Chipangizo chodziwira za Kulowerera (IDS) chikayikidwa, doko lowonetsera pa switch yomwe ili pakati pa chidziwitso cha anzawo sikokwanira (mwachitsanzo, doko limodzi lokha lowonetsera limaloledwa, ndipo doko lowonetsera lili ndi zida zina).
Pakadali pano, ngati sitikuwonjezera ma mirroring ports ambiri, tingagwiritse ntchito netiweki replication, aggregation ndi forwarding device kuti tigawire deta yofanana ya mirroring ku chipangizo chathu.
Kodi Network TAP ndi chiyani?
Mwina munayamba mwamva dzina lakuti TAP switch. TAP (Terminal Access Point), yomwe imadziwikanso kuti NPB (Network Packet Broker), kapena Tap Aggregator?
Ntchito yaikulu ya TAP ndikukhazikitsa pakati pa doko lowonetsera pa netiweki yopanga ndi gulu la zida zowunikira. TAP imasonkhanitsa magalimoto ojambulidwa kapena olekanitsidwa kuchokera ku chipangizo chimodzi kapena zingapo zopangira netiweki ndikugawa magalimotowo ku chipangizo chimodzi kapena zingapo zowunikira deta.
Zochitika za Common Network TAP network deployment
Network Tap ili ndi zilembo zodziwika bwino, monga:
Zipangizo Zodziyimira Payokha
TAP ndi chipangizo china chomwe sichikhudza katundu pa zipangizo zomwe zilipo kale, chomwe ndi chimodzi mwa ubwino wake poyerekeza ndi ma port mirroring.
Sinthani?
Kugwira pa intaneti?
Netiweki Yowonekera
TAP ikalumikizidwa ku netiweki, zipangizo zina zonse pa netiweki sizimakhudzidwa. Kwa iwo, TAP imakhala yowonekera bwino ngati mpweya, ndipo zipangizo zowunikira zomwe zalumikizidwa ku TAP zimakhala zowonekera bwino pa netiweki yonse.
TAP ili ngati Port Mirroring pa switch. Ndiye bwanji kuyika TAP yosiyana? Tiyeni tiwone kusiyana pakati pa Network TAP ndi Network Port Mirroring.
Kusiyana 1: Network TAP ndi yosavuta kuyikonza kuposa kuwonetsera ma port
Kujambula zithunzi za ma port kuyenera kukonzedwa pa switch. Ngati kuyang'anira kukufunika kusinthidwa, switch iyenera kukonzedwanso ONSE. Komabe, TAP imangofunika kusinthidwa pomwe yapempha, zomwe sizikhudza zida zomwe zilipo pa netiweki.
Kusiyana 2: Network TAP siikhudza momwe netiweki imagwirira ntchito poyerekeza ndi ma port mirroring
Kujambula ma doko pa switch kumawononga magwiridwe antchito a switch ndikukhudza kuthekera kwa switch. Makamaka, ngati switch yalumikizidwa ku netiweki motsatizana ngati inline, mphamvu yotumizira maukonde onse imakhudzidwa kwambiri. TAP ndi hardware yodziyimira payokha ndipo siyimasokoneza magwiridwe antchito a chipangizocho chifukwa cha kuwunika kwa magalimoto. Chifukwa chake, sichikhudza katundu wa zida zomwe zilipo pa netiweki, zomwe zili ndi ubwino waukulu kuposa kuwunika ma doko.
Kusiyana 3: Network TAP imapereka njira yokwanira yoyendera anthu kuposa kubwerezabwereza kwa ma port mirroring
Kujambula ma port mirroring sikungatsimikizire kuti magalimoto onse angapezeke chifukwa switch port yokha idzasefa ma error packets ena kapena ma packets ang'onoang'ono kwambiri. Komabe, TAP imatsimikizira kukhulupirika kwa deta chifukwa ndi "replication" yonse pa physical layer.
Kusiyana 4Kuchedwa kwa kutumiza kwa TAP ndi kochepa kuposa kwa Port Mirroring
Pa ma switch ena otsika mtengo, ma port mirroring angabweretse latency pokopera magalimoto kupita kuma mirroring ports, komanso pokopera ma 10/100m kupita kuma doko a Giga Ethernet.
Ngakhale izi zalembedwa kwambiri, tikukhulupirira kuti kusanthula kwachiwiri komalizaku kulibe chithandizo champhamvu chaukadaulo.
Ndiye, kodi ndi pazochitika ziti zomwe tiyenera kugwiritsa ntchito TAP pogawa kuchuluka kwa anthu omwe ali pa netiweki? Mwachidule, ngati muli ndi zofunikira izi, ndiye kuti Network TAP ndiye chisankho chanu chabwino kwambiri.
Ukadaulo wa Network TAP
Mvetserani zomwe zili pamwambapa, muone kuti TAP network shunt ndi chipangizo chamatsenga, chomwe chimagwiritsidwa ntchito kwambiri pamsika wamakono wa TAP shunt pogwiritsa ntchito kapangidwe kake ka magulu atatu:
FPGA
- Kuchita bwino kwambiri
- Zovuta kupanga
- Mtengo wokwera
MIPS
- Yosinthasintha komanso yosavuta
- Kuvuta pang'ono pakukula
- Ogulitsa akuluakulu RMI ndi Cavium adasiya kupanga ndipo adalephera pambuyo pake
ASIC
- Kuchita bwino kwambiri
- Kukula kwa ntchito yokulitsa n'kovuta, makamaka chifukwa cha zofooka za chip yokha
- Mawonekedwe ndi zofunikira zake zimachepetsedwa ndi chip yokha, zomwe zimapangitsa kuti ntchito yokulitsa ikhale yoipa.
Chifukwa chake, Network TAP yothamanga kwambiri komanso yothamanga kwambiri yomwe imapezeka pamsika ili ndi malo ambiri oti isinthe kusinthasintha kwa kugwiritsa ntchito. Ma shunter a TAP amagwiritsidwa ntchito posintha ma protocol, kusonkhanitsa deta, shunting deta, mirroring data, ndi kusefa magalimoto. Mitundu yayikulu ya madoko ndi 100G, 40G, 10G, 2.5G POS, GE, ndi zina zotero. Chifukwa cha kuchotsedwa pang'onopang'ono kwa zinthu za SDH, ma shunter a Network TAP omwe alipo pano amagwiritsidwa ntchito kwambiri mu netiweki yonse ya Ethernet.
Nthawi yotumizira: Meyi-25-2022
