I-ProHoster > Π‘Π»ΠΎΠ³ > Ukuphatha > 7. Indawo Yokuhlola Iqala R80.20. Ukulawula Ukufinyelela

7. Indawo Yokuhlola Iqala R80.20. Ukulawula Ukufinyelela

7. Indawo Yokuhlola Iqala R80.20. Ukulawula Ukufinyelela

Siyakwamukela kuSifundo 7, lapho sizoqala khona ukusebenza ngezinqubomgomo zokuphepha. Namuhla sizofaka inqubomgomo esangweni lethu okokuqala ngqa, i.e. Ekugcineni sizokwenza "ukufaka inqubomgomo". Ngemuva kwalokhu, ithrafikhi izokwazi ukudlula esangweni!
Ngokuvamile, izinqubomgomo, ngokombono we-Check Point, ziwumqondo obanzi. Izinqubomgomo Zokuvikela zingahlukaniswa ngezinhlobo ezi-3:

  1. Ukulawula Ukufinyelela. Lokhu kufaka phakathi ama-blade afana nalawa: I-Firewall, Ukulawula Uhlelo Lokusebenza, Ukuhlunga kwe-URL, Ukuqwashisa Ngokuqukethwe, Ukufinyelela Kweselula, i-VPN. Labo. yonke into ehlobene nokuvumela noma ukukhawulela ithrafikhi.
  2. Ukuvimbela Usongo. Ama-blade asetshenziswa lapha: IPS, i-Anti-Virus, i-Anti-Bot, Ukulingiswa Kosongo, Ukukhishwa Kosongo. Labo. imisebenzi ehlola okuqukethwe kwethrafikhi noma okuqukethwe osekudlule ku-Access Control.
  3. Ukuphepha Kwedeskithophu. Lezi sezivele ziyizinqubomgomo zokuphatha ama-ejenti we-Endpoint (okungukuthi ukuvikela izindawo zokusebenza). Empeleni, ngeke sithinte lesi sihloko esifundweni.

Kulesi sifundo sizoqala ukukhuluma ngezinqubomgomo Zokulawula Ukufinyelela.

Ukwakhiwa kokulawulwa kokufinyelela

Ukulawula Ukufinyelela kuyinqubomgomo yokuqala okufanele ifakwe esangweni. Ngaphandle kwale nqubomgomo, eminye (Ukuvimbela Usongo, Ukuphepha Kwedeskithophu) ngeke nje ifakwe. Njengoba kushiwo ngaphambili, izinqubomgomo Zokulawula Ukufinyelela zihlanganisa ama-blade amaningana ngesikhathi esisodwa:

  • I-Firewall;
  • Uhlelo lokusebenza nokuhlunga kwe-URL;
  • Ukuqwashisa ngokuqukethwe;
  • Ukufinyelela Kweselula;
  • NAT

Okokuqala, sizobheka eyodwa kuphela - i-Firewall.

Izinyathelo ezine zokumisa i-Firewall

Ukuze ufake inqubomgomo esangweni, KUMELE siqedele lezi zinyathelo ezilandelayo:

  1. Chaza izixhumanisi zesango ukuze zifaneleke indawo yokuphepha (kungaba Ngaphakathi, Kwangaphandle, i-DMZ, njll.)
  2. tune I-Anti-Spoofing;
  3. Dala izinto zenethiwekhi (Amanethiwekhi, Abasingathi, Amaseva njll.) Lokhu kubalulekile! Njengoba sengishilo, i-Check Point isebenza kuphela ngezinto. Ngeke ukwazi ukuvele ufake ikheli le-IP ohlwini lokufinyelela;
  4. Dala Uhlu Lokufinyelela-s (okungenani eyodwa).

Ngaphandle kwalezi zilungiselelo, izinqubomgomo ngeke zifakwe!

Isifundo sevidiyo

Njengokuvamile, sinamathisela okokufundisa kwevidiyo lapho sizokwenza khona inqubo eyisisekelo yokusetha ye-Access-Control futhi sidale izinhlu zokufinyelela ezinconyiwe.

Hlala ubukele ukuze uthole okwengeziwe futhi ujoyine yethu Isiteshi se-YouTube πŸ™‚

Source: www.habr.com

Engeza amazwana