Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch ML-BYPASS-M2000
Gawo la Bypass: 8*10G SFP+ & 4*100GE, Gawo la Monitor: 16*10GE SFP+ & 4*100GE, Max 2.4Tbps
1-Zowunikira mwachidule
Ndi chitukuko cha intaneti mwachangu, chiwopsezo cha chitetezo cha chidziwitso cha netiweki chikukulirakulira, kotero mapulogalamu osiyanasiyana oteteza chitetezo cha chidziwitso akugwiritsidwa ntchito kwambiri. Kaya ndi zida zachikhalidwe zowongolera mwayi (firewall) kapena mtundu watsopano wa njira zodzitetezera zapamwamba monga njira yopewera kulowerera (IPS), nsanja yoyang'anira zoopsa (UTM), njira yotsutsa kukana (Anti-DDoS), Gateway Yotsutsa spam, Njira Yodziwira ndi Kulamulira Magalimoto ya DPI, ndi zida zambiri zachitetezo zimayikidwa motsatizana mu ma key nodes a netiweki, kukhazikitsa mfundo yofananira yachitetezo cha data kuti izindikire ndikuthana ndi magalimoto ovomerezeka / osaloledwa. Komabe, nthawi yomweyo, netiweki ya kompyuta idzapangitsa kuchedwa kwakukulu kwa netiweki kapena kusokoneza netiweki ngati pachitika kulephera, kukonza, kukweza, kusintha zida ndi zina zotero pamalo ogwiritsira ntchito netiweki yopangira yodalirika kwambiri, ogwiritsa ntchito sangapirire.
ML-BYPASS-M2000 Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch zafufuzidwa ndi kupangidwa kuti zigwiritsidwe ntchito popereka mitundu yosiyanasiyana ya zida zachitetezo zotsatizana komanso kupereka kudalirika kwakukulu kwa netiweki.
Pogwiritsa ntchito Mylinking™ Network Packet Broker komanso Inline Bypass Switch:
●Ogwiritsa ntchito amatha kuyika/kuchotsa zida zotetezera popanda kusokoneza kapena kusokoneza netiweki yomwe ilipo;
● Ili ndi ntchito yanzeru yowunikira thanzi kuti iwunikire momwe zida zotetezedwa zolumikizidwa zimagwirira ntchito nthawi yeniyeni. Chipangizo chotetezedwa cholumikizidwa chikalephera kugwira ntchito, chotetezacho chimadutsa chokha kuti chisunge kulumikizana kwabwinobwino kwa netiweki.
●Ukadaulo wosankha woteteza magalimoto ungagwiritsidwe ntchito poyika zida zinazake zotsukira magalimoto, zida zowunikira pogwiritsa ntchito njira zobisika, ndi zina zotero. Umakhazikitsa bwino chitetezo cholowera mkati mwa magalimoto amitundu ina, ndikutsitsa katundu wokonza magalimoto a zida zamkati.
● Ukadaulo woteteza magalimoto kuti asayende bwino ungagwiritsidwe ntchito poyika zida zotetezeka zomwe zili mumzere m'magulu kuti zikwaniritse zosowa za chitetezo chomwe chili mumzere pansi pa malo opanikizika kwambiri.
●Ili ndi mphamvu zoyimira za SSL, zomwe zimakwaniritsa zofunikira zowunikira ndi kusanthula zida zotetezera zomwe zili ndi deta yobisika.
● Ili ndi luso loyambira lokonza magalimoto monga kubwerezabwereza magalimoto, kuphatikiza, kusefa, ndi kulemba zilembo, komanso luso lapamwamba lokonza magalimoto monga kuchotsera, kuphimba nkhope, kuzindikira njira yogwiritsira ntchito, ndi kupanga mawonekedwe a magalimoto.
2-Mylinking™ Network Packet Broker komanso Inline Bypass Switch Advanced Features and Technologies
Njira Yotetezera ya Mylinking™ “SpecFlow” ndi Ukadaulo wa Njira Yotetezera ya “FullLink”
Ukadaulo Woteteza Kusinthasintha kwa Mylinking™ Mwachangu
Ukadaulo wa Mylinking™ “LinkSafeSwitch”
Mylinking™ “WebService” Ukadaulo Wosintha Ndondomeko Yotumizira/Kutulutsa Nkhani
Ukadaulo Wozindikira Mapaketi a Mtima a Mylinking™ Anzeru
Kulumikiza kwanga™ Mapaketi Odziwika a Mtima
Kulumikiza kwanga™ Ukadaulo Wolinganiza Mitolo Yosiyanasiyana
Kulumikiza kwanga™ Ukadaulo Wogawa Magalimoto Mwanzeru
Kulumikiza kwanga™ Ukadaulo Wolinganiza Katundu Wamphamvu
Kulumikiza kwanga™ Ukadaulo Woyang'anira Kutali (HTTP/WEB, TELNET/SSH, “EasyConfig/AdvanceConfig” Characteristic)
3-Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch Configuration Guide
Monga momwe chithunzi chili pamwambapa chikusonyezera, gawo lonselo lili ndi mipata inayi yolumikizirana:
Malo osungira ma module a SLOT1, SLOT2, SLOT3, ndi SLOT4 onse akhoza kukhala ndi ma module a chitetezo cha BYPASS kapena ma module a MONITOR okhala ndi mitengo yosiyanasiyana ndi manambala a ma port. Mwa kusintha mitundu yosiyanasiyana ya ma module, ndizotheka kuthandizira chitetezo cha BYPASS pama linki angapo a 10G/40G/100G, komanso kuyika zida zowunikira za Inline Bypass pama linki angapo a 10G/40G/100G.
Dziwani: Gawo la BYPASS ndi gawo la MONITOR zimathandiza kusinthana kwa zinthu.
3.1-Mndandanda wa Zofotokozera za Module
| Chitsanzo cha Zamalonda | Zogwira ntchitoPma aramamita |
| Cvuto | |
| ML-BYPASS-M2000-CHS/AC | Choyimitsa chokhazikika cha mainchesi 19 cha 2U; mphamvu yogwiritsira ntchito kwambiri 300W; choteteza chachikulu cha modular BYPASS; mipata 4 ya ma module; mawonekedwe a 1*RS232 Console, mawonekedwe a 1*10/100/1000M RJ45 okhala ndi kasamalidwe ka netiweki yakunja; magetsi awiri AC-220V; |
| NT-BYPASS-M2000-CHS/DC | Choyimitsa cha 2U chokhazikika cha mainchesi 19; mphamvu yogwiritsira ntchito kwambiri 300W; choteteza chachikulu cha modular BYPASS; mipata 4 ya ma module; mawonekedwe a 1*RS232 Console, mawonekedwe a 1*10/100/1000M RJ45 okhala ndi kasamalidwe ka netiweki yakunja; magetsi awiri DC-48V; |
| KULAMBAModule | |
| INL-I8XM8X(LM/SM) | Imathandizira chitetezo cha kulumikizana kwa 10GE (chogwirizana ndi 1G) cha njira zinayi, yokhala ndi ma interfaces 8*10GE onse; imathandizira ma ports owunikira a 8*10G SFP+ (kupatula ma module optical). |
| INL-I4HM2H (LM/SM) | Imathandizira chitetezo cha 2-way 100GE (40GE yogwirizana) cha ulalo, chokhala ndi ma interfaces 4*100GE onse; imathandizira ma ports 2*100GE QSFP28 oyang'anira (kupatula ma module optical). |
| Gawo la MONITOR | |
| MON-M16X | Madoko owunikira a 16 * 10GE SFP + (kupatula ma module optical); |
| MON-M16X-CN98 | Madoko owunikira a 16*10GE SFP+ (gawo lowunikira silinaphatikizidwe); ali ndi injini yoyendetsera bwino, yothandizira ntchito zoyendetsera bwino magalimoto monga bypass SSL decryption, SSL proxy, ndi traffic draplication; |
| Lolemba-M4H | Madoko owunikira a 4 * 100GE QSFP28 (ma module owonera sanaphatikizidwe); |
| MON-M4H-CN98 | Madoko owunikira a 4*100GE QSFP28 (ma module owonera sakuphatikizidwa); okhala ndi injini yoyendetsera bwino, yothandizira ntchito zoyendetsera bwino magalimoto monga bypass SSL decryption, SSL proxy, ndi traffic draplication; |
3.2-Malamulo Osankha Ma Module
Kutengera ndi maulalo osiyanasiyana otetezedwa ndi zofunikira zowunikira zida zoyendetsera, mutha kusankha mosavuta ma module osiyanasiyana kuti akwaniritse zosowa zanu zenizeni; chonde tsatirani malamulo awa posankha:
1) Kusonkhanitsira chassis ndi gawo lofunikira ndipo liyenera kusankhidwa musanasankhe ma module ena aliwonse. Chonde sankhaninso njira yoyenera yopezera magetsi (AC/DC) malinga ndi zosowa zanu.
