NetFlow ndi IPFIX ndi ukadaulo womwe umagwiritsidwa ntchito powunikira ndi kusanthula kayendedwe ka maukonde. Amapereka chidziwitso cha momwe magalimoto amayendera pa intaneti, kuthandiza kukonza magwiridwe antchito, kuthetsa mavuto, komanso kusanthula chitetezo.
NetFlow:
Kodi NetFlow ndi chiyani?
NetFlowndiye njira yoyambirira yowunikira kayendedwe ka madzi, yomwe idapangidwa ndi Cisco kumapeto kwa zaka za m'ma 1990. Pali mitundu yosiyanasiyana yosiyanasiyana, koma ma deployments ambiri amachokera ku NetFlow v5 kapena NetFlow v9. Ngakhale kuti mtundu uliwonse uli ndi mphamvu zosiyana, ntchito yoyambira imakhalabe yofanana:
Choyamba, rauta, switch, firewall, kapena chipangizo china chilichonse chidzatenga zambiri pa "mayendedwe" a netiweki - makamaka gulu la mapaketi omwe ali ndi makhalidwe ofanana monga adilesi yoyambira ndi yopita, gwero, ndi doko lopita, ndi mtundu wa protocol. Pambuyo poti njira yolowera yatha kapena nthawi yodziwika bwino yapita, chipangizocho chidzatumiza zolemba za njira yolowera ku chinthu chodziwika kuti "chosonkhanitsa njira yolowera".
Pomaliza, "flow analyzer" imamveka bwino ndi zolembazo, zomwe zimapereka chidziwitso mu mawonekedwe a zithunzi, ziwerengero, ndi malipoti atsatanetsatane a mbiri yakale komanso nthawi yeniyeni. Mwachizolowezi, osonkhanitsa ndi osanthula nthawi zambiri amakhala chinthu chimodzi, nthawi zambiri amaphatikizidwa kukhala njira yayikulu yowunikira magwiridwe antchito a netiweki.
NetFlow imagwira ntchito motsatira malamulo. Makina a kasitomala akafika pa seva, NetFlow iyamba kugwira ndikusonkhanitsa metadata kuchokera munjira. Gawoli likatha, NetFlow idzatumiza mbiri yonse kwa wosonkhanitsa.
Ngakhale kuti imagwiritsidwabe ntchito kwambiri, NetFlow v5 ili ndi zoletsa zingapo. Magawo otumizidwa amakhazikika, kuwunika kumathandizidwa kokha polowera, ndipo ukadaulo wamakono monga IPv6, MPLS, ndi VXLAN suthandizidwa. NetFlow v9, yomwe imatchedwanso Flexible NetFlow (FNF), imathetsa zoletsa zina mwa izi, kulola ogwiritsa ntchito kupanga ma tempuleti apadera ndikuwonjezera chithandizo cha ukadaulo watsopano.
Ogulitsa ambiri alinso ndi njira zawozawo zogwiritsira ntchito NetFlow, monga jFlow kuchokera ku Juniper ndi NetStream kuchokera ku Huawei. Ngakhale kuti kasinthidwe kake kangasiyane pang'ono, njira zimenezi nthawi zambiri zimapanga zolemba za kayendedwe ka zinthu zomwe zimagwirizana ndi osonkhanitsa ndi owunikira a NetFlow.
Zinthu Zazikulu za NetFlow:
~ Deta YoyenderaNetFlow imapanga zolemba zoyendera zomwe zimaphatikizapo tsatanetsatane monga ma adilesi a IP ochokera ndi komwe akupita, madoko, masitampu a nthawi, kuchuluka kwa ma paketi ndi ma byte, ndi mitundu ya ma protocol.
~ Kuwunika MagalimotoNetFlow imapereka mawonekedwe a momwe anthu amayendera pa intaneti, zomwe zimathandiza oyang'anira kuzindikira mapulogalamu apamwamba, malo omalizira, ndi magwero a anthu omwe amayendera.
~Kuzindikira Zolakwika: Mwa kusanthula deta yoyendera, NetFlow imatha kuzindikira zolakwika monga kugwiritsa ntchito kwambiri bandwidth, kuchulukana kwa ma network, kapena mawonekedwe osazolowereka a magalimoto.
~ Kusanthula ChitetezoNetFlow ingagwiritsidwe ntchito kuzindikira ndi kufufuza zochitika zachitetezo, monga kuukira kwa kukana ntchito (DDoS) kapena kuyesa kupeza zinthu mosaloledwa.
Mabaibulo a NetFlow: NetFlow yasintha pakapita nthawi, ndipo mitundu yosiyanasiyana yatulutsidwa. Mitundu ina yodziwika bwino ndi NetFlow v5, NetFlow v9, ndi Flexible NetFlow. Mtundu uliwonse umayambitsa zowonjezera ndi zina zowonjezera.
IPFIX:
Kodi IPFIX ndi chiyani?
