Sebenzisa iiCase for Network Visibility Solutions
Yintoni ukubonakala kweNethiwekhi?
Ukubonakala kuchazwa yiWebster’s Dictionary “njengokukwazi ukubonwa ngokulula” okanye “umlinganiselo wokucaca.” Inethiwekhi okanye ukubonakala kwesicelo kubhekiselele ekususweni kweendawo ezingaboniyo ezifihla amandla okubona ngokulula (okanye ukulinganisa) okwenzekayo kwinethiwekhi kunye / okanye izicelo kwinethiwekhi. Oku kubonakala kuvumela amaqela e-IT ukuba akhuphe ngokukhawuleza izisongelo zokhuseleko kwaye asombulule imiba yokusebenza, ekugqibeleni anikezele ngamava angcono kakhulu omsebenzisi wokugqibela.
Olunye ulwazi luvumela amaqela e-IT ukuba abeke iliso kwaye akhulise inethiwekhi kunye nezicelo kunye neenkonzo ze-IT. Yiyo loo nto inethiwekhi, usetyenziso, kunye nokubonakala kokhuseleko kubaluleke kakhulu kuwo nawuphi na umbutho we-IT.
Eyona ndlela ilula yokufezekisa ukubonakala kwenethiwekhi kukuphumeza ukwakheka kokubonakala, okuyisiseko esibanzi sokuphela kokuphela esibonelela ngenethiwekhi ebonakalayo kunye nenyani, isicelo, kunye nokubonakala kokhuseleko.
Ukubeka iSiseko sokuBoneleka kweNethiwekhi
Nje ukuba ulwakhiwo olubonakalayo lukhona, iimeko ezininzi zokusetyenziswa ziyafumaneka. Njengoko kuboniswe ngezantsi, i-architecture yokubonakala ibonisa amanqanaba amathathu aphambili okubonakala: inqanaba lokufikelela, inqanaba lokulawula, kunye nenqanaba lokubeka iliso.
Ukusebenzisa izinto ezibonisiweyo, iingcali ze-IT zinokusombulula iindidi zenethiwekhi kunye neengxaki zesicelo. Kukho iintlobo ezimbini zeemeko zokusetyenziswa:
- Izisombululo zokubonakala ezisisiseko
- Ukubonakala kwenethiwekhi epheleleyo
Izisombululo zokubonakala ezingundoqo zijolise kukhuseleko lwenethiwekhi, ukonga iindleko, kunye nokusombulula ingxaki. Ezi zintathu iikhrayitheriya ezichaphazela i-IT rhoqo ngenyanga, ukuba kungekhona imihla ngemihla, isiseko. Ukubonakala kwenethiwekhi epheleleyo yenzelwe ukubonelela ngengqiqo enkulu kwiindawo ezingaboniyo, ukusebenza kunye nokuthotyelwa.
Yintoni onokuyenza ngokwenene ngokubonakala kwenethiwekhi?
Kukho iimeko ezintandathu ezahlukeneyo zokusebenzisa ukubonakala kwenethiwekhi ezinokubonisa ngokucacileyo ixabiso. Oku:
— Ukuphuculwa kokhuseleko lwenethiwekhi
- Ukubonelela ngamathuba okuqulatha kunye nokunciphisa iindleko
-Ukukhawulezisa ukulungisa iingxaki kunye nokwandisa ukuthembeka kwenethiwekhi
- Ukupheliswa kweendawo ezingaboniyo zenethiwekhi
-Ukuphucula inethiwekhi kunye nokusebenza kwesicelo
- Ukomeleza ukuthotyelwa kwemithetho
Ngezantsi kukho imizekelo ethile yokusetyenziswa.
Umzekelo weNombolo ye-1 - ukuhluzwa kwedatha kwizisombululo zokhuseleko ezikumgca (kwi-line), kwandisa ukusebenza kakuhle kwezi zisombululo
Injongo yolu khetho kukusebenzisa i-network packet broker (NPB) ukucoca idatha ye-low-risk data (umzekelo, ividiyo kunye nezwi) ukuyikhupha ekuhlolweni kokhuseleko (inkqubo yokuthintela ukungena (IPS), ukuthintela ukulahleka kwedatha (DLP) , i-firewall yesicelo sewebhu (WAF), njl.). Le traffic "ingathandekiyo" inokuchongwa kwaye idluliselwe emva kwi-by-pass switch kwaye ithunyelwe ngakumbi kuthungelwano. Inzuzo yesi sisombululo kukuba i-WAF okanye i-IPS ayifuni ukuchitha izibonelelo zeprosesa (CPU) ukuhlalutya idatha engadingekile. Ukuba itrafikhi yenethiwekhi yakho iqulethe isixa esibalulekileyo solu hlobo lwedatha, unokufuna ukusebenzisa eli nqaku kwaye unciphise umthwalo kwizixhobo zakho zokhuseleko.