2) Chipangizochi chimathandizira malo okwana ma module anayi; simungasankhe ma module ambiri kuposa chiwerengero cha malo oti musinthe. Kutengera ndi kuphatikiza kosinthasintha kwa mitundu yosiyanasiyana ya ma module, chipangizochi chimatha kuthandizira chitetezo cha serial cha maulalo okwana 16 a 10GE/GE kapena maulalo 8 a 100GE/40GE.
4-Luso Lanzeru Lokonza Magalimoto
4.1-Kutumiza kwa Inline
Chitetezo Chapadera cha Magalimoto Olowera Pamzere
ImathandiziraMotsatana(mndandanda)njira yotetezera mitundu inayake ya magalimoto mulimonsemotsatanaulalo.Totumizani mitundu ina ya magalimoto yomwe yasankhidwa ndi ogwiritsa ntchito pamotsatanaulalo waMotsatana Schitetezochipangizokuti zigwiritsidwe ntchito, ndipo magalimoto ena onse amatumizidwa mwachindunji popanda kudutsaMotsatana Schitetezochipangizo. Nthawi yomweyo,itimayang'anira nthawi yeniyeni momwe zinthu zikuyenderaMotsatana SchitetezochipangizoPamene vuto la kusokonezeka kwa magalimoto litapezeka,itidzachotsedwa panjira yotumizira magalimoto yokha kuti zitsimikizire kuti ntchito ya netiweki ikupitilizabe.
Chitetezo Chonse cha Magalimoto Olowera M'mzere
ImathandiziraMotsatana(mndandanda)njira yotetezera mitundu yonse ya magalimoto mulimonsemotsatanaulalo.Tokutumiza magalimoto onse mumotsatanaulalo waMotsatana Schitetezochipangizokuti igwiritsidwe ntchito, ndikuyang'anira momwe Inline Security ikugwirira ntchitochipangizonthawi yeniyeni. Pamene vuto la magalimoto osayenda bwino litapezeka,itidzachotsedwa panjira yotumizira magalimoto yokha kuti zitsimikizire kuti ntchito ya netiweki ikupitilizabe.
Kulemera kwa katundu
Ili ndi luso lanzeru lolinganiza katundu wa magalimoto. Pamene ntchito yokonza imodzi ikuyenda bwinoMotsatana Schitetezochipangizosikokwanira kuthana ndimotsatanakuchuluka kwa anthu omwe amalumikizana ndi ulalo, kungathe kugawamotsatanagwirizanitsani kuchuluka kwa magalimoto ku ma interface a N Monitor mwa kukonza gulu lowongolera katundu. Malinga ndi MAC, zambiri za IP, nambala ya doko, protocol ndi zina,itimachita njira yosankha ya Hash algorithm yolumikizira katundu, kotero kutimotsatanakuchuluka kwa magalimoto olumikizirana kumagawidwa mofanana ku angapomotsatanachitetezochidas ya processing cluster, zomwe zimapangitsa kuti ntchito yonse yokonza zinthu iyende bwinomotsatanachitetezochidas. Pofuna kusintha malinga ndi zofunikira za bandwidth yayikulu komanso zochitika zazikulu zogwiritsa ntchito.
Kuzindikira Phukusi la Kugunda kwa Mtima
ImathandiziraTxndiRxmapaketi ozindikira kugunda kwa mtima kudzera pa uplink ndi downlink yolumikizidwamotsatanazipangizo zachitetezo, ndipo imazindikirazida zamkatimomwe zinthu zilili pa ntchito komanso ngati njira yoyendetsera magalimoto ndi yabwinobwino. Kugunda kwa mtima kwa mbali zonse ziwiripaketinjira yodziwira imatha kuwonetsa bwino momwe zinthu zilili panopamotsatanachitetezochipangizo, komanso kuonetsetsa kuti netiweki ikugwira ntchito bwino.
Ikhoza kusintha magawo a kugunda kwa mtima kwa aliyensemotsatanachipangizo chachitetezo, monga kugunda kwa mtimaTxnthawi yopuma, nthawi yochuluka yoyeseranso kugunda kwa mtima, nthawi yopumaTxnjira, ndi zina zotero. Imatha kuzindikira ndikuweruza vuto lamotsatanaZipangizo zachitetezo pakapita nthawi, ndipo zimathandizira kusintha maulalo achitetezo mwachangu.
Mapaketi ozindikira kugunda kwa mtima ndi mafelemu a Ethernet layer 2 okhazikika. Pamene mawonekedwe owonekera a Layer 2 bridge (monga IPS/FW) ayikidwa, mafelemu a Layer 2 Ethernet adzatumizidwa nthawi zonse popanda kutsekereza kapena kugwetsa. Nthawi yomweyo, imathanso kuthandizira mapaketi ozindikira kugunda kwa mtima a Ethernet layer 2, layer 3 ndi layer 4 kuti agwirizane ndi zina zapadera.motsatanaZipangizo zachitetezo nthawi zambiri sizingathe kutumiza mafelemu wamba a Ethernet layer 2.
Kutengera ndi njira yomwe ili pamwambapa, ogwiritsa ntchito amatha kuzindikira momwe zida zolumikizidwa zotetezera zimagwirira ntchito bwino, kuti athe kuonetsetsa kuti ntchito yanthawi zonse ya chitetezo ikuyenda bwino.
Kusintha kwa Bypass
Imathandizira njira yotsika kwambiri yodutsakusinthakuchedwa (<8ms), ndipo ogwiritsa ntchito sangamve kukhudzidwa kwa netiweki pamene chipangizocho chikuchita kunyalanyazakusinthaNthawi yomweyo, ukadaulo wosinthira Link wa chipangizocho ungatsimikizire kuti mkhalidwe wa ulalo wa ulalo waukulu sunakhudzidwe panthawi yodutsa.kusinthaUkadaulo uwu udzaonetsetsa kuti njira yodutsakusinthandi yotetezeka kwambiri, ndipo sidzapangitsa kuti protocol ya gawo lachiwiri / gawo lachitatu la maulalo otetezedwa igwirizanenso ndikugwirizana, kuti ichepetse kukhudzidwa kwa netiweki ya ogwiritsa ntchito panthawi yakusintha.
