidiya, ukulungisa iimpazamo, ukufaka iinguqulelo zesoftware zamva nje. Inkqubo yokufuduka (ukudluliselwa) izicwangciso nazo zenziwe lula.
Ukunikezelwa kwemvume
Ngaphambi kokuba uqhelane nokusebenza kwesisombululo solawulo lwamafu, masifunde imiba yelayisensi evela kwigosa. .
Ukulawula isango elinye:
Ubhaliso luxhomekeke kwiiblawudi zolawulo ezikhethiweyo; kukho imikhombandlela emi-3 iyonke:
- Ulawulo. I-50 GB yokugcina, i-1 GB yonke imihla kwiilogi.
- Ulawulo + SmartEvent. I-100 GB yokugcina, i-3 GB yemihla ngemihla yemihla ngemihla, ukuveliswa kwengxelo.
- Ulawulo + Ukuthotyelwa + SmartEvent. Ukugcinwa kwe-100 GB, ii-3 GB zemihla ngemihla, ii-logs zemihla ngemihla, ukuveliswa kwengxelo, iingcebiso zezicwangciso ezisekelwe kwizenzo zokhuseleko lolwazi ngokubanzi.
*Ukhetho luxhomekeke kwizinto ezininzi: uhlobo lwelogi, inani labasebenzisi, umthamo wetrafikhi.
Kukho kwakhona umrhumo wokulawula i-5 gateways. Asiyi kuhlala kule nto ngokweenkcukacha - ungasoloko ufumana ulwazi kuyo .
Ukuphehlelelwa kwe-Smart-1 Cloud
Nabani na unokuzama isisombululo; ukwenza oku, kufuneka ubhalise kwi-Infinity Portal-inkonzo yelifu evela kwi-Check Point, apho unokufumana ukufikelela kwesilingo kwezi ndawo zilandelayo:
- uKhuseleko lwamafu (CloudGuard SaaS, CloudGuard Native);
- Ukhuseleko lweNethiwekhi (i-CloudGuard Connect, i-Smart-1 Cloud, i-Infinity SOC);
- Ukhuseleko lwendawo yokugqibela (, i-SandBlast Agent Cloud Management, Sandblast Mobile).
Siza kungena kwinkqubo kunye nawe (ubhaliso luyafuneka kubasebenzisi abatsha) kwaye uye kwisisombululo se-Smart-1 Cloud:
Uya kuxelelwa ngokufutshane malunga neenzuzo zesi sisombululo (Ulawulo lweziseko zophuhliso, akukho kufakelo olufunekayo, uhlaziyo ngokuzenzekelayo).
Emva kokugcwalisa amasimi, kuya kufuneka ulinde de iakhawunti yakho ilungele ukungena kwi-portal:
Ukuba umsebenzi uphumelele, uya kufumana ulwazi lokubhalisa nge-imeyile (echazwe xa ungena kwi-Infinity Portal), kwaye uya kuthunyelwa kwakhona kwiphepha lasekhaya le-Smart-1 Cloud.
Ii-portal tabs ezikhoyo:
- Qalisa iSmartConsole. Ukusebenzisa usetyenziso olufakelweyo kwiPC yakho, okanye sebenzisa ujongano lwewebhu.
- Ungqamaniso kunye nento yesango.
- Ukusebenza ngezigodo.
- Useto.
Ungqamaniso kunye nesango
Masiqale ngongqamaniso lweSango loKhuseleko; ukwenza oku, kufuneka uyidibanise njengento. Yiya kwisithuba "Connect Gateway"
Kufuneka ungenise igama lesango elilodwa, unokongeza inkcazo kwinto. Emva koko cinezela "Bhalisa".
Into yesango iya kuvela eyakufuna ukudityaniswa nomncedisi wolawulo ngokuphumeza imiyalelo yeCLI yesango:
- Qinisekisa ukuba i-JHF yamva nje (Jumbo Hotfix) ifakwe kwisango.
- Seta ithokheni yoqhagamshelwano: cwangcisa i-maas yesango lokhuseleko kwi-auth-token
- Jonga ubume betonela yongqamaniso:
Isimo se-MaS: Sivuliwe
I-MaS Tunnel State: Phezulu
Igama lommandla we-MaS:
Service-Identifier.maas.checkpoint.com
Isango le-IP loNxibelelwano lwe-MaS: 100.64.0.1
Nje ukuba iinkonzo ze-Mass Tunnel zinyusiwe, kufuneka uqhubeke nokuseka uqhagamshelo lwe-SIC phakathi kwesango kunye ne-Smart-1 Cloud kwi-Smartconsole. Ukuba umsebenzi uphumelele, i-topology yesango iya kufumaneka, masiqhoboshele umzekelo:
Ngaloo ndlela, xa usebenzisa i-Smart-1 Cloud, isango lixhunyiwe kwinethiwekhi "yegrey" 10.64.0.1.
Makhe ndongeze ukuba kwisakhiwo sethu isango ngokwalo lifikelela kwi-Intanethi usebenzisa i-NAT, ngoko ke, akukho dilesi ye-IP yoluntu kwi-interface yayo, nangona kunjalo, sinokuyilawula ngaphandle. Le yenye into enomdla ye-Smart-1 Cloud, enkosi apho i-subnet yolawulo eyahlukileyo yenziwe kunye nephuli yayo yeedilesi ze-IP.
isiphelo
Nje ukuba wongeze ngempumelelo isango lolawulo nge-Smart-1 Cloud, unokufikelela ngokupheleleyo, njengakwi-Smart Console. Kubeko lwethu, saphehlelela inguqulelo yewebhu; enyanisweni, ngumatshini ophakanyisiweyo onenyani onomthengi osebenzayo wolawulo.
Unokuhlala ufunda ngakumbi malunga nesakhono seSmart Console kunye neCheck Point uyilo kumbhali wethu .
Yiyo yonke loo nto namhlanje, silindele inqaku lokugqibela loluhlu, apho siya kuchukumisa amandla okulungisa ukusebenza kosapho lwe-SMB 1500 kunye ne-Gaia 80.20 Embedded.
. Hla umamele (, , , , )
umthombo: www.habr.com