Iinkampani ziye zaba neemeko apho ukuya kuthi ga kwi-35% ye-traffic network ye-traffic ephantsi ye-traffic ikhutshwe ngaphandle kokuhlolwa kwe-IPS. Oku kwandisa ngokuzenzekelayo i-bandwidth ye-IPS esebenzayo ngama-35% kwaye kuthetha ukuba unokukubekela ecaleni ukuthenga i-IPS eyongezelelweyo okanye ukuphucula. Sonke siyazi ukuba itrafikhi yenethiwekhi iyanda, ngoko ngexesha elithile uya kufuna i-IPS eqhuba ngcono. Ngokwenene ngumbuzo wokuba uyafuna ukunciphisa iindleko okanye hayi.
Umzekelo we-2 - ukulinganisa umthwalo kwandisa ubomi bezixhobo ze-1-10Gbps kwinethiwekhi ye-40Gbps
Imeko yesibini yokusetyenziswa ibandakanya ukunciphisa iindleko zobunini bezixhobo zenethiwekhi. Oku kuphunyezwa ngokusebenzisa i-packet brokers (NPBs) ukulinganisa i-traffic kukhuseleko kunye nezixhobo zokubeka iliso. Lunganceda njani ukulinganisa ukulayisha amashishini amaninzi? Okokuqala, ukwanda kwetrafikhi yenethiwekhi yinto eqhelekileyo kakhulu. Kodwa kuthekani ngokubeka iliso kwimpembelelo yokukhula kwamandla? Umzekelo, ukuba uphucula i-core network yakho ukusuka kwi-1 Gbps ukuya kwi-10 Gbps, uya kufuna izixhobo ze-10 Gbps zokubeka iliso ngokufanelekileyo. Ukuba unyusa isantya ukuya kwi-40 Gbps okanye i-100 Gbps, ngoko ngesantya esinjalo ukhetho lwezixhobo zokubeka iliso luncinci kwaye iindleko ziphezulu kakhulu.
Abarhwebi bepakethi babonelela ngokudityaniswa okuyimfuneko kunye namandla okulinganisa umthwalo. Ngokomzekelo, i-40 Gbps ye-traffic balancing ivumela ukubeka iliso kwi-traffic ukuba isasazwe phakathi kwezixhobo ezininzi ze-10 Gbps. Emva koko unokwandisa ubomi bezixhobo ze-Gbps ze-10 de ube nemali eyaneleyo yokuthenga izixhobo ezibiza kakhulu ezinokusingatha amaxabiso aphezulu edatha.
Omnye umzekelo kukudibanisa izixhobo kwindawo enye kwaye ubondle idatha efunekayo kwi-package broker. Ngamanye amaxesha izisombululo ezahlukileyo ezisasazwa kuthungelwano ziyasetyenziswa. Idatha yophando evela kwi-Enterprise Management Associates (EMA) ibonisa ukuba i-32% yezisombululo zamashishini azisetyenziswa kakuhle, okanye ngaphantsi kwe-50%. Ukufakwa kwindawo ephakathi kwesixhobo kunye nokulinganisa umthwalo kukuvumela ukuba udibanise izixhobo kunye nokwandisa ukusetyenziswa usebenzisa izixhobo ezimbalwa. Ungahlala ulinda ukuthenga izixhobo ezongezelelweyo de izinga lakho lokusebenzisa liphezulu ngokwaneleyo.
Umzekelo we-3 - ukulungisa iingxaki ukunciphisa / ukuphelisa isidingo sokufumana iimvume zeBhodi yoTshintsho
Emva kokuba izixhobo zokubonakala (ii-TAPs, ii-NPBs ...) zifakwe kwinethiwekhi, kuya kufuneka ufune ukwenza utshintsho kwinethiwekhi. Oku kukuvumela ukuba ulungelelanise ezinye iinkqubo zokusombulula iingxaki ukuphucula ukusebenza kakuhle.
Umzekelo, xa i-TAP ifakiwe ("yimise kwaye uyilibale"), igqithisela phambili ikopi yazo zonke iitrafikhi kwi-NPB. Oku kunenzuzo enkulu yokuphelisa uninzi lobunzima bolawulo lokufumana iimvume zokwenza utshintsho kuthungelwano. Ukuba ufake kwakhona umthengisi wepakethe, uya kuba nofikelelo olukhawulezileyo phantse kuyo yonke idatha efunekayo ukulungisa ingxaki.