Kuletsa Magalimoto
Chipangizo chachitetezo chikazindikira kulumikizana kosaloledwa kapena kwachilendo kwa magalimoto ndipo chikufunika kutseka pakapita nthawi, chipangizocho chimatha kuletsa mapaketi aliwonse omwe ali mumsewu wokwera/wotsika wa magalimoto.motsatanaulalo kutengera momwe zinthu zilili pa fyuluta yofananira ndi tuple kuti zitsimikizire kuti ntchito za netiweki zikuyenda bwino.
Galasi la Magalimoto
Kuwonjezera pa chitetezo cha magalimoto a inline link ndi chipangizo cha Inline Security (monga IPS, WAF), magalimoto aliwonse owonetsedwa ndi SPAN akhoza kutumizidwa ku dongosolo loyang'anira chitetezo cha SPAN (monga IDS, APT), kuti akwaniritse zofunikira pakuyika SPAN yowunikira deta ya magalimoto kapena kuyesa ndi kutsimikizira magalimoto.
Woyimira wa SSL
Kudzera mu ntchito ya proxy ya SSL, paketi yoyambirira yobisika imachotsedwa ndikutumizidwa ku dongosolo loteteza chitetezo la inline, kenako deta yobisika imabwezeretsedwa ndikutumizidwa ku ulalo woyambirira, kuti ipereke deta yobisika ku dongosolo loteteza chitetezo la inline popanda kukhudza kutumiza deta yobisika pa ulalo woyambirira wa wogwiritsa ntchito, ndikuzindikira kuyang'anira ndi kusanthula deta yobisika ndi dongosolo losanthula.
4.2-Kutumizidwa kwa SPAN
Kubwerezabwereza kwa Magalimoto pa Netiweki
ImathandiziraMotsatana(mndandanda)njira yotetezera mitundu inayake ya magalimoto mulimonsemotsatanaulalo.Totumizani mitundu ina ya magalimoto yomwe yasankhidwa ndi ogwiritsa ntchito pamotsatanaulalo waMotsatana Schitetezochipangizokuti zigwiritsidwe ntchito, ndipo magalimoto ena onse amatumizidwa mwachindunji popanda kudutsaMotsatana Schitetezochipangizo. Nthawi yomweyo,itimayang'anira nthawi yeniyeni momwe zinthu zikuyenderaMotsatana SchitetezochipangizoPamene vuto la kusokonezeka kwa magalimoto litapezeka,itidzachotsedwa panjira yotumizira magalimoto yokha kuti zitsimikizire kuti ntchito ya netiweki ikupitilizabe.
Kusonkhanitsa Magalimoto Paintaneti
Magalimoto oyambira olowera ndi magalimoto omwe akonzedwa kale akhoza kukopedwa ku chizindikiro cha njira ya N malinga ndi chizindikiro cha njira imodzi kapena kukopedwa ku chizindikiro cha njira ya M pambuyo pa kusonkhana kwa chizindikiro cha njira ya N pa GE, 10GE, 40G ndi 100G line speed forwarding, zomwe zimathetsa bwino zosowa zoyika zida zoposa ziwiri zomvera kudzera pa netiweki nthawi imodzi.
Kugawa/Kutumiza Deta
Ndinagawa deta yolowera molondola ndikutaya kapena kutumiza mautumiki osiyanasiyana a data ku zotuluka zingapo za interface malinga ndi malamulo omwe ogwiritsa ntchito adakhazikitsa kale.
Kusefa Deta ya Paketi
Deta yoloweramagalimoto ambiriZitha kugawidwa m'magulu molondola, ndipo mautumiki osiyanasiyana a data akhoza kukhala malamulo ovomerezeka kapena a blacklist, ndipo zotuluka zingapo zolumikizirana zimatha kutayidwa kapena kutumizidwa. Zimathandizira kuphatikiza kosinthasintha kutengera mtundu wa Ethernet, vlan tag, IP five-tuple,TCPchizindikiritso, makhalidwe a paketi ndi zinthu zina kuti zikwaniritse zofunikira pakugwiritsa ntchito zida zosiyanasiyana zachitetezo cha netiweki, kusanthula kwa protocol, kusanthula zizindikiro, ndi kuwunika kwina kwa magalimoto.
Kulemera kwa katundu
Kulinganiza katundu wa njira yosankha ya Hash algorithm kungathe kuchitika molingana ndi mawonekedwe a mkati ndi kunja kwa L2-L4 kuti zitsimikizire kuti gawo la data lomwe lalandiridwa ndiSPANchipangizo chowunikira. Pamene momwe ulalo umasinthira, mamembala a gulu lotsitsa zinthu akhoza kutuluka (kulumikiza DOWN) kapena kulowa (kulumikiza UP) mosinthasintha, ndipo gulu lotsitsa zinthu lingathe kugawanso magalimoto okha kuti zitsimikizire kuti kuchuluka kwa magalimoto otuluka pa doko kukuyenda bwino.
VLAN Yolembedwa
VLAN Yopanda Ma tag
VLAN Yasinthidwa
Inathandizira kufananiza kwa gawo lililonse la kiyi mu ma byte 128 oyamba a paketi. Wogwiritsa ntchito amatha kusintha mtengo wa offset ndi kutalika kwa gawo la kiyi ndi zomwe zili, ndikusankha mfundo zotulutsira magalimoto malinga ndi kasinthidwe ka wogwiritsa ntchito.
Kusindikiza Nthawi
Yothandizidwa ku gwirizanitsani seva ya NTP kuti ikonze nthawi ndikulemba uthengawo mu paketiyo ngati chizindikiro cha nthawi choyerekeza ndi chizindikiro cha nthawi kumapeto kwa chimango, ndi kulondola kwa nanoseconds
Kutsegula kwa Ngalande
Inathandizira mutu wa VxLAN, VLAN, GRE, GTP, MPLS, IPIP womwe unachotsedwa mu phukusi loyambirira la data ndikutumiza zotsatira.
Kudula Deta/Paketi
Imathandizirachidutswa cha paketiKupeza deta yoyambirira kutengera mawonekedwe olowera a traffic ndi mawonekedwe otulutsira (64, 96, 128, 160, 192, 224, 256, 288, 320, 384, 512, 640, 768, 896, 960 bytes ndi zosankha), ndipo mfundo yotulutsira traffic ingagwiritsidwe ntchito malinga ndi kasinthidwe ka wogwiritsa ntchito.
Kuzindikira Njira Yoyendetsera Tunneling
Chothandizidwacho chimazindikira chokha njira zosiyanasiyana zoyendetsera ngalande monga GTP / GRE / VxLAN / PPTP / L2TP / PPPOE / IPIP. Malinga ndi kasinthidwe ka ogwiritsa ntchito, njira yotulutsira magalimoto ingagwiritsidwe ntchito malinga ndi gawo lamkati kapena lakunja la ngalandeyo.
Kutumiza Mapaketi Patsogolo
Imathandizira tanthauzo la kufunika kwa ma data packets malinga ndi kufunika kwa ntchito pa doko lolowera, ndipo ma data packets ofunikira kwambiri amatumizidwa makamaka pa output. Ma data packets ofunikira kwambiri akatumizidwa, ma data packets ena apakatikati ndi otsika mtengo amatumizidwa. Pewani alamu ya dongosolo losanthula chifukwa cha kusowa kwa data packets zofunika.
Alamu Yosazolowereka
Imathandizira alamu yowunikira nthawi yeniyeni ndi zolemba zakale za alamu za momwe magalimoto amayendera kutengera momwe zinthu zilili pa intaneti. Imathandizira alamu yowunikira nthawi yeniyeni ndi zolemba zakale za alamu kutengera momwe zinthu zilili pa hardware ya chipangizo (CPU, memory, temperature, fan, power supply, etc.).