Muyezo wa IETF womwe unayamba kumayambiriro kwa zaka za m'ma 2000, Internet Protocol Flow Information Export (IPFIX) ndi wofanana kwambiri ndi NetFlow. Ndipotu, NetFlow v9 inakhala maziko a IPFIX. Kusiyana kwakukulu pakati pa ziwirizi ndikuti IPFIX ndi muyezo wotseguka, ndipo umathandizidwa ndi ogulitsa ambiri apaintaneti kupatula Cisco. Kupatula magawo ena owonjezera mu IPFIX, mawonekedwe ake ndi ofanana kwambiri. Ndipotu, IPFIX nthawi zina imatchedwa "NetFlow v10".
Chifukwa cha kufanana kwake ndi NetFlow, IPFIX imathandizidwa kwambiri pakati pa mayankho owunikira maukonde komanso zida zapaintaneti.
IPFIX (Internet Protocol Flow Information Export) ndi njira yotseguka yopangidwa ndi Internet Engineering Task Force (IETF). Imachokera pa NetFlow Version 9 specification ndipo imapereka mawonekedwe ofanana otumizira zolemba za kayendedwe ka intaneti kuchokera ku zida za netiweki.
IPFIX imamanga pa malingaliro a NetFlow ndipo imakulitsa kuti ipereke kusinthasintha komanso kugwirira ntchito limodzi pakati pa ogulitsa ndi zida zosiyanasiyana. Imayambitsa lingaliro la ma tempuleti, zomwe zimathandiza kutanthauzira kosinthika kwa kapangidwe ka zolemba zoyenda ndi zomwe zili. Izi zimathandiza kuphatikiza minda yopangidwira, kuthandizira ma protocol atsopano, ndi kukulitsa.
Zinthu Zofunika Kwambiri za IPFIX:
~ Njira Yogwiritsa Ntchito Ma template: IPFIX imagwiritsa ntchito ma tempuleti kuti ifotokoze kapangidwe ndi zomwe zili mu zolemba zoyendera, zomwe zimapangitsa kuti zikhale zosavuta kugwiritsa ntchito magawo osiyanasiyana a deta ndi zambiri zokhudzana ndi protocol.
~ Kugwirizana: IPFIX ndi muyezo wotseguka, wotsimikizira kuti pali kuthekera koyang'anira kayendedwe ka zinthu mokhazikika pakati pa ogulitsa ndi zida zosiyanasiyana zamaukonde.
~ Thandizo la IPv6: IPFIX imathandizira IPv6, zomwe zimapangitsa kuti ikhale yoyenera kuyang'anira ndi kusanthula kuchuluka kwa magalimoto mu maukonde a IPv6.
~Chitetezo Cholimbikitsidwa: IPFIX imaphatikizapo zinthu zachitetezo monga Transport Layer Security (TLS) encryption ndi cheke cha umphumphu wa mauthenga kuti ateteze chinsinsi ndi umphumphu wa deta yoyenda panthawi yotumizira mauthenga.
IPFIX imathandizidwa kwambiri ndi ogulitsa zida zosiyanasiyana zolumikizirana, zomwe zimapangitsa kuti ikhale chisankho chosalowerera ndale kwa ogulitsa komanso chogwiritsidwa ntchito kwambiri poyang'anira kayendedwe ka netiweki.
Ndiye, kodi kusiyana pakati pa NetFlow ndi IPFIX ndi kotani?
Yankho losavuta ndilakuti NetFlow ndi protocol ya Cisco yomwe idayambitsidwa cha m'ma 1996 ndipo IPFIX ndiye m'bale wake wovomerezeka ndi bungwe.
Ma protocol onsewa amagwira ntchito yofanana: kulola mainjiniya a ma network ndi oyang'anira kusonkhanitsa ndikuwunika momwe ma IP amayendera pa intaneti. Cisco idapanga NetFlow kuti ma switch ndi ma router ake athe kutulutsa chidziwitso chofunikira ichi. Popeza zida za Cisco zinali zotsogola, NetFlow mwachangu idasanduka muyezo wokhazikika pa kusanthula kuchuluka kwa magalimoto pa intaneti. Komabe, opikisana nawo m'makampani adazindikira kuti kugwiritsa ntchito protocol yoyendetsedwa ndi mdani wake wamkulu sikunali lingaliro labwino ndipo chifukwa chake IETF idatsogolera kuyesa kukhazikitsa protocol yotseguka yowunikira kuchuluka kwa magalimoto, yomwe ndi IPFIX.
IPFIX imachokera pa NetFlow version 9 ndipo idayambitsidwa koyamba cha m'ma 2005 koma zidatenga zaka zingapo kuti igwiritsidwe ntchito ndi makampani. Pakadali pano, ma protocol awiriwa ndi ofanana ndipo ngakhale kuti mawu akuti NetFlow akadali ofala kwambiri, machitidwe ambiri (ngakhale si onse) amagwirizana ndi muyezo wa IPFIX.