Ukuba akukho sidingo sokwenza utshintsho, ungatsiba izigaba zokuvuma utshintsho kwaye uye ngqo kwi-debugging. Le nkqubo entsha inempembelelo enkulu ekunciphiseni iMean Time to Repair (MTTR). Uphando lubonisa ukuba kunokwenzeka ukunciphisa i-MTTR ukuya kuthi ga kwi-80%.
I-Case Study #4-Ubukrelekrele beSicelo, UkuSebenzisa ukuFifa kweSicelo kunye noMasking weDatha ukuze kuphuculwe ukusebenza kakuhle koKhuseleko.
Yintoni Intelligence yesicelo? Le teknoloji ifumaneka kwi-IXIA Packet Brokers (NPBs). Oku kukusebenza okuphambili okukuvumela ukuba uye ngaphaya komaleko we-2-4 wokucoca ipakethe (imifuziselo yeOSI) kwaye uhambe yonke indlela ukuya kumaleko wesi-7 (umaleko wesicelo). Inzuzo kukuba umsebenzisi kunye nokuziphatha kwesicelo kunye nedatha yendawo inokuveliswa kwaye ithunyelwe ngaphandle kwayo nayiphi na ifomathi efunwayo - iipakethi eziluhlaza, iipakethi ezihluziweyo, okanye i-NetFlow (IxFlow) ulwazi. Amasebe e-IT anokuchonga izicelo zenethiwekhi ezifihliweyo, ukunciphisa izisongelo zokhuseleko lwenethiwekhi, kunye nokunciphisa ixesha lokunciphisa inethiwekhi kunye / okanye ukuphucula ukusebenza kwenethiwekhi. Iimpawu ezahlukileyo zezicelo ezaziwayo nezingaziwayo zinokuchongwa, zithathwe kwaye kwabelwane ngazo kunye nezixhobo ezikhethekileyo zokubeka iliso kunye nokhuseleko.
- ukuchongwa kwezicelo ezikrokrelekayo/ezingaziwayo
- ukuchonga ukuziphatha okukrokrisayo nge-geolocation, umzekelo, umsebenzisi osuka eMntla Korea uqhagamshela kwiseva yakho ye-FTP kwaye udlulisela idatha
- I-SSL decryption yokujonga kunye nokuhlalutya izoyikiso ezinokubakho
- uhlalutyo lokungasebenzi kakuhle kwesicelo
- uhlalutyo lomthamo wezithuthi kunye nokukhula kokulawulwa kwezixhobo ezisebenzayo kunye noqikelelo lokwandiswa
- ukufihla idatha ebuthathaka (amakhadi etyala, iziqinisekiso...) phambi kokuthumela
Ukusebenza kweVisibility Intelligence kuyafumaneka kwizinto ezibonakalayo kunye nenyani (iCloud Lens Private) i-IXIA (NPB), kunye "namafu" kawonke-wonke - Cloud Lens Public:
Ukongeza ekusebenzeni okusemgangathweni kweNetStack, iPacketStack kunye neAppStack:
Kutshanje, ukusebenza kokhuseleko kuye kongezwa: I-SecureStack (ukwandisa ukusetyenzwa kwetrafikhi eyimfihlo), i-MobileStack (yabaqhubi beselula) kunye ne-TradeStack (yokubeka iliso kunye nokucoca idatha yokurhweba ngemali):
ezifunyanisiweyo
Izisombululo zokubonakala kothungelwano zizixhobo ezinamandla ezikwaziyo ukwenza ukubeka iliso kuthungelwano kunye nolwakhiwo lokhuseleko oludala uqokelelo olusisiseko kunye nokwabelana ngedatha ebalulekileyo.
Iimeko zokusetyenziswa zivumela:
- ubonelele ngokufikelela kwidatha ethile eyimfuneko njengoko ifuneka kuxilongo kunye nokusombulula ingxaki
- yongeza / susa izisombululo zokhuseleko, ukubeka esweni zombini kwi-line kunye ne-out-of-band
- ukunciphisa iMTTR
- qinisekisa ukuphendula ngokukhawuleza kwiingxaki
- yenza uhlalutyo oluphambili lwesoyikiso
- Ukuphelisa uninzi lwezamkelo ze-bureaucratic
- ukunciphisa imiphumo yezemali ye-hack ngokudibanisa ngokukhawuleza izisombululo eziyimfuneko kwinethiwekhi kunye nokunciphisa i-MTTR
- ukunciphisa iindleko kunye nomsebenzi wokuseka izibuko le-SPAN
umthombo: www.habr.com