Zosungira Zotentha Zowonekera
Imathandizira mawonekedwe olowera 1+1 primary/standby configuration, mawonekedwe otulutsira 1+1 primary/standby configuration, ndi load balancing group N+1 primary/standby configuration kuti ikwaniritse kudalirika kwakukulu pakuyenda kwa magalimoto kuchokera ku input kupita ku output.
Kuyeza kwa Kuphulika kwa Magalimoto
Imatha kuzindikira nthawi, nthawi, ndi kuchuluka kwa kuphulika kwa magalimoto munthawi yeniyeni, ndikupereka mbiri yosungira zoyezera zakale, zomwe zimapereka njira zoyezera komanso zowoneka bwino komanso maziko a ntchito ndi kukonza mavuto ndi kuzindikira kutayika kwa mapaketi.
Chitetezo cha Kusinthasintha kwa Mawonekedwe
Imathandizira kuzindikira ndi kuteteza zochitika zosinthasintha za ulalo wa mmwamba/pansi pa mawonekedwe aliwonse, kuti tipewe kutayika kwa kuchuluka kwa magalimoto olowera ndi otuluka chifukwa cha ulalo wa mmwamba/pansi pafupipafupi, ndikuwonjezera kukhazikika kwa kusonkhanitsa ndi kutumiza magalimoto.
Kutulutsa kwa Ngalande
Imathandizira kutsekeka kwa ngalande yamtundu wa ERSPAN2, GRE, VXLAN, NVGRE ya magalimoto onse osonkhanitsidwa ndi zotuluka kuti ikwaniritse zofunikira pakutumiza magalimoto osonkhanitsidwa ku dongosolo lowunikira lakutali.
Kutha kwa Phukusi la Ngalande
Imathandizira ntchito yothetsa mauthenga a tunnel. Ntchitoyi imalola kukonza ma IP address/mask ndi ma MAC address pa traffic input port. Imalola kutumiza mwachindunji kwa magalimoto omwe amafunika kusonkhanitsidwa mu user netiweki kudzera mu njira zolumikizira tunnel monga GRE, GTP, ndi VXLAN kupita ku doko losonkhanitsira la chipangizocho.
Kuchotsa Kubisa kwa SPAN SSL
Kutsegula deta yolumikizidwa ndi SSL satifiketi yolumikizidwa ndi chithandizo kumathandizidwa. Pambuyo pochotsa deta yolumikizidwa ndi HTTPS ya anthu omwe atchulidwa, idzatumizidwa ku makina owunikira ndi kusanthula kumbuyo ngati pakufunika. Kuthandizira TLS1.0, TLS1.2 ndi SSL3.0
Kuchotsa Data/Paketi
Kuchuluka kwa ziwerengero komwe kumathandizidwa pogwiritsa ntchito doko kapena mulingo wa mfundo kuti kufananize deta yochokera ku magwero angapo osonkhanitsira ndi kubwerezabwereza kwa phukusi la deta lomwelo panthawi inayake. Ogwiritsa ntchito amatha kusankha zizindikiro zosiyanasiyana za phukusi (dst.ip, src.port, dst.port, tcp.seq, tcp.ack, dst.mac, src.mac, vlan.id)
Kubisa Tsiku Lodziwika
Kuthandizira kusinthasintha kochokera ku mfundo kuti kulowe m'malo mwa gawo lililonse lofunikira mu deta yosaphika kuti tikwaniritse cholinga choteteza chidziwitso chachinsinsi. Malinga ndi kasinthidwe ka ogwiritsa ntchito, mfundo yokhudza kuchuluka kwa magalimoto ingagwiritsidwe ntchito.
Kuzindikira kwa Pulogalamu ya APP Layer Protocol
Imathandizira kuzindikira, kutulutsa, ndi kutaya Ma Application Layer Protocols kutengera DNS/URL matching mode. Laibulale ya DPI imatha kuphatikizidwa kuti izindikire, kutulutsa, ndi kutaya mitundu yosachepera 1800 ya ma application protocol (monga audio ndi video, game, instant messaging, database, email, P2P, etc.), ndipo laibulale ya DPI ikhoza kusinthidwa ndikusinthidwa. Ngati pali zosowa zapadera, chitukuko chachiwiri chingachitikenso.
Phukusi Lopangidwa ndi Ogwiritsa Ntchito
Imathandizira ntchito ya kudzidziwitsa yokha packet unencapsulation, yomwe imatha kuchotsa minda ya encapsulation ndi zomwe zili mkati mwake pamalo aliwonse a ma byte 128 oyamba a paketiyo ndikutulutsa.
Kupanga Magalimoto
Nthawi yomweyo, ukadaulo wosintha mawonekedwe a magalimoto umagwiritsidwa ntchito mu mawonekedwe otulutsira deta kuti itulutse deta bwino kupita ku chida chowunikira, chomwe chimathetsa vuto la kutayika kwa paketi lomwe limayambitsidwa ndi kuphulika pang'ono komanso kupewa alamu yolakwika yomwe imayambitsidwa ndi kutayika kwa magalimoto mu dongosolo lowunikira.
Kufananiza Mawu Ofunika Paketi
Pambuyo poti zomwe zili mu gawo la payload la paketi zagwirizana ndikugundidwa, paketi kapena njira yolumikizirana nayo imatumizidwa ndikutulutsidwa kapena kutayidwa kuti ikwaniritse zofunikira zokonzekera deta inayake ya anthu omwe akuyenda.
Kutsegula kwa Ngalande
Imathandizira kutulutsa kwa VXLAN, MPLS, GRE, SRV6, FABRICPATCH, GENEVE ndi mitu ina ya mapaketi mu phukusi loyambirira la data mutachotsa.
Kutsegula Chiyanjano Chokhalitsa
Malinga ndi zosowa za wogwiritsa ntchito, njira iliyonse yolumikizirana imatha kutumizidwa ndi kutulutsidwa malinga ndi kuchuluka kwa ma byte otumizidwa ndi kuchuluka kwa mapaketi otumizidwa, ndipo njira yotsatira yolumikizirana ikhoza kutayidwa, kuti ikwaniritse zofunikira za njira yowunikira ya kumbuyo m'malo enaake, zomwe zimangofunika kupeza gawo la kuchuluka kwa magalimoto oyenderana, kuchepetsa kuthamanga kwa kusanthula kwa magalimoto ndikuwonjezera magwiridwe antchito a njira yowunikira.
Kusanthula Ziwerengero za Magalimoto
Imathandizira ziwerengero za zigawo za kuchuluka kwa magalimoto omwe alowetsedwa, ndipo imatha kuwonetsa kukula kwa kuchuluka kwa magalimoto omwe akuyenda, kukula kwa magalimoto/gawo la adilesi ya IP, kukula kwa magalimoto/gawo la TOPN la gulu la protocol ya pulogalamu, kukula kwa magalimoto/gawo la TOPN la dzina la protocol ya pulogalamu ndi zambiri za nthawi ya magalimoto m'mawonekedwe a ma chart nthawi yeniyeni, ndipo imapereka kutumiza zotsatira za ziwerengero ku mafayilo am'deralo. Chifukwa chake, ogwiritsa ntchito amatha kumvetsetsa bwino kapangidwe ka magalimoto aliwonse osonkhanitsidwa, ndikupereka maziko ochirikiza deta mwachindunji kuti asinthe njira zamagalimoto ndikusintha zofunikira zamabizinesi.
