Network Packet Brokerzipangizo zimagwiritsa ntchito Magalimoto a pa Intaneti kuti zipangizo zina zowunikira, monga zomwe zimaperekedwa ku Kuwunika kwa machitidwe a Network ndi kuyang'anira zokhudzana ndi chitetezo, zitha kugwira ntchito bwino. Zina zimaphatikizanso kusefa paketi kuti muzindikire kuchuluka kwa chiwopsezo, kuchuluka kwa paketi, ndi kuyika kwa sitampu yochokera pa Hardware.
Network Security Architectamatanthauza mndandanda wa maudindo okhudzana ndi kamangidwe ka chitetezo cha mtambo, kamangidwe ka chitetezo cha Network, ndi kamangidwe ka chitetezo cha deta. Kutengera ndi kukula kwa bungwe, patha kukhala membala m'modzi yemwe ali ndi udindo pa domain iliyonse. Kapenanso, bungwe likhoza kusankha woyang'anira. Mulimonse momwe zingakhalire, mabungwe amayenera kufotokozera omwe ali ndi udindo ndikuwapatsa mphamvu kuti apange zisankho zofunika kwambiri.
Network Risk Assessment ndi mndandanda wathunthu wa njira zomwe ziwopsezo zamkati kapena zakunja kapena zosokoneza zingagwiritsidwe ntchito kulumikiza zinthu. Kuwunika kokwanira kumathandizira bungwe kutanthauzira zoopsa ndikuzichepetsa kudzera muzowongolera chitetezo. Zowopsa izi zingaphatikizepo:
- Kusamvetsetsa bwino za machitidwe kapena njira
- Njira zomwe zimakhala zovuta kuyeza kuchuluka kwa chiwopsezo
- Machitidwe a "hybrid" omwe akukumana ndi zoopsa zamabizinesi ndiukadaulo
Kupanga zoyerekeza zogwira mtima kumafuna mgwirizano pakati pa IT ndi omwe akuchita nawo bizinesi kuti amvetsetse kuchuluka kwa chiwopsezo. Kugwira ntchito limodzi ndikupanga njira kuti mumvetsetse chithunzithunzi chowopsa ndi chofunikira monga momwe zimakhalira pachiwopsezo chomaliza.
Zero Trust Architecture (ZTA)ndi paradigm yachitetezo chapaintaneti yomwe imaganiza kuti alendo ena pamaneti ndi owopsa komanso kuti pali malo ambiri oti atetezedwe mokwanira. Choncho, tetezani bwino katundu pa intaneti osati pa intaneti yokha. Monga momwe zimagwirizanirana ndi wogwiritsa ntchito, wothandizira amasankha ngati angavomereze pempho lililonse lofikira potengera mbiri yachiwopsezo yomwe imawerengedwa potengera kuphatikiza kwa zinthu monga kugwiritsa ntchito, malo, wogwiritsa ntchito, chipangizo, nthawi, kukhudzidwa kwa data, ndi zina zotero. Monga dzina limatanthawuzira, ZTA ndi zomangamanga, osati zopangidwa. Simungazigule, koma mutha kuzipanga potengera zina mwaukadaulo zomwe zili nazo.
Network Firewallndi chitetezo chokhwima komanso chodziwika bwino chomwe chili ndi zinthu zingapo zomwe zimapangidwira kuti zipewe mwayi wopezeka mwachindunji ku mapulogalamu agulu omwe amachitika ndi ma seva a data. Ma firewall a netiweki amapereka kusinthasintha kwa maukonde amkati ndi mtambo. Kwa mtambo, pali zopereka zapakati pamtambo, komanso njira zomwe zimaperekedwa ndi opereka IaaS kuti akwaniritse zina zomwezo.
Secureweb Gatewayzasintha kuchokera ku kukhathamiritsa kwa bandwidth pa intaneti mpaka kuteteza ogwiritsa ntchito ku zoyipa zapaintaneti. Kusefa kwa ulalo, anti-virus, kutsitsa ndikuwunika mawebusayiti omwe amafikira pa HTTPS, kuletsa kuphwanya kwa data (DLP), ndi mitundu yochepera ya cloud access security agent (CASB) tsopano ndi zinthu zokhazikika.
Kufikira Kwakutaliimadalira mocheperapo pa VPN, koma mochulukirachulukira pa zero-trust network access (ZTNA), zomwe zimathandiza ogwiritsa ntchito kuti azitha kugwiritsa ntchito payekhapayekha pogwiritsa ntchito mbiri yakale popanda kuwoneka ndi katundu.
Intrusion Prevention Systems (IPS)kuletsa ziwopsezo zosasinthika kuti zisawukidwe ndikulumikiza zida za IPS ku maseva osasinthidwa kuti azindikire ndikuletsa kuwukira. Maluso a IPS tsopano akuphatikizidwa muzinthu zina zachitetezo, koma pali zinthu zodziyimira zokha. IPS ikuyamba kukweranso pomwe kuwongolera kwachilengedwe kwamtambo kumawabweretsa pang'onopang'ono.