Nayi tebulo lomwe likufotokoza mwachidule kusiyana pakati pa NetFlow ndi IPFIX:
| Mbali | NetFlow | IPFIX |
|---|---|---|
| Chiyambi | Ukadaulo wa eni ake wopangidwa ndi Cisco | Ndondomeko yokhazikika yamakampani yochokera pa NetFlow Version 9 |
| Kukhazikika | Ukadaulo wokhudzana ndi Cisco | Muyezo wotseguka womwe umafotokozedwa ndi IETF mu RFC 7011 |
| Kusinthasintha | Mabaibulo osinthika okhala ndi mawonekedwe enaake | Kusinthasintha kwakukulu ndi kugwirira ntchito limodzi pakati pa ogulitsa |
| Mtundu wa Deta | Mapaketi a kukula kokhazikika | Njira yogwiritsira ntchito template yamitundu yosiyanasiyana ya zolemba zoyendera |
| Thandizo la Chikhomo | Sizikuthandizidwa | Ma tempuleti amphamvu ophatikizira magawo osinthasintha |
| Thandizo la Ogulitsa | Makamaka zipangizo za Cisco | Thandizo lalikulu pakati pa ogulitsa maukonde |
| Kukulitsa | Kusintha pang'ono | Kuphatikizidwa kwa minda yopangidwira ndi deta yeniyeni ya mapulogalamu |
| Kusiyana kwa Ma Protocol | Zosiyanasiyana za Cisco | Thandizo la IPv6 lachilengedwe, njira zowonjezera zosungiramo zinthu |
| Zinthu Zachitetezo | Chitetezo chochepa | Kubisa kwa Transport Layer Security (TLS), kukhulupirika kwa uthenga |
Kuwunika Mayendedwe a Netiwekindi kusonkhanitsa, kusanthula, ndi kuyang'anira magalimoto omwe akudutsa mu netiweki inayake kapena gawo la netiweki. Zolinga zake zitha kusiyana kuyambira kuthetsa mavuto okhudzana ndi kulumikizana mpaka kukonzekera kugawa kwa bandwidth mtsogolo. Kuwunika kayendedwe ka intaneti ndi kusanthula mapaketi kungakhale kothandiza pozindikira ndikukonza mavuto achitetezo.
Kuwunika momwe zinthu zilili kumapatsa magulu olumikizana ndi intaneti lingaliro labwino la momwe netiweki ikugwirira ntchito, kupereka chidziwitso pa kagwiritsidwe ntchito konse, kagwiritsidwe ntchito ka mapulogalamu, zopinga zomwe zingachitike, zolakwika zomwe zingasonyeze kuwopseza chitetezo, ndi zina zambiri. Pali miyezo ndi mawonekedwe osiyanasiyana omwe amagwiritsidwa ntchito powunika momwe zinthu zilili pa netiweki, kuphatikiza NetFlow, sFlow, ndi Internet Protocol Flow Information Export (IPFIX). Iliyonse imagwira ntchito mosiyana pang'ono, koma zonse ndizosiyana ndi kuwunika kwa ma port ndi kuyang'anira mapaketi mozama chifukwa sizigwira zomwe zili mu paketi iliyonse yomwe imadutsa pa doko kapena kudzera mu switch. Komabe, kuyang'anira momwe zinthu zilili kumapereka zambiri kuposa SNMP, zomwe nthawi zambiri zimakhala ndi ziwerengero zazikulu monga kugwiritsa ntchito paketi yonse ndi bandwidth.
Kuyerekeza Zida Zoyendera pa Network
| Mbali | NetFlow v5 | NetFlow v9 | sFlow | IPFIX |
| Yotseguka kapena Yaumwini | Zaumwini | Zaumwini | Tsegulani | Tsegulani |
| Kutengera Zitsanzo kapena Kuyenda | Kutengera Kwambiri; Njira Yosankhidwa ikupezeka | Kutengera Kwambiri; Njira Yosankhidwa ikupezeka | Zitsanzo | Kutengera Kwambiri; Njira Yosankhidwa ikupezeka |
| Chidziwitso Chogwidwa | Zambiri za metadata ndi ziwerengero, kuphatikizapo ma byte omwe adasamutsidwa, zowerengera mawonekedwe ndi zina zotero | Zambiri za metadata ndi ziwerengero, kuphatikizapo ma byte omwe adasamutsidwa, zowerengera mawonekedwe ndi zina zotero | Ma Packet Headers Athunthu, Malipiro a Paketi Pang'ono | Zambiri za metadata ndi ziwerengero, kuphatikizapo ma byte omwe adasamutsidwa, zowerengera mawonekedwe ndi zina zotero |
| Kuwunika Kulowa/Kutuluka | Kulowa Kokha | Kulowa ndi Kutuluka | Kulowa ndi Kutuluka | Kulowa ndi Kutuluka |
| Thandizo la IPv6/VLAN/MPLS | No | Inde | Inde | Inde |
Nthawi yotumizira: Marichi-18-2024