Kuwoneka kwa Magalimoto - Kusanthula Deta Yoyambira
Gawo loyambira la kusanthula kwa ntchito yozindikira mawonekedwe a magalimoto lingawonetse zambiri zoyambira za deta yojambulidwa ya magalimoto, monga kuchuluka kwa mapaketi, kugawa kwa mapaketi a unicast/multicast/broadcast, nambala yolumikizira gawo, kugawa kwa mapaketi, ndi kukula kwa magalimoto ojambulidwa.
Kuwoneka kwa Magalimoto - Kusanthula Kwambiri kwa DPI
Gawo lofufuza mozama la DPI la ntchito yozindikira kuwoneka kwa magalimoto lingathe kusanthula mozama deta ya magalimoto omwe agwidwa kuchokera m'njira zosiyanasiyana, ndikupereka ziwerengero zatsatanetsatane monga ma graph ndi matebulo.
Kuwoneka kwa Magalimoto - Kusanthula Kuchuluka kwa Magalimoto
● Kusanthula kuchuluka kwa protocol ya mayendedwe: monga TCP, UDP, ICMP, IGMP, ARP ndi ziwerengero zina za kuchuluka kwa mapaketi ndi magalimoto ndi chiwonetsero cha tchati cha pie
● Kusanthula kuchuluka kwa magalimoto a IP: monga ziwerengero za magalimoto zomwe zimapangidwa ndi ma IP address osiyanasiyana, IP-based traffic ranking TOP N ndi bar chart show
● Kusanthula kwa kuchuluka kwa ntchito ya DPI: monga HTTP, QQ, FTP ndi ma protocol ena a pulogalamu, kuchuluka kwa mabayiti, kugawa ziwerengero za magalimoto olumikizirana ndi kuwonetsa tchati cha pie
Kuwoneka kwa Magalimoto - Kusanthula Nthawi ya Magalimoto
Malinga ndi zinthu zosiyanasiyana zosefera, monga IP, doko, protocol ya mayendedwe, protocol ya mafomu ogwiritsira ntchito ndi zina zomwe zafotokozedwa, deta ya traffic yomwe ikujambulidwa pano ikhoza kusanthulidwa ndikuperekedwa kutengera nthawi yosankhidwa, ndipo kukula kwa traffic ndi momwe zinthu zilili zitha kufufuzidwa posuntha nthawi yotsatsira ndi kuchuluka kwa ziwerengero, ndipo kulondola kumatha kufika pa millisecond imodzi.
Kuwoneka kwa Magalimoto - Kusanthula kwa Tebulo la Mayendedwe
Malinga ndi mikhalidwe yosiyanasiyana ya fyuluta, monga flow ID, IP, doko, protocol ya mayendedwe, protocol ya mafomu ogwiritsira ntchito ndi zina zomwe zafotokozedwa, deta ya traffic yomwe yagwidwa pano ikhoza kufufuzidwa ndikuwerengedwa kutengera mawonekedwe a flow ya session, ndiko kuti, kufotokozera mwatsatanetsatane kwa chidziwitso cha flow ya session, kuphatikiza chidziwitso cha 5-tuple cha flow iliyonse, mtundu wa pulogalamu yonyamula, chiwerengero ndi ma byte a packet transmission, ndi flow ya data yogwirizana nayo. Ndipo ili ndi chiwonetsero cha ranking kutengera chidziwitso chomwe chili pamwambapa. Kutengera chidziwitsochi, ogwiritsa ntchito amatha kusankha mosavuta mitundu ya traffic yomwe amasamala nayo, zomwe zimapangitsa kuti ogwiritsa ntchito apange mfundo zoyendetsera traffic.
Kuwoneka kwa Magalimoto - Kusanthula Mapaketi
Kutengera ndi njira zosiyanasiyana zosefera, monga packet ID, IP, port, transport layer protocol, application layer protocol ndi zina zomwe zafotokozedwa, deta yojambulidwa ya traffic ikhoza kuperekedwa ndi chiwonetsero cha kusanthula pa packet level, kuphatikizapo:
● Kusanthula nthawi yosonkhanitsa mapaketi
● Kusanthula zambiri za phukusi lofunika, monga sip, dip, smac, dmac, protocol, flag, TTL, kutalika kwa uthenga, zochitika zazikulu
● Kusanthula njira yotumizira ma paketi ndi kuwonetsa makanema ojambula, monga: nthawi yotumizira, kuchedwa kutumiza, mtundu wotumizira (njira, kusintha, firewall, kulinganiza katundu, NAT)
● Chidule cha zambiri za phukusi ndi chiwonetsero chatsatanetsatane cha kapangidwe kake
● Kusanthula chiwerengero cha ma paketi obwerezedwa
Kuwoneka kwa Magalimoto - Kusanthula Kolondola kwa Zolakwika
Gawo lowunikira zolakwika la ntchito yozindikira mawonekedwe a magalimoto lingapereke malo osiyanasiyana owunikira zolakwika zowonera pa data ya magalimoto omwe agwidwa, kuphatikizapo:
● Chidule chosazolowereka, monga: zotsatira za kusanthula kwa ntchito ya netiweki, zotsatira za kusanthula zochitika zosazolowereka, njira ya netiweki yochokera pa kusanthula kwa khalidwe (monga kuchuluka kwa zipangizo zoyendetsera, zipangizo za NAT, zipangizo zoteteza moto, zipangizo zoyezera katundu zomwe zimadutsa kudzera mu phukusi lotumizira)
● Kusanthula kulephera pamlingo wa tebulo la kayendedwe ka zinthu, monga mitundu ya zochitika zachilendo (kulumikizana kokanidwa/kulumikizana kosayankhidwa/kulumikizana kopanda kutumiza deta/kulumikizana kotseguka pang'ono/njira yosafikirika, ndi zina zotero), ● Kusanthula kulephera kwa phukusi, monga: mtundu wa chochitika chosayembekezereka (packet checksum error /TTL 0/ cholakwika chosafikirika /FCS checksum error, ndi zina zotero), kufotokozera mwatsatanetsatane kwa chidziwitso chosayembekezereka, ndi tsatanetsatane wa kuyenda kwa deta komwe kukugwirizana nako
● Kusanthula zolakwika zachitetezo, monga: mtundu wa chochitika chosazolowereka (DDOS attack/firewall blocking /ARP attack/UDP flood/SYN FLOOD, ndi zina zotero), kufotokozera mwatsatanetsatane za chidziwitso chosazolowereka, ndi tsatanetsatane wa kayendedwe ka deta kogwirizana nayo
● Kusanthula zolakwika pa netiweki, monga: mtundu wa chochitika chosazolowereka (kusinthana kwa lupu/njira yosatheka kufikako/kusokoneza kwa ulalo, ndi zina zotero), kufotokozera mwatsatanetsatane za chidziwitso chosazolowereka, ndi tsatanetsatane wa kayendedwe ka deta kogwirizana nayo
5-Mylinking™ Network Packet Broker komanso Inline Bypass Switch Specifications
| ML-KULAMBA-M2000 Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch Mafotokozedwe Ogwira Ntchito | ||||
| Mawonekedwe a netiweki | Malo osungira gawo | Malo okwana 4 a BYPASS kapena MONITOR | ||
| Chiwerengero cha maulalo olowera mkati | Imathandizira chitetezo cha maulalo owonera okwana 16 a 1G/10G kapena maulalo owonera okwana 8 a 40G/100G. | |||
| mawonekedwe owunikira oyang'anira | Imathandizira ma interface owunikira a 64 * 1G / 10GE kapena ma interface owunikira a 16 * 40G / 100G. | |||
| Mawonekedwe oyang'anira gulu lakunja | Doko la Ethernet la 1*10/100/1000M; | |||
| Njira yogwiritsira ntchito | Kutumiza mkati mwa intaneti | Thandizo | ||
| Kutumiza kwa SPAN | Thandizo | |||