Network Access Controlimapereka kuwonekera kwa zonse zomwe zili pa Network ndikuwongolera mwayi wofikira kuzinthu zamabizinesi akampani. Ndondomeko zitha kufotokozera mwayi wofikira potengera udindo wa wogwiritsa ntchito, kutsimikizira, kapena zinthu zina.
DNS Cleansing (Sanitized Domain Name System)ndi ntchito yoperekedwa ndi mavenda yomwe imagwira ntchito ngati domain name System ya bungwe kuti aletse ogwiritsa ntchito (kuphatikiza ogwira ntchito akutali) kuti asapeze masamba odziwika bwino.
DDoSmitigation (DDoS Mitigation)imachepetsa zowononga za kukana kugawidwa kwa mautumiki pa intaneti. Chogulitsacho chimatenga njira zingapo zosanjikiza zoteteza zida zapaintaneti mkati mwawowotchera moto, zomwe zimayikidwa kutsogolo kwa ma netiweki oteteza moto, ndi omwe ali kunja kwa bungwe, monga maukonde azinthu kuchokera kwa opereka chithandizo pa intaneti kapena kutumiza zomwe zili.
Network Security Policy Management (NSPM)kumaphatikizapo kusanthula ndi kufufuza kuti mukwaniritse bwino malamulo omwe amayang'anira Network Security, komanso kusintha kayendetsedwe ka kayendetsedwe ka ntchito, kuyesa malamulo, kuwunika kutsatiridwa, ndi kuwonetseratu. Chida cha NSPM chitha kugwiritsa ntchito mapu ochezera a pa intaneti kuti awonetse zida zonse ndi malamulo olumikizira ma firewall omwe amaphimba njira zingapo zama network.
Microsegmentationndi njira yomwe imalepheretsa kuukira kwa netiweki komwe kumachitika kale kuti zisasunthike mopingasa kupita kuzinthu zofunika kwambiri. Zida za Microisolation zotetezera maukonde zimagwera m'magulu atatu:
- Zida zochokera pamaneti zomwe zimayikidwa pamanetiweki, nthawi zambiri molumikizana ndi ma netiweki omwe amafotokozedwa ndi mapulogalamu, kuteteza katundu wolumikizidwa ndi netiweki.
- Zida zochokera ku Hypervisor ndi mitundu yakale yamagawo osiyanasiyana kuti zithandizire kuwoneka kwa opaque network traffic pakati pa ma hypervisors.
- Zida zotengera olandila omwe amakhazikitsa othandizira pa omwe akufuna kuwapatula pamanetiweki ena; Yankho la wothandizira alendo limagwira ntchito mofananamo pa ntchito zamtambo, zolemetsa za hypervisor, ndi ma seva akuthupi.
Secure Access Service Edge (SASE)ndi chimango chomwe chikubwera chomwe chimaphatikiza kuthekera kokwanira kwachitetezo cha netiweki, monga SWG, SD-WAN ndi ZTNA, komanso kuthekera kokwanira kwa WAN kuthandizira Zosowa Zotetezedwa za mabungwe. Lingaliro lochulukirapo kuposa chimango, SASE ikufuna kupereka mtundu wolumikizana wachitetezo womwe umapereka magwiridwe antchito pamanetiweki m'njira yowopsa, yosinthika, komanso yocheperako.
Kuzindikira kwa Network and Response (NDR)mosalekeza amasanthula kuchuluka kwa magalimoto olowera ndi otuluka ndi zipika zamagalimoto kuti alembe machitidwe abwino a Network, kuti zolakwika zitha kudziwika ndikudziwitsidwa kwa mabungwe. Zida izi zimaphatikiza kuphunzira pamakina (ML), ma heuristics, kusanthula, ndi kuzindikira motsata malamulo.
DNS Security Extensionsndizowonjezera ku protocol ya DNS ndipo zidapangidwa kuti zitsimikizire mayankho a DNS. Ubwino wachitetezo wa DNSSEC umafunikira kusaina kwa digito kwa data yotsimikizika ya DNS, njira yopititsira patsogolo.
Firewall monga Service (FWaaS)ndiukadaulo watsopano wogwirizana kwambiri ndi ma SWGS amtambo. Kusiyanitsa kuli muzomangamanga, kumene FWaaS imayendetsa kugwirizana kwa VPN pakati pa mapeto ndi zipangizo zomwe zili pamphepete mwa intaneti, komanso chitetezo chachitetezo mumtambo. Itha kulumikizanso ogwiritsa ntchito kumapeto kwa ntchito zakomweko kudzera munjira za VPN. FWaaS pakadali pano ndiyocheperako kuposa ma SWGS.
Nthawi yotumiza: Mar-23-2022