| Ntchito za Dongosolo | Njira yotumizira mkati | Chitetezo chapadera cha kuphatikizika kwa madzi | Thandizo | |
| Chitetezo cha mndandanda wonse wa kuyenda | Thandizo | |||
| Kulinganiza katundu | Thandizo | |||
| Kuzindikira kugunda kwa mtima | Thandizo | |||
| Kusintha kwa BYPASS | Thandizo | |||
| Kuletsa magalimoto | Thandizo | |||
| Kuwonetsa magalimoto | Thandizo | |||
| Woyimira wa SSL | Thandizo | |||
| Njira yotumizira SPAN | Kukonza magalimoto koyambira | Kuchulukitsa/kusonkhanitsa/kugawa magalimoto | Thandizo | |
| Kulinganiza katundu | Thandizo | |||
| Kusefa magalimoto kutengera IP/protocol/port 5-tuple identifier | Thandizo | |||
| Kuyika ma tag a VLAN/kusintha/kuchotsa | Thandizo | |||
| Kuyika chizindikiro cha nthawi | Thandizo | |||
| Kuchotsa ngalande | Thandizo | |||
| Kudula Deta | Thandizo | |||
| Kuzindikiritsa Njira Yoyendetsera Tunneling | Thandizo | |||
| Kutumiza kwa paketi patsogolo | Thandizo | |||
| Chenjezo losazolowereka | Thandizo | |||
| Chiyankhulo choyimirira chotentha | Thandizo | |||
| Kuyeza kwa micro-burst | Thandizo | |||
| Chitetezo cha kugwedezeka kwa mawonekedwe | Thandizo | |||
| Kutulutsa kwa Ngalande | Thandizo | |||
| Kutha kwa paketi ya ngalande | Thandizo | |||
| Kukonza magalimoto mwapamwamba | Kuletsa Kubisa kwa SSL | Thandizo | ||
| Kuchotsa deta | Thandizo | |||
| Kubisa deta | Thandizo | |||
| Kuzindikiritsa protocol ya gawo la ntchito | Thandizo | |||
| Kudula kapisozi mwamakonda | Thandizo | |||
| Kupanga kayendedwe ka madzi | Thandizo | |||
| Kufananiza mawu ofunikira | Thandizo | |||
| Kuchotsa ngalande | Thandizo | |||
| Kutsitsa kulumikizana kwa nthawi yayitali | Thandizo | |||
| Kuwona kwa gawo la kayendedwe ka madzi | Thandizo | |||
| Kuzindikira ndi kuyang'anira | Kuwunika nthawi yeniyeni | Thandizo | ||
| Kufunsa za mbiri yakale ya magalimoto | Thandizo | |||
| Kujambula magalimoto | Thandizo | |||
| Kuzindikira mawonekedwe a magalimoto | Kusanthula Koyambira | Imathandizira kuwonetsa ziwerengero mwachidule kutengera zambiri zoyambira monga kuwerengera kwa mapaketi, kugawa kwa mtundu wa mapaketi, kuwerengera kwa kulumikizana kwa gawo, ndi kugawa kwa protocol ya mapaketi. | ||
| Kusanthula Mozama kwa DPI | Imathandizira kusanthula kuchuluka kwa ma protocol a mayendedwe, kuchuluka kwa unicast, kuwulutsa ndi multicast, kuchuluka kwa magalimoto a IP, ndi kuchuluka kwa mapulogalamu a DPI. Imathandizira kusanthula ndi kuwonetsa zomwe zili mu data kutengera nthawi yosankhidwa ndi kuchuluka kwa deta. Imathandizira kusanthula deta ndi ziwerengero kutengera mitsinje ya session. | |||
| Kusanthula Kolondola kwa Zolakwika | Imathandizira kusanthula zolakwika ndi malo pogwiritsa ntchito deta ya anthu omwe akuyenda m'njira zosiyanasiyana, kuphatikizapo: kusanthula khalidwe la kutumiza kwa pakiti, kusanthula zolakwika pamlingo wa data, kusanthula zolakwika pamlingo wa data, kusanthula zolakwika zokhudzana ndi chitetezo, ndi kusanthula zolakwika zokhudzana ndi netiweki. | |||
| Kutha kukonza | 2.4Tbsp | |||
| Sinthani | Kuyang'anira Netiweki ya CONSOLE | Thandizo | ||
| Kuyang'anira Maukonde a IP/WEB | Thandizo | |||
| Kuyang'anira netiweki ya SNMP | Thandizo | |||
| Kuyang'anira maukonde a TELNET/SSH | Thandizo | |||
| Ndondomeko ya SYSLOG | Thandizo | |||
| Kutsimikizira chilolezo cha RADIUS kapena TADACS+ pakati | Thandizo | |||
| Ntchito yotsimikizira ogwiritsa ntchito | Kutsimikizira dzina lolowera ndi mawu achinsinsi | |||
| Zamagetsi | Voltage yowunikira mphamvu zamagetsi | AC-220V/DC-48V [Mwasankha] | ||
| Mphamvu yovotera pafupipafupi | AC-50HZ | |||
| Yovotera panopa yolowera | AC-3A / DC-10A | |||
| Mphamvu yogwira ntchito yoyesedwa | 300W yokwanira | |||
| Zachilengedwe | Kutentha kogwira ntchito | 0-50℃ | ||
| Kutentha kosungirako | -20-70℃ | |||
| Chinyezi chogwira ntchito | 10% -95%, yosapanga dzimbiri | |||
| Kusintha kwa Ogwiritsa Ntchito | Kakonzedwe ka console | Mawonekedwe a RS232, 115200, 8, N, 1 | ||
| Kutsimikizira mawu achinsinsi | Sthandizo | |||
| Kukula kwa Rack | Malo osungira zinthu (U) | 2U 444mm*88mm*670mm | ||
6-Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch Application
6.1TheRisk ofInline SchitetezoEzida (IPS / FW)
Zotsatirazi ndi njira yodziwika bwino ya IPS (Intrusion Prevention System), njira yotumizira FW (Firewall), IPS / FW imayikidwa motsatizana ku zida za netiweki (ma router, ma switch, ndi zina zotero) pakati pa magalimoto kudzera mu kukhazikitsa macheke achitetezo, malinga ndi mfundo zofananira zachitetezo kuti adziwe kutulutsa kapena kuletsa magalimoto ofananira, kuti akwaniritse zotsatira za chitetezo.
Zotsatirazi ndi njira yodziwika bwino ya IPS (Intrusion Prevention System), njira yotumizira FW (Firewall), IPS / FW imayikidwa motsatizana ku zida za netiweki (ma router, ma switch, ndi zina zotero) pakati pa magalimoto kudzera mu kukhazikitsa macheke achitetezo, malinga ndi mfundo zofananira zachitetezo kuti adziwe kutulutsa kapena kuletsa magalimoto ofananira, kuti akwaniritse zotsatira za chitetezo.
6.2 Chitetezo cha Zida Zolumikizirana Paintaneti
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch zimayikidwa motsatizana pakati pa zipangizo za netiweki (ma router, ma switch, ndi zina zotero), ndipo kuyenda kwa deta pakati pa zipangizo za netiweki sikumatsogolera mwachindunji ku IPS / FW, "Smart Inline Bypass Switch" kupita ku IPS / FW, pamene IPS / FW chifukwa cha kuchuluka kwa zinthu, kuwonongeka, zosintha za mapulogalamu, zosintha za mfundo ndi zina zomwe zalephera, "Smart Inline Bypass Switch" kudzera mu kuzindikira kwa uthenga wa kugunda kwa mtima mwanzeru. Ntchito yopezera uthenga wa nthawi yake, motero kudumpha chipangizo cholakwika, popanda kusokoneza maziko a netiweki, zida za netiweki mwachangu zolumikizidwa mwachindunji kuti ziteteze netiweki yolumikizirana yachizolowezi; pamene IPS / FW ikulephera kuchira, komanso kudzera mu mapaketi anzeru a kugunda kwa mtima. Kuzindikira kuzindikira kwa nthawi yake kwa ntchitoyo, ulalo woyambirira wobwezeretsa chitetezo cha macheke achitetezo cha netiweki yamakampani.
Mylinking™ Network Packet Broker komanso Inline Bypass Switch ili ndi ntchito yanzeru yozindikira mauthenga a kugunda kwa mtima, wogwiritsa ntchito amatha kusintha nthawi ya kugunda kwa mtima ndi kuchuluka kwa mayeso obwerezabwereza, kudzera mu uthenga wokhazikika wa kugunda kwa mtima pa IPS / FW kuti ayesere thanzi, monga kutumiza uthenga wofufuza kugunda kwa mtima ku doko la pamwamba / pansi la IPS / FW, kenako kulandira kuchokera ku doko la pamwamba / pansi la IPS / FW, ndikuweruza ngati IPS / FW ikugwira ntchito bwino potumiza ndikulandira uthenga wa kugunda kwa mtima.
6Ndondomeko ya .3 “SpecFlow” Yoyenda PaintanetiChitetezoChitetezo cha Mndandanda
Pamene chipangizo cha netiweki yachitetezo chimangofunika kuthana ndi chitetezo cha magalimoto enaake, kudzera mu Mylinking™ Network Packet Broker komanso ntchito ya Inline Bypass Switch traffic per-processing, kudzera mu ndondomeko yowunikira magalimoto kuti mulumikize chipangizo chachitetezo cha inline "Magalimoto okhudzidwa" amatumizidwa mwachindunji ku ulalo wa netiweki, ndipo "gawo la magalimoto lomwe likukhudzidwa" limakokera ku chipangizo chachitetezo cha in-line kuti chichite macheke achitetezo. Izi sizingosunga kugwiritsa ntchito bwino ntchito yozindikira chitetezo cha chipangizo chachitetezo, komanso zimachepetsa kuyenda kosagwira ntchito kwa zida zachitetezo kuti zithane ndi kuthamanga; nthawi yomweyo, "Smart Inline Bypass Switch" imatha kuzindikira momwe chipangizo chachitetezo chikugwira ntchito nthawi yeniyeni. Chipangizo chachitetezo chimagwira ntchito molakwika modutsa kuchuluka kwa deta mwachindunji kuti chipewe kusokoneza ntchito ya netiweki.
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch imatha kuzindikira kuchuluka kwa magalimoto kutengera chizindikiro cha mutu wa L2-L4, monga chizindikiro cha VLAN, adilesi ya MAC yochokera/yopita, adilesi ya IP yochokera, mtundu wa paketi ya IP, doko la protocol ya transport layer, chizindikiro cha key header ya protocol, ndi zina zotero. Mitundu yosiyanasiyana yofananira kuphatikiza kosinthasintha kumatha kufotokozedwa mosavuta kuti kufotokoze mitundu yeniyeni ya magalimoto yomwe ili yofunikira pa chipangizo china chachitetezo ndipo ingagwiritsidwe ntchito kwambiri poyika zida zapadera zowunikira chitetezo (RDP, SSH, database auditing, ndi zina zotero).
6.4Load balancedChitetezo cha PaintanetiChitetezo cha Mndandanda
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch imayikidwa motsatizana pakati pa zipangizo za netiweki (ma router, ma switch, ndi zina zotero). Ngati ntchito imodzi yokonza IPS / FW sikokwanira kuthana ndi kuchuluka kwa magalimoto olumikizirana ndi netiweki, ntchito yowongolera kuchuluka kwa magalimoto yoteteza, "kusonkhanitsa" kwa magalimoto ambiri olumikizirana ndi ma network a IPS / FW, imatha kuchepetsa kuthamanga kwa processing imodzi ya IPS / FW, ndikukweza magwiridwe antchito onse ogwiritsira ntchito kuti akwaniritse kuchuluka kwa bandwidth komwe kumafunikira.
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch ili ndi ntchito yamphamvu yolinganiza katundu, malinga ndi chilembo cha VLAN cha chimango, zambiri za MAC, zambiri za IP, nambala ya doko, protocol ndi zina zambiri pa kugawa kwa Hash load balance kwa magalimoto kuti zitsimikizire kuti IPS / FW iliyonse yalandira umphumphu wa Session ya flow data.
6.5Mndandanda wambiriZipangizo Zamkati FotsikaTkusokonezaPchitetezo(SinthaniZakuthupiKulumikizana kwa Seri kwaZomvekaKulumikizana kofanana)
Mu maulalo ena ofunikira (monga malo olumikizira intaneti, ulalo wosinthira dera la seva), malo nthawi zambiri amakhala chifukwa cha zosowa za zida zachitetezo komanso kuyika zida zambiri zoyesera chitetezo (monga firewall, zida zotsutsana ndi DDOS, firewall ya WEB application, Zida zopewera kulowerera, ndi zina zotero), zida zambiri zodziwira chitetezo nthawi imodzi motsatizana pamzere womwe uli pa ulalo kuti ziwonjezere ulalo wa mfundo imodzi yolephera, kuchepetsa kudalirika konse kwa netiweki. Ndipo mu kuyika zida zachitetezo zomwe zatchulidwa pamwambapa pa intaneti, kukweza zida, kusintha zida ndi ntchito zina, zidzapangitsa netiweki kusokonekera kwa ntchito kwa nthawi yayitali komanso kuchepetsedwa kwakukulu kwa ntchito kuti mapulojekiti otere akwaniritsidwe bwino.
Mwa kugwiritsa ntchito Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch mwanjira yogwirizana, njira yotumizira zida zambiri zachitetezo zolumikizidwa motsatizana pa ulalo womwewo ingasinthidwe kuchoka pa "Physical Serial Connection Mode" kupita ku "Physical Parallel Connection koma Logical Serial Connection Mode". Izi zimachepetsa bwino magwero a kulephera kwa single point pa ulalo wa serial ndikuwonjezera kudalirika kwa ulalo. Nthawi yomweyo, Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch zimatha kutsogolera kuchuluka kwa magalimoto omwe akufunika, ndikukwaniritsa zotsatira zomwezo zachitetezo cha magalimoto monga momwe zinalili poyamba.
Zipangizo zoposa chimodzi za Inline Security nthawi imodzi mu chithunzi chogwiritsira ntchito mndandanda:
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch Deployment Diagram:
(Sinthani Pysical Serial Connection kukhala Logical Parallel Connection)
6.6Kutengera ndiDNdondomeko ya synamic yaTraffic InlineSchitetezoDkutsekaPchitetezo
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch, njira ina yapamwamba yogwiritsira ntchito imachokera pa mfundo yosinthasintha ya mapulogalamu oteteza chitetezo cha magalimoto, kukhazikitsidwa kwa njira monga momwe tawonetsera pansipa:
Tengani zida zoyesera chitetezo za "Anti-DDoS attack protection and detection", mwachitsanzo, kudzera mu "Smart Bypass Switch" yomwe imayikidwa kutsogolo kwa "Smart Bypass Switch" kenako zida zoteteza za anti-DDOS kenako zolumikizidwa ku "Smart Bypass Switch", mu "Smart Bypass Switch" yachizolowezi mpaka kuchuluka konse kwa liwiro la waya wa magalimoto panthawi yomweyo yotulutsa galasi la flow mirror kupita ku "Anti-DDOS attack protection device", ikapezeka pa seva IP (kapena gawo la netiweki ya IP) pambuyo pa kuukira, "Anti-DDOS attack protection device" ipanga malamulo ofanana ndi traffic flow ndikutumiza ku "Smart Bypass Switch" kudzera mu mawonekedwe osinthira mfundo zamphamvu. "Bypass Switch" ikhoza kusintha "traffic traction dynamic" mutalandira malamulo a dynamic policy pool Rule pool "ndipo nthawi yomweyo" lamulo limagunda zida zoteteza ndi kuzindikira za seva ya attack server, kuti ikhale yogwira ntchito pambuyo pa kuukira ndikubwezeretsanso mu netiweki.
Ndondomeko yogwiritsira ntchito pogwiritsa ntchito "Smart Bypass Switch" ndi yosavuta kugwiritsa ntchito kuposa njira yachikhalidwe ya BGP yolowera njira kapena njira ina yolumikizira magalimoto, ndipo chilengedwe sichidalira kwambiri netiweki ndipo kudalirika kwake kumakhala kwakukulu.
"Smart Bypass Switch" ili ndi makhalidwe awa othandizira chitetezo champhamvu chozindikira chitetezo:
1. "Smart Bypass Switch" kuti ipereke malamulo ena osagwirizana ndi malamulo ogwiritsidwa ntchito pa intaneti pogwiritsa ntchito mawonekedwe a WEBSERIVCE, komanso kuphatikiza mosavuta ndi zida zachitetezo za chipani chachitatu.
2. "Smart Bypass Switch" kutengera chipangizo chopangidwa ndi ASIC chip chotumizira ma 100Gbps pakiti ya liwiro la waya popanda kuletsa kutumiza ma switch, ndi "laibulale ya malamulo oyendetsera magalimoto" mosasamala kanthu za nambala.
3. Ntchito yaukadaulo ya BYPASS yomangidwa mkati mwa "Smart Bypass Switch", ngakhale chitetezocho chikalephera, chingathenso kudutsa ulalo woyambirira nthawi yomweyo, sichikhudza ulalo woyambirira wa kulumikizana kwabwinobwino.
6.7Kujambula Magalimoto Ozungulira PaintanetiChitetezo Chopanda Band (Inline + SPAN)
Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch nthawi zambiri imayikidwa mu netiweki ya IT ya kasitomala kapena netiweki ya mtambo kuti ipereke chitetezo chamkati mwa intaneti pazida za WAF/IPS ndi ulalo woyambirira. Ogwiritsa ntchito angakhalenso ndi zofunikira zina zoyesera, kutsimikizira, kapena kuyika zida zowunikira za bypass, zomwe zimapangitsa kuti pakhale kufunika kopeza deta ya anthu omwe akuyenda pa ulalowu.
Chifukwa chake, pogwiritsa ntchito ntchito yowunikira magalimoto ya Mylinking™ Network Packet Broker pamodzi ndi Inline Bypass Switch, kuchuluka kwa magalimoto omwe ali mu inline serial link kumatha kuwonedwa kuchokera pa monitor port, monga momwe chithunzichi chikusonyezera:
Chithunzi chomwe chili pansipa chikuwonetsa momwe ntchito yowonjezereka yogwiritsira ntchito magalimoto a inline link ndi magalimoto a switch mirrored port. Izi zimathandiza kuti magalimoto a inline link atetezedwe popanda kukhudzidwa ndi magalimoto a switch mirrored port. Dongosolo losanthula la IDS limatha kupeza magalimoto a inline link ndi magalimoto a switch mirrored port nthawi imodzi. Njira yotumizira ikuwonetsedwa pachithunzichi pansipa:
6.8Kuchotsa Data/PaketiKugwiritsa ntchito
Monga momwe tawonetsera mu kapangidwe ka ntchito pamwambapa, kuti zitsimikizire kuti deta yoyambirira yasonkhanitsidwa bwino pa ulalo wonse, mapaketi ena ofanana a deta akhoza kusonkhanitsidwa kangapo mkati mwa njira imodzi. Izi zimapangitsa kuti ma alarm abodza ndi kubwezeretsanso deta mu dongosolo la backend zikule, zomwe zimapangitsa kuti magwiridwe antchito a dongosolo la kusanthula azitha kusinthasintha komanso kukhudza kulondola ndi kugwira ntchito bwino kwa kusanthula. Kutengera yankho, choyamba, mapaketi obwerezabwereza a deta omwe amagawidwa m'magawo osiyanasiyana ojambulira. Paketi imodzi yokha ya data imatumizidwa ku dongosolo la backend NPM network analysis analysis system ndi dongosolo la APM application performance analysis system, motero kupulumutsa magwiridwe antchito a dongosolo la kusanthula ndikuwonjezera magwiridwe antchito ndi kulondola kwa kusanthula.
6.9Deta/PaketiVLAN TaggingKugwiritsa ntchito
Mu malo ochezera a pa intaneti omwe awonetsedwa pachithunzi pamwambapa, yankho limagwiritsidwa ntchito kulemba chizindikiro cha deta yoyambirira kuchokera ku zipangizo zosiyanasiyana za pa intaneti ndi ma link nodes. Pamene magalimoto osayenda bwino kapena mapaketi a deta achitika mu netiweki, zida zowunikira za backend zimatha kupeza mwachangu komanso molondola komwe kwachokera deta yosayenda bwino pofufuza mmbuyo kutengera ma label a deta.
6.10 Magalimoto pa intanetiNdandanda YogwirizanaKugwiritsa ntchito
Mu malo ochezera a pa intaneti omwe awonetsedwa pachithunzi pamwambapa, deta yambiri ya 10GE, 25GE, 40GE ndi 100GE source link imayikidwa mokwanira mu Mylinking™ Network Packet Broker komanso Inline Bypass Switch pogwiritsa ntchito optical splitting kapena port mirror. Kenako, kusefa ndi kugawa magalimoto zimagwiritsidwa ntchito kutulutsa deta yosiyana yautumiki ku zida zosiyanasiyana zowunikira maukonde akunja kwa band ndi chitetezo. Pamene zolakwika za maukonde a pa intaneti kapena kusinthasintha kwa magalimoto kosazolowereka kumafuna kulowererapo pamanja, kujambula ndi kusanthula mapaketi enieni a data kumatha kuchitika nthawi yomweyo kuti athandize ogwiritsa ntchito kusanthula mwachangu ndikupeza cholakwikacho.
6.11NetiwekiKusanthula Kuwoneka kwa Deta ya MagalimotoKugwiritsa ntchito
Ikhoza kuwonetsa deta iliyonse yomwe yapezeka ndikugwidwa m'njira zosiyanasiyana komanso zowonera zambiri kudzera mu mawonekedwe osavuta kugwiritsa ntchito pazithunzi ndi zolemba, kuphatikiza kapangidwe ka mawonekedwe a anthu omwe akuyenda, kugawa kwa protocol ya pulogalamu, kugawa kwa anthu omwe akuyenda m'malo onse a netiweki, njira yotumizira deta, kuzindikira zochitika zachilendo, malo enieni a zolakwika za netiweki/ulalo, momwe mauthenga amagwirizanirana, momwe anthu akupitira patsogolo ndi zina zokhudzana ndi kuyang'anira ndi kusanthula, kuti pakhale njira yosonkhanitsira deta yonse, yowoneka bwino komanso yowongoka komanso yotetezeka ya ma netiweki amakampani